Accepted python-django 3:3.2.18-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted python-django 3:3.2.18-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 14 Feb 2023 17:50:53 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: python-django_3.2.18-1_amd64.changes
- Debian-source: python-django
- Debian-suite: unstable
- Debian-version: 3:3.2.18-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=LhHvJ0UNwnIIda1A32oN89bM9IL/aNp/Q5k1zjH5R9s=; b=nEDbhT00Szq0YvA3GZTzZDvjQW PjPZHSXJGsTX41r0XFSqi/rNjSbBmJUvfJuBmQfwW1rxZRKKiSFzndSEnLuC4a+EUHCVGpm3MzbbM DAne6rleyEEPXN9fGhko9F365A+yZ/MdrSLW3lKPD1Va17NqcQ9v9NF8qCZ+DBNTJnpDDf6oyUWI7 lOoTKJlqVajSbGDVsCq3+n8H+lYvNefwghSfIW238yFkIxt14zoIl9CrHBiTthV3OAB0iLF9rAdO7 t0DPFlfzfw9kToGRmDrIzTf/J9WbCz91EUrNabHzJRUvV5ebUdaDHJQc65yGePCyJ4G0yFZqzeOXQ sTu1fvnw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pRzS9-005JZI-R3@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 14 Feb 2023 09:12:57 -0800
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 3:3.2.18-1
Distribution: unstable
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1031290
Changes:
python-django (3:3.2.18-1) unstable; urgency=high
.
* New upstream security release:
.
- CVE-2023-24580: Potential denial-of-service vulnerability in file uploads
.
Passing certain inputs to multipart forms could result in too many open
files or memory exhaustion, and provided a potential vector for a
denial-of-service attack.
.
The number of files parts parsed is now limited via the new
DATA_UPLOAD_MAX_NUMBER_FILES setting.
.
Thanks to Jakob Ackermann for the report. (Closes: #1031290)
Checksums-Sha1:
698d15a21d198aa340fefd2ec158dbb0d17126d5 2807 python-django_3.2.18-1.dsc
27010f09a149773fe9d19b6ee69c597a428fadc8 9848949 python-django_3.2.18.orig.tar.gz
9573bf6b748250469c6fd702dcabae574734fe6b 37760 python-django_3.2.18-1.debian.tar.xz
d794cd315ceeb8c2046109134695721dd6940594 7905 python-django_3.2.18-1_amd64.buildinfo
Checksums-Sha256:
9f1680ee17b33372ac8b399dd68859f54b96ed8545cb899d0cacc5a57de491f1 2807 python-django_3.2.18-1.dsc
08208dfe892eb64fff073ca743b3b952311104f939e7f6dae954fe72dcc533ba 9848949 python-django_3.2.18.orig.tar.gz
003420cd5c9f886e9bc2bf6675588e10023612f570ba74a6bba44ecc78a365ab 37760 python-django_3.2.18-1.debian.tar.xz
d5973ee8402bde6ca76f953c1290f60569536503154ed5732a449d54bb5c65cd 7905 python-django_3.2.18-1_amd64.buildinfo
Files:
c13581162bcd79ba9ff521b6a9dc5302 2807 python optional python-django_3.2.18-1.dsc
03831fdb086d0efb7ba0b4e1c521427e 9848949 python optional python-django_3.2.18.orig.tar.gz
c1f320d1824e8a58d06babfc4a4eab20 37760 python optional python-django_3.2.18-1.debian.tar.xz
a688889a8880f5d0510221817c178537 7905 python optional python-django_3.2.18-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmPrwsIACgkQHpU+J9Qx
Hli0NxAAiHVkfBVXaz4hPKYq0McDwn5pX3/Fu5Ehtp/Aaa9Jh0rZeL0fStrq8EvT
ktGwx79qif1/m+OCqA5ktJPt0cSE6+hOLnX1hrl8Zs0lxDH5FsBdXgigund5jS0/
Te3VaqRMFTTaWU7pduGE4yCadiEeEohYM2G85p3uxmiihx8pJiD8v30kE5VmMClB
LA14FVNFLRrWCGP6wr3epCgWSx03mTej+gcyggFOAuUY6e9nlHwNt7DmUnQzqBvt
U7l+Dz8gA4cWLh4A+SO8XhxZD6uc+eknUhT8Wxjaadj/bUi4IVz9WaPbP4RI5BSW
IFhpSgO7XjxjCeiqk8DFLnVsoAfJbOxWkSCEgLpuDzlIbCzc0OiNHSJtD+21XYpA
Fykj/g93kAIjZTb4v+y/NbzFVT87kAgypcmTIgEn1QJFjQdYZAQQFAEPjkY4nl81
YP7jDVzZH6wwCzwsLXbVvijU4VwkiJKdeummBxw6aV/YAgUZoEBkGQyMBVq+WIEe
1RRyteWq1NKmtAhqkhfUEggPIXCkx1Txt3grrwrwYF7eiG+wFKVy1zQm3fPYB5lJ
g3ybzfKyWfe2+ESqjFKyI5mrI38tiCyfFpEEjn9HaGLBCOjsbZVstOzW4+GSN4yw
U9BIvNl7vbOI7GIl78OQe7IjzFUH/EoPuy/f1Z7RvHVMAeICbvc=
=6R/Q
-----END PGP SIGNATURE-----