Accepted python-django 3:4.2.24-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted python-django 3:4.2.24-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 03 Sep 2025 15:51:14 +0000
Message-id: <[🔎] E1utplS-003JIo-28@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Sep 2025 08:28:19 -0700
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 3:4.2.24-1
Distribution: unstable
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1113865
Changes:
 python-django (3:4.2.24-1) unstable; urgency=high
 .
   * New upstream security release:
 .
     - CVE-2025-57833: Potential SQL injection in FilteredRelation column
       aliases. The FilteredRelation feature in Django was subject to a
       potential SQL injection vulnerability in column aliases that was
       exploitable via suitably crafted dictionary with dictionary expansion as
       the **kwargs passed QuerySet.annotate() or QuerySet.alias().
       (Closes: #1113865)
 .
     <https://www.djangoproject.com/weblog/2025/sep/03/security-releases/>
Checksums-Sha1:
 2a06701c0d9224da663c6e0f14aa270ad520cd93 2792 python-django_4.2.24-1.dsc
 f43cdbf9274935cde2a630cd447e93a94fb3e3f3 10452798 python-django_4.2.24.orig.tar.gz
 a46400b28e2e73439a6466d5476403ba8d279a36 34108 python-django_4.2.24-1.debian.tar.xz
 035bd145add7428a15a71406810d469207ccb6d5 8056 python-django_4.2.24-1_amd64.buildinfo
Checksums-Sha256:
 e68e1b3d96276aaea7c738a7d2dc2f35062c93b21e01fdcf9e3f70deb0b35581 2792 python-django_4.2.24-1.dsc
 40cd7d3f53bc6cd1902eadce23c337e97200888df41e4a73b42d682f23e71d80 10452798 python-django_4.2.24.orig.tar.gz
 9012aa426ae27bc10e1953f75dfb2b7aef548ad616c4887ade35ed9d5a30f927 34108 python-django_4.2.24-1.debian.tar.xz
 b82b8f991ed554544ae01e543b5cdc78d8ce1f91a8d04ede9292df1caed3b4cc 8056 python-django_4.2.24-1_amd64.buildinfo
Files:
 0b95b3a45d6ffef747e6dfc8846dcae3 2792 python optional python-django_4.2.24-1.dsc
 ec583b38346957b87ac7d8b0d917e1f4 10452798 python optional python-django_4.2.24.orig.tar.gz
 443610bb146e6c18a203edd0c698a287 34108 python optional python-django_4.2.24-1.debian.tar.xz
 96b8252de717b519df271057cd9db621 8056 python optional python-django_4.2.24-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmi4YDYACgkQHpU+J9Qx
Hlja/Q/+NgwapHLT94TYFK1MHQCuzKHlK55brf37Aze7fvzzTmwoSXJR5l91fEc/
OfCVV1g5EKSGRjILfd/iRNVKBVFkorVD1kDVADNIQge6m/VCL3eupnJ049sw2ItL
KRHLsURm5tMv7W1f8G2AvUKyjonMUnwhAG31YTOUs6mf/btYSzGKd+jrk2WZAf3N
He7BUmTIvzgRsNBtqQ5jfk7yZl6ZUjsYF/U/HKNFlADOH0qmBxbu9Qo77pqtSZEr
zrkTSU0WVSbV+cXkXMHpVZYZTa8jX4BsGfN4JWgJNf7AaCLJaq6RGPRqoPs21apg
Qd7HSa1uivOzbIATshQ9nHP+968pcZ65hrrdJ3WTpo0iAKzgs50OmycIQ1R0Vdgm
U/UKGZMmyVkIfGLlUe092SEgq1fxrhmB5YEMiRaAyBTaKaASWJ5/vtOLu+zsE54q
7qcT2+cbB7sZcFMIGSTQMcgyS+rDiI/Us0srtTSi49QRqzoHAZ8+Fwp0v69+HlB6
toIvGTC1Q1EGjhJPNrtb0Vm4SoxWwVG7ethF1+NpCg0KkNp6zQPVsG+3/Z1WAW5x
riEIdi6Qa1r+7ecMzNY5CNEeIOR9lVxzjMfL2OX4VQJ6YmVH6xcHmuPx2IefbHFr
7+q1DOcLYDk5w8kN/6oVTnBxZczgNpAQcYn2Ln6WArwKvvSTOsM=
=DKrF
-----END PGP SIGNATURE-----

Attachment: pgpfw5JxXNqa6.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted zbackup 1.5-3 (source) into unstable
Next by Date: Accepted cmst 2023.03.14-3 (source) into unstable
Previous by thread: Accepted zbackup 1.5-3 (source) into unstable
Next by thread: Accepted cmst 2023.03.14-3 (source) into unstable
Index(es):
- Date
- Thread