-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 21 Aug 2024 12:08:24 +0100
Source: python-django
Binary: python-django-doc python3-django
Architecture: all
Version: 3:3.2.19-1+deb12u2
Distribution: bookworm
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Steve McIntyre <93sam@debian.org>
Description:
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework
Closes: 1076069 1078074
Changes:
 python-django (3:3.2.19-1+deb12u2) bookworm; urgency=high
 .
   * Rename CVE-2023-36053.patch to 0014-CVE-2023-36053.patch
   * Backport upstream fixes in 3:4.2.14-1:
     * Closes: #1076069
     * CVE-2024-39329: Standardize timing of verify_password() when
       checking unusable passwords.
     * CVE-2024-39330: Add extra file name validation in Storage's save
       method.
     * CVE-2024-39614: Mitigate potential DoS in
       get_supported_language_variant.
     * The patch for CVE-2024-38875 won't sensibly backport.
   * Backport upstream fixes in 3:4.2.15-1:
     * Closes: #1078074
     * CVE-2024-41989: Prevent excessive memory consumption in floatformat.
     * CVE-2024-41991: Prevente potential ReDoS in django.utils.html.urlize()
       and AdminURLFieldWidget.
     * CVE-2024-42005: Mitigate QuerySet.values() SQL injection attacks against JSON fields
       Backport and tweak the upstream fix series to fit into 3.2.
     * The patch for CVE-2024-41990 won't sensibly backport.
Checksums-Sha1:
 db40b111ec46079aa1aebd8ad4750c56d562f035 3484164 python-django-doc_3.2.19-1+deb12u2_all.deb
 e67fa9a060c2adce98dd161f30c69be5544c0c68 14223 python-django_3.2.19-1+deb12u2_all-buildd.buildinfo
 52f2e077a5f96dee510d7d547c1adb74a4571f97 2827500 python3-django_3.2.19-1+deb12u2_all.deb
Checksums-Sha256:
 d29b06949fac108d94997795735a7ce5ef7291b90685fc5820e1aab8d205a7dd 3484164 python-django-doc_3.2.19-1+deb12u2_all.deb
 906361f1409cbf8b8c5b968a9926084dedea2c8ea475e492256ec62b3e7e70db 14223 python-django_3.2.19-1+deb12u2_all-buildd.buildinfo
 2af3bf3e8ce19c9ed8f838532009ab8b8608abf199bea2cd1792fdaac51988e3 2827500 python3-django_3.2.19-1+deb12u2_all.deb
Files:
 e7d64dd376d288d657dca4719ffb7700 3484164 doc optional python-django-doc_3.2.19-1+deb12u2_all.deb
 737a34ab0f5a39987b6466f2aaf99df0 14223 python optional python-django_3.2.19-1+deb12u2_all-buildd.buildinfo
 174887ca5bf947cb39f797374ade4265 2827500 python optional python3-django_3.2.19-1+deb12u2_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmbJ/xcACgkQ4cagXJhO
TXsBYw/+IQ0QqdS/MWrGUPgIzClXAV6l0RwJ7ABUJw4buDR9VEGqAqQgskr3MNZg
h8DiitagZh+TVL33QLEVhLt4XClvTNkMObJmfD3OgsUJtnMNCh0wsbWhF7QnHCQf
1oavj0Czdm+5lBBvH2lk8wz2PHFlVqqbkNCC00QfW+552gEkwlaq/3Giy4r9ow1n
r0LhflUF9vqMnMpYsAGW5MmZxuglHagy36Iwun4FjZoc/Gldxp9qyz1jdFJ8D0IC
6U1zCKC1RMKSRBP72ZZnKMUBqQCJyZBg6OORN6nO7YVKO6SaKZsjPpr2DS7/H1yw
C/3a23inJyh8Qrormtr/paokaxi8rRcAuKI1iHtFrLr0Lys1IxLQ4k+SfoMvYguN
BNJSahpn7zRP+wB05N/owYGbQaxEHk4xZ7Rl8d1XYppWzY9A+XpW2w3WZ7jlmnem
Zplc7aNuHJTrKh+MOKfrIEeIYPrUNUI6qEjjMwWbfMNroUkL8f3Yj6MyonJKOglW
HsLXCTzT5D9+ofyX/a1mKN+vfio4VVrrTSn8COnd+I6HNzRelWr/VndYsu6nGXqR
5NqAbwpSNWVPYAw/l8OPlboTAe2I1Yw9YAO9z+zuKd2PJNU/Wdl5W+/OhOxSdnTP
Sk+T4GF3OntXpCxz+SrgA0vbOnjOvqMi0qgsKDlRWEYI6V9deFw=
=av/4
-----END PGP SIGNATURE-----