Accepted python-django 3:3.2.17-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted python-django 3:3.2.17-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 01 Feb 2023 16:21:19 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: python-django_3.2.17-1_amd64.changes
- Debian-source: python-django
- Debian-suite: unstable
- Debian-version: 3:3.2.17-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=Q5J6Qz+dHqwUDoCjWGDbhwiVmlQnyTsnkBOx/buwH5g=; b=is8/ylnHnpeUu5IBNjjsja5Nlp 0houvbiLDuCewwP7NgNzY/Y0o/OROdjSF91hsqAhZvE3QWmtExZp/0aGvDihCiFadK8ypQZgnCCG3 iqtv4fEit4kOHhe1cHMsY2T1nCs0LqYQq9rjH9l9jPdcMm2txuzjmoBFTZepYqSL5TIfGwAA0kTTy k3ow5wYTihhKuiu2PY4OTX8MQxoBb41f5Q+CLV5pUyLXsc2DCMlBYZqMIYxr+nVhzA/72UVyFFwXK paJzFYANF6xEHtJAgYFeWUbdYRkzIGrO+2VexJIAtKdAP9DDXP2E9NpG5vK9sXQvzs4/EV/WuFtzN CyAK6KYw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pNFrL-007wkD-CK@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 01 Feb 2023 08:01:01 -0800
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 3:3.2.17-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1030251
Changes:
python-django (3:3.2.17-1) unstable; urgency=medium
.
* New security upstream release.
<https://www.djangoproject.com/weblog/2023/feb/01/security-releases/>
.
- CVE-2023-23969: Potential denial-of-service via Accept-Language headers
.
The parsed values of Accept-Language headers are cached in order to avoid
repetitive parsing. This leads to a potential denial-of-service vector
via excessive memory usage if large header values are sent.
.
In order to avoid this vulnerability, the Accept-Language header is now
parsed up to a maximum length. (Closes: #1030251)
.
* Drop 0010-Fixed-inspectdb.tests.InspectDBTestCase.test_custom_.patch;
applied upstream.
* Refresh all patches.
Checksums-Sha1:
739c26799224c7e0f5c81271aa9ac9440ba9e75a 2807 python-django_3.2.17-1.dsc
41fbde88d69f8f4e2daa9c8edc64864d7a42e5c4 9830188 python-django_3.2.17.orig.tar.gz
c6305d24b4b8a271a3f4b99a43bab30aeea47a3b 37648 python-django_3.2.17-1.debian.tar.xz
d175a5be405595f0869f54e63e7e55bb66bfe621 7937 python-django_3.2.17-1_amd64.buildinfo
Checksums-Sha256:
26caea9753ba9a01a43b14b31ecb655940e3c2bf691dc0e351a0d7149b868482 2807 python-django_3.2.17-1.dsc
644288341f06ebe4938eec6801b6bd59a6534a78e4aedde2a153075d11143894 9830188 python-django_3.2.17.orig.tar.gz
b38875467b7216b323f464b0f116b32342c1c42c9051d13e1852add245c6164d 37648 python-django_3.2.17-1.debian.tar.xz
eda8f2d8334dd8264821b9ddab033c57a59f8ec8b59cd5c72d86a4acd445712a 7937 python-django_3.2.17-1_amd64.buildinfo
Files:
02586cd0235d549d793ba4348f38505e 2807 python optional python-django_3.2.17-1.dsc
ef4c165db99f7f6e32b62846b9f7a36e 9830188 python optional python-django_3.2.17.orig.tar.gz
aa4efe0b62f4bff27b0f8065be1a7212 37648 python optional python-django_3.2.17-1.debian.tar.xz
893a2797e6057caa5416030603e1041b 7937 python optional python-django_3.2.17-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmPajiYACgkQHpU+J9Qx
HlhqFBAAue6O+0ZqYQ2frd2gARoqkZVhJoZ2o5pE+7iEyc34jrrUWBURrKAiz/z0
NnNsr7O20evXW1gJ87EnM0Yj0Se8QlXVHqI480+ACYil/LoiPWcihzIDM4LeQO1q
tDxgvJ4jA08bwpgrJQuQApkeS4TkESsV6W2dH6b5Gq/OiddL95eeiNiwYh/9y9e6
NIp5l8poyYCkQ44gt9nR/4Dus4PzLet5gIiH5Eq7t/T5aa/GNYOvJX+elJHghh54
Qx/piEtpQjyRCF5KYQqK6RkjFuaJnEJMvkFETzDkKpELpkEG6h3KfQjP9uIdvGlt
oaF6Yt2MLZTB/7rEUHUl1xv53R+RJsny64ZmfcD4i0aP8HDrBTpistmXhVPAz3hh
FWV0odIIUSiR/ZbMGE8Opa6L9V9rHvKkq6O6dFzqhkZ6qaAnnpbRkvob8S4YhcOT
WRq0YYURS3Z0Kt+il+abz4amQX1XGUnkK1ziOM8chavMot98Lucdet9uEsM+t7Vw
n/Qzq7sfhYP3CAs8adtHchXwEFmGqHq1CTkpegcT+1MXt/689q3yhbPXGd4inscx
G0JXNEgZOjnLq/zDf1IMGpcmH9why4talRBjR8mW1jqRnlllKMebPp/HGxm3rIrg
meBfJjp/Bv/dDI4/BreCZ/LCKeidruGl0Tle/PeDJ6N6DoLwn2Q=
=xPJl
-----END PGP SIGNATURE-----