Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted python-django 1:1.10.7-2+deb9u10 (source all) into oldstable
Date: Tue, 02 Feb 2021 11:31:21 +0000
Signed by: Chris Lamb <lamby@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 01 Feb 2021 18:15:23 +0000
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source all
Version: 1:1.10.7-2+deb9u10
Distribution: stretch-security
Urgency: high
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 981562
Changes:
 python-django (1:1.10.7-2+deb9u10) stretch-security; urgency=high
 .
   * CVE-2021-3281: Fix a potential directory-traversal via archive.extract().
 .
     The django.utils.archive.extract() function, used by startapp --template
     and startproject --template, allowed directory-traversal via an archive
     with absolute paths or relative paths with dot segments.
 .
     <https://www.djangoproject.com/weblog/2021/feb/01/security-releases/>
 .
     (Closes: #981562)
Checksums-Sha1:
 a6e826169f348dfe3ca7e6d11e81abfde32098f6 2808 python-django_1.10.7-2+deb9u10.dsc
 5edd13a642460c33cdaf8e8166eccf6b2a2555df 7737654 python-django_1.10.7.orig.tar.gz
 79f6bbdd0e7f4170dc8f8096ae7b349390e34d4b 46952 python-django_1.10.7-2+deb9u10.debian.tar.xz
 61e08787fcd04658dadfe040f3f9ba3c18ab9a76 1516590 python-django-common_1.10.7-2+deb9u10_all.deb
 2cc294cea95155373975fea42c53f9aca4786da6 2537128 python-django-doc_1.10.7-2+deb9u10_all.deb
 fae4f972ef0551bb9e05552be62d0422ef2ecf06 906592 python-django_1.10.7-2+deb9u10_all.deb
 0b644f060b1a0705d92bc84e6f19509b34c4980b 9430 python-django_1.10.7-2+deb9u10_amd64.buildinfo
 1bf2da532ee613c7f107fd41e332501e334f9e61 888132 python3-django_1.10.7-2+deb9u10_all.deb
Checksums-Sha256:
 24022f4a7a7e693ba2d0e4ee54a2ec1c083d37aba854df001af1c2acb9c63f97 2808 python-django_1.10.7-2+deb9u10.dsc
 593d779dbc2350a245c4f76d26bdcad58a39895e87304fe6d725bbdf84b5b0b8 7737654 python-django_1.10.7.orig.tar.gz
 4340fae1bb08ed746b452766ed14141d26f7944b387d3454187220ac354fd11e 46952 python-django_1.10.7-2+deb9u10.debian.tar.xz
 2207517dc9d70dcbbead0fca4d44f953f973a9f988ba6eea61579f3ab3c9685f 1516590 python-django-common_1.10.7-2+deb9u10_all.deb
 dc7553b0de40d2cfaf857dc6fdac009506eaabb355f090c7d54fb0d1bf3a3d7d 2537128 python-django-doc_1.10.7-2+deb9u10_all.deb
 67f5c1d9787f7c15c64b509ff213b3d553adb70597aa2e10391c1adbee81e00e 906592 python-django_1.10.7-2+deb9u10_all.deb
 0d497ae54db9f2980a26caf18ba40d5228f4a8cd8b5763b0a6b534776a7c0268 9430 python-django_1.10.7-2+deb9u10_amd64.buildinfo
 2f7c1d72f9600600b5a58a8466d6fe50ba546747e7c29b1252f1e3215889b9db 888132 python3-django_1.10.7-2+deb9u10_all.deb
Files:
 cd63753adb9bd478770578132ca9dd0f 2808 python optional python-django_1.10.7-2+deb9u10.dsc
 693dfeabad62c561cb205900d32c2a98 7737654 python optional python-django_1.10.7.orig.tar.gz
 8dfcedd369efc415b5796f6507acb167 46952 python optional python-django_1.10.7-2+deb9u10.debian.tar.xz
 0ee8485e316ffeb66525e4f9951bc44d 1516590 python optional python-django-common_1.10.7-2+deb9u10_all.deb
 7b31dd6fe7eb3244c361fc79e0825f82 2537128 doc optional python-django-doc_1.10.7-2+deb9u10_all.deb
 ab347ca938d7e02fc907a0598b8b1b8a 906592 python optional python-django_1.10.7-2+deb9u10_all.deb
 dcb53931db391f4ac302ee3b728ace18 9430 python optional python-django_1.10.7-2+deb9u10_amd64.buildinfo
 288d233a3aba5e18792b4fee6445955e 888132 python optional python3-django_1.10.7-2+deb9u10_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmAYSmgACgkQHpU+J9Qx
HlhhvA//XljR5eYeNIboxelmmE1g6JQA6WyZO/bCH2RBtTAGAfztiWJRbNNic9GC
UD4DRe1jIp/NYAgEo87x+i2EuUyX14Vj1L+EqyU3LugR0GtC8Ysx8YMfbr5YhX9o
Ejowl6PFv5PzhKODMpcbkXnT2YU5ud4AnIGC6Qomr6HTyPGc32yATdCOTAztFbNk
XItoao6T+iSBVw/O3xLRSvoscnNP0BVGu7hRnvbNsqpsjIVm8ARa8j/kipdJMeA/
2Yqv6Y/eNLEfaEfCOzG+ywmTKuAoGkuPSfnbNmVJQpvxEItB3WcM3woCGoiRbSV+
J6BKPKWPhw0O3vHHjMqMm+8IOemX+oCWP+DB2uxWjuRN22yF6xoWqbaFhD5dkTJs
trRQLj/Nv4nKyCo20qOCMuNlcr/DDzhv6tozoauQwfYjmKcIR+JuKKPvEaU4wDsA
XBQuIXsKt79cQxbPANNQwNEeiRByTlKN0BOsJzXRM+58GCE3G/rs9wXj1TPhijoY
e9K1g8F0KOXzTeckGEQziOYDTzJWHQH246zwqETyj+dmni+jDDogEOUH5d//ZhVY
2aIL+IeaQXp+2nmnVTFE4sg4aAZX4EodfTdecysCWc1LJKOELPZWn/mIzOUd4hXi
ae/4Jb9N1QuXa9NVi+B/a+pmmaQCi0jnR9elHAAkU8cVwZuxnzo=
=TYTB
-----END PGP SIGNATURE-----
News for package python-django
