Accepted sqlalchemy 0.9.8+dfsg-0.1+deb8u1 (source all amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 18 Mar 2019 13:37:16 +0100
Source: sqlalchemy
Binary: python-sqlalchemy python-sqlalchemy-ext python-sqlalchemy-doc python3-sqlalchemy python3-sqlalchemy-ext
Architecture: source all amd64
Version: 0.9.8+dfsg-0.1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Piotr Ożarowski <piotr@debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
python-sqlalchemy - SQL toolkit and Object Relational Mapper for Python
python-sqlalchemy-doc - documentation for the SQLAlchemy Python library
python-sqlalchemy-ext - SQL toolkit and Object Relational Mapper for Python - C extension
python3-sqlalchemy - SQL toolkit and Object Relational Mapper for Python 3
python3-sqlalchemy-ext - SQL toolkit and Object Relational Mapper for Python3 - C extensio
Changes:
sqlalchemy (0.9.8+dfsg-0.1+deb8u1) jessie-security; urgency=high
.
* Non-maintainer upload by the Debian LTS Team.
* Fix CVE-2019-7164 and CVE-2019-7548: SQL injection in order_by()
and group_by(). Upstream warns that this breaks the seldom-used
text coercion feature.
Checksums-Sha1:
7af7b09c601484e2de64bdf2d3b200b7a026a685 2259 sqlalchemy_0.9.8+dfsg-0.1+deb8u1.dsc
06daf537f9de34a2fdaf60c9752568086962b8c8 4046697 sqlalchemy_0.9.8+dfsg.orig.tar.gz
dd4cc74d02361304f3751c3aa74dad6313d6803e 14880 sqlalchemy_0.9.8+dfsg-0.1+deb8u1.debian.tar.xz
406f20eec097a5895d95db03fd3830fa171eeeb8 605028 python-sqlalchemy_0.9.8+dfsg-0.1+deb8u1_all.deb
1ae3e2642d4b01006717c367bcdd631fe0bb78f4 1252150 python-sqlalchemy-doc_0.9.8+dfsg-0.1+deb8u1_all.deb
325028e61a068b6cc6cdde56b7dd6a8cacc3224c 600836 python3-sqlalchemy_0.9.8+dfsg-0.1+deb8u1_all.deb
b3d69d90f6f9d7eb4a2ea6bcd121f73d1aa15255 18878 python-sqlalchemy-ext_0.9.8+dfsg-0.1+deb8u1_amd64.deb
9e0e8dbb24e34210ea55559bf7fb207e76c15e43 19024 python3-sqlalchemy-ext_0.9.8+dfsg-0.1+deb8u1_amd64.deb
Checksums-Sha256:
e5da06049e47e8ca61e845f8de3bef2e9584059881283f22f7442c026814f8ce 2259 sqlalchemy_0.9.8+dfsg-0.1+deb8u1.dsc
0371ca90d1abadb109c73f1ac096c17f0bbff9fb43d66f3346806f6d6b9c110d 4046697 sqlalchemy_0.9.8+dfsg.orig.tar.gz
f59040e2f5bf79b5c370cae3f4c2f236513ba706731f67e32834cd620d90bdc5 14880 sqlalchemy_0.9.8+dfsg-0.1+deb8u1.debian.tar.xz
2fecf43ffe517fd9be4b66c745e4dfa98cea4dc7b62cfcd9c7385d58461dd6ed 605028 python-sqlalchemy_0.9.8+dfsg-0.1+deb8u1_all.deb
2287e0f736e1bdbf266e7d0419fc3e690e06ec171471831b48d05264e479bc6f 1252150 python-sqlalchemy-doc_0.9.8+dfsg-0.1+deb8u1_all.deb
5b30d4f84f0b9ef952c5a0121e33d355e32c3b524987ff2894749f77c3b05ea5 600836 python3-sqlalchemy_0.9.8+dfsg-0.1+deb8u1_all.deb
b58bb8085db43332b4f6d8a3f413264117d48bb0110a6b7b46aeb030e0ad6b99 18878 python-sqlalchemy-ext_0.9.8+dfsg-0.1+deb8u1_amd64.deb
70c5ed7d383f40727516a4fe879c6ece027516380b1b2e635e8038e30898e03a 19024 python3-sqlalchemy-ext_0.9.8+dfsg-0.1+deb8u1_amd64.deb
Files:
f7a4ca0046cb16b67d9d11ecaf76e0ac 2259 python optional sqlalchemy_0.9.8+dfsg-0.1+deb8u1.dsc
9064e03b4ec453ef7f181b8bf7ddaa9c 4046697 python optional sqlalchemy_0.9.8+dfsg.orig.tar.gz
03422aff739ffc9312d12672b325401b 14880 python optional sqlalchemy_0.9.8+dfsg-0.1+deb8u1.debian.tar.xz
fe63296bd572d5a4aded8e760b26b866 605028 python optional python-sqlalchemy_0.9.8+dfsg-0.1+deb8u1_all.deb
c287764d65d83b9e52736d5a593cfbe2 1252150 doc extra python-sqlalchemy-doc_0.9.8+dfsg-0.1+deb8u1_all.deb
6eb8662bcdadb0d6594d3c0bed49f596 600836 python optional python3-sqlalchemy_0.9.8+dfsg-0.1+deb8u1_all.deb
d245257b24621d703f31d00c117b0057 18878 python optional python-sqlalchemy-ext_0.9.8+dfsg-0.1+deb8u1_amd64.deb
6516f1d09bb2a957af334575315e5765 19024 python optional python3-sqlalchemy-ext_0.9.8+dfsg-0.1+deb8u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAlyPl/cACgkQj/HLbo2J
BZ8RwQf9EzfO8c39QD4VtZnSykgh6fzgQ3T2tiq5SFL4RW3J8N3wl4RGzQbNOyLL
o38MLN9uogvaZVvmTBxgDf+lB7uf48o+xYwuNAspSn8gxcmCY2TfKBtmKf99Y0YP
oHrCMpy3eai+fCQEy/N2Rvhm92aQqXZhVBkW/kuJVgyiPOZAp9OGxNqUUmN8iUd0
iLjF6qZiO7QFwxgMgAE7glWiOsaomsXtRtVQwuqRlTcPPToPS8jekL7k/kUl315P
OT1nu7uqc8P1GVlCpucEV3lfM77lc9ee4q/te3tQMpsRGbmVnegKwMm7L45jaVNC
GrIKxazVKASL9gj/SsTgTIZEwJCxqg==
=sBX6
-----END PGP SIGNATURE-----