[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted sqlparse 0.4.1-1+deb11u1 (source) into oldstable-security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 21 Dec 2024 17:25:32 +0100
Source: sqlparse
Architecture: source
Version: 0.4.1-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Andrii Senkovych <andrii@senkovych.com>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 994841 1034615 1070148
Changes:
 sqlparse (0.4.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2021-32839: StripComments filter contains a regular expression
     that is vulnerable to ReDOS. (Closes: #994841)
   * Fix CVE-2023-30608: Parser contains a regular expression that is
     vulnerable to ReDOS. (Closes: #1034615)
   * Fix CVE-2024-4340: Parsing of heavily nested list leads to Denial of
     Service. (Closes: #1070148)
Checksums-Sha1:
 f6c827364445e5cefb70c12ca48b352b55d7b4d5 2494 sqlparse_0.4.1-1+deb11u1.dsc
 0f72adea0c1a0c190e014413804ab6cf8e64f383 67228 sqlparse_0.4.1.orig.tar.gz
 13d7f3569fc3fc72ce7146feb103f5892fe4452e 488 sqlparse_0.4.1.orig.tar.gz.asc
 d9f139caa179be42eec9e454d300e6d992ef78fd 9272 sqlparse_0.4.1-1+deb11u1.debian.tar.xz
 bd46fbc5550d6e55e75309e3886a97aaba279d62 8636 sqlparse_0.4.1-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 76e3b3d9f33637a982c0ccf1198670e07b9427faea8ec36e55f72cf820b0783d 2494 sqlparse_0.4.1-1+deb11u1.dsc
 0f91fd2e829c44362cbcfab3e9ae12e22badaa8a29ad5ff599f9ec109f0454e8 67228 sqlparse_0.4.1.orig.tar.gz
 195e5047555834f91e33e322e9f73e72d6c64415adc883ea828f3fbe9b918445 488 sqlparse_0.4.1.orig.tar.gz.asc
 08b742bdc25c7fb4d2b0d2cd8938cbb392859972e4337549b9fc1c15052a0fda 9272 sqlparse_0.4.1-1+deb11u1.debian.tar.xz
 cd2f9fb730c69cb77475a127db55e781979b5812137453852c014214445581b4 8636 sqlparse_0.4.1-1+deb11u1_amd64.buildinfo
Files:
 de5b50f9d6e3bdf4e7f7df5da140e1ce 2494 python optional sqlparse_0.4.1-1+deb11u1.dsc
 eebbc6b5f1033054873033e54b0c1266 67228 python optional sqlparse_0.4.1.orig.tar.gz
 d37afb1eaa0a2b493f72fcf9eab1508f 488 python optional sqlparse_0.4.1.orig.tar.gz.asc
 6e5af0580ab9ea7dd0a302423b0313a2 9272 python optional sqlparse_0.4.1-1+deb11u1.debian.tar.xz
 f8b67bd33195860ca2d9935153e6289e 8636 python optional sqlparse_0.4.1-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmdm/UkACgkQ05pJnDwh
pVJyARAAkB/BLBS4tDgiNhhguzxOuWCCBLLnHLMJQW+CX6Ra3iFHE5br0pp2yMxM
noj2Rokn4f4O2uEbMcsrFS/RmJlTZdLUThyvEDZHLQVmbDXqXldh/ZzXhh2yRQgF
mDEyzKxnusebYeiYCcqnej5XqLstFrE8hwOyeSQwfjQh2E57SdIV/qRt8dt28ncz
o1BdtjvrnBID2NZz97RVs7XCYqMOQ3EV8WpsW6spKSfQP1Te5enX0Sm2/Zqq+8Yg
KdTW5WLOmCfhiNXrGsMS8u6LWpRU51lJtzZsOEqLxgKl3Zel7fTxULaBhhoSElUo
ldlHtdmEHetxNF45/cIzP/nG6t10SH4082VFpdv3uy1t22EKUAgbSC9sLjgXN5zc
cFIDef57eY3vLxmoYq/YGCp7NKhj/2YU06MxPGcBhJcMBf6k39iO4tw1yAfzN2Lw
eS8hUAeSXcT2SMT8kUYe7k8VntrWbXWRr02i7C9acIAvXRj9/xMsiRhY0qM6t5z/
GDrLVsW6KrLBk9qud4xv3+KN13x8A+DvCXUtBxJtzp/gvkcgqEkyZEmMCzBFOqVk
kAOctabCSPrcivu1dOiwHWEmNKUGOKFonPpCU1Ai72uV8GpOCE+NBAcLyxDznMmA
zr97bx1j3jS8ElhYtNr1aia0RDfqF7wWdCaYcjVuNUG8bfunHmc=
=PN3u
-----END PGP SIGNATURE-----

Attachment: pgpNwVAwpLzhs.pgp
Description: PGP signature

Reply to: