Accepted python-django 1:1.10.7-2+deb9u13 (source all) into oldstable

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted python-django 1:1.10.7-2+deb9u13 (source all) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 06 May 2021 09:40:14 +0000
Message-id: <[🔎] E1leaUQ-0007Lt-5M@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 06 May 2021 10:17:00 +0100
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Built-For-Profiles: nocheck
Architecture: source all
Version: 1:1.10.7-2+deb9u13
Distribution: stretch-security
Urgency: high
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 988053
Changes:
 python-django (1:1.10.7-2+deb9u13) stretch-security; urgency=high
 .
   * CVE-2021-31542: Fix a potential directory-traversal vulnerability that
     could have been exploited by uploaded files. The MultiPartParser,
     UploadedFile and FieldFile classes allowed directory-traversal via uploaded
     files with suitably crafted file names. In order to mitigate this risk,
     stricter basename and path sanitation is now applied. Specifically, empty
     file names and paths with dot segments are rejected. (Closes: #988053)
Checksums-Sha1:
 6230266634781d523fff939cf512789c8627b389 2824 python-django_1.10.7-2+deb9u13.dsc
 a903fab661416a095321c472c2af907dfb6d5943 53692 python-django_1.10.7-2+deb9u13.debian.tar.xz
 9676986f0c74d0fe36b280793d8c1537ff07949b 1516158 python-django-common_1.10.7-2+deb9u13_all.deb
 760bbbd37c727b83b810cd7f700fe92e9d1f9923 2537500 python-django-doc_1.10.7-2+deb9u13_all.deb
 bf97d228cb7fbb24087e3c25c3d683e4305d15fb 906684 python-django_1.10.7-2+deb9u13_all.deb
 f0fdaa7d3b7eeeed548192e90b9530c7422e4127 9510 python-django_1.10.7-2+deb9u13_amd64.buildinfo
 02b29ea05b6e93b3cdeacec66fc665f647f9afe1 888202 python3-django_1.10.7-2+deb9u13_all.deb
Checksums-Sha256:
 b8de6f47e6729a5cbee2b97284d2a252caa8893818e9e730d25f52763a62ae8c 2824 python-django_1.10.7-2+deb9u13.dsc
 ab0d86865aaa41c0d1fcb9001281839e3a5bc1f86c0e1449cfe217edd60f848c 53692 python-django_1.10.7-2+deb9u13.debian.tar.xz
 41a1237dcd7b0246701ac2cf169c640e4e246b96f27bc56c5a7a32f0c0e62d5b 1516158 python-django-common_1.10.7-2+deb9u13_all.deb
 fe7a1aaffbd15442e001ca235106c71f9dc04276eb0913ad0f2df4cf402f7824 2537500 python-django-doc_1.10.7-2+deb9u13_all.deb
 9bfb16ead0cf280ce0c9ecc273510831cfc2076967d0fce95b06e0eab0aa8d00 906684 python-django_1.10.7-2+deb9u13_all.deb
 00e535e60568956f8a8c303199f839e44b278b8eecedfb4bbab83c30ca0bb744 9510 python-django_1.10.7-2+deb9u13_amd64.buildinfo
 3c0090a5d444661a5f75c7de60eaec466c95524badabec2faa4a5c4e7da211b2 888202 python3-django_1.10.7-2+deb9u13_all.deb
Files:
 2e175903b7e9608d6c610fcb49f376f8 2824 python optional python-django_1.10.7-2+deb9u13.dsc
 4559588f11dc5d366449f93add4e1068 53692 python optional python-django_1.10.7-2+deb9u13.debian.tar.xz
 bd5c585481f911ee743973bf79d61d66 1516158 python optional python-django-common_1.10.7-2+deb9u13_all.deb
 c1a7bd5adad96433540f1bdcadefd56c 2537500 doc optional python-django-doc_1.10.7-2+deb9u13_all.deb
 e9a7b62f509d5d7b9873bab21ed8c7e4 906684 python optional python-django_1.10.7-2+deb9u13_all.deb
 bd368295308e9027c734d7430a1d508f 9510 python optional python-django_1.10.7-2+deb9u13_amd64.buildinfo
 d8c027af596646c4206f5aadc4e26742 888202 python optional python3-django_1.10.7-2+deb9u13_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmCTt3MACgkQHpU+J9Qx
HljWUA//edpNPjNsGOQD2XZag6zwz7HCXv5zlzWcEqExTXNT24t1cwc3tZsQXlBy
rIeQO0bYZSYOAT7+8vtKK/s1GIKEamryc5RdEZokuOe/G/x1sNuTcvb7pW3qtHq+
P/ZZ07+Nr/nHJYYSormWMONVtgh5kXSYgFEj9b0QMpV0cbiN48Hj6poumjrHf/OZ
xIdBssxKPIHSTjYuvIkxq0rZVBSpMzCpBH8BJp6DQYjZ2odhi9O6XEKVUwdrboU+
yp+M++to7d1r19xTe8l50eWq85n7b0i0FO1AlzGaPX2VMmVovwX8L2WQNoGO3L5a
5mMNUyouQlybOmnjG6zSs/pCmgJLyG8JyJk40VNmERguP8UC7p5VheormGYIvxrv
HtByu0mB4zy4wV/90vpeBvOEt3QAG2viJX8y9Mx5VP7YqcNQHeWqmOrtlf2iNJNF
eC/kIiRUyGxtDJe9EVnxwb/blE7wmBZ+R0n2RJ4pyIOnIzUmhlDSYb9f1fYEGbwr
2xov0spdssqonoul8p4OmU4xEhQNh6Iyo7IeeKxBSAyDYJsvox3ZCI0OgYvNS9rJ
PjKsimmBTe0mDUvBU1dz6q0YlwB8YVCjs7J+idraiQHCPYAJ/SuIyFLT1kAuUYkB
T0fp1jCGhfHkdELiuKuc7s0kJS2Mc9fZcoaG3t9almMOACl2QdY=
=Hznt
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted exim4 4.89-2+deb9u8 (source amd64 all) into oldstable
Next by Date: Accepted mediawiki 1:1.27.7-1~deb9u9 (source) into oldstable
Previous by thread: Accepted exim4 4.89-2+deb9u8 (source amd64 all) into oldstable
Next by thread: Accepted mediawiki 1:1.27.7-1~deb9u9 (source) into oldstable
Index(es):
- Date
- Thread