Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted python-babel 2.3.4+dfsg.1-2+deb9u1 (source) into oldoldstable
Date: Thu, 21 Oct 2021 08:50:14 +0000
Signed by: Sylvain Beucler <beuc@beuc.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 21 Oct 2021 09:37:01 +0200
Source: python-babel
Binary: python-babel python3-babel python-babel-localedata python-babel-doc
Architecture: source
Version: 2.3.4+dfsg.1-2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 python-babel - tools for internationalizing Python applications - Python 2.x
 python-babel-doc - tools for internationalizing Python applications - documentation
 python-babel-localedata - tools for internationalizing Python applications - locale data fi
 python3-babel - tools for internationalizing Python applications - Python 3.x
Closes: 987824
Changes:
 python-babel (2.3.4+dfsg.1-2+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
 .
   [ Abhijith PA ]
   * CVE-2021-20095/CVE-2021-42771: Babel.Locale allows attackers to load
     arbitrary locale .dat files (containing serialized Python objects) via
     directory traversal, leading to code execution.  (Closes: #987824)
 .
   [ Sylvain Beucler ]
   * Fix test suite in summer time zones
Checksums-Sha1:
 94a3cf688db177a7a633b3fe7e01fef17c42cc24 2496 python-babel_2.3.4+dfsg.1-2+deb9u1.dsc
 f8c609f3bf00784618ed2f2a6a98f66a21a0e5fa 6228472 python-babel_2.3.4+dfsg.1.orig.tar.xz
 467e3636fe0ba6e2aad5fe4d6b9f21076195ebaa 11028 python-babel_2.3.4+dfsg.1-2+deb9u1.debian.tar.xz
 71896598b2698d0ba006d902605239761fa02054 7346 python-babel_2.3.4+dfsg.1-2+deb9u1_source.buildinfo
Checksums-Sha256:
 efd49bb118b6267514f255d98d65127ecf4af3ad4815007d55ecab2f3d25760f 2496 python-babel_2.3.4+dfsg.1-2+deb9u1.dsc
 38db2e5112d0e642d275496b731c7a25715e91adf11dd3681744753003866d8c 6228472 python-babel_2.3.4+dfsg.1.orig.tar.xz
 5e0f66eb2d15d98f6ab7d20eacfec1cd4b444afee71b4b4f84a10ad84345c2af 11028 python-babel_2.3.4+dfsg.1-2+deb9u1.debian.tar.xz
 4fb1a94d783cba2bd4980bb8d20340ef50347f212ac34608c2af004fd25e0276 7346 python-babel_2.3.4+dfsg.1-2+deb9u1_source.buildinfo
Files:
 397220bbc925c6181e11437c1927171d 2496 python optional python-babel_2.3.4+dfsg.1-2+deb9u1.dsc
 778d8f6a99ccb987f993be3f2075f8c5 6228472 python optional python-babel_2.3.4+dfsg.1.orig.tar.xz
 054bb5146ba8ca4343be9bcadcae7275 11028 python optional python-babel_2.3.4+dfsg.1-2+deb9u1.debian.tar.xz
 a82ecb7794edc984fa837f61ea1c7d0c 7346 python optional python-babel_2.3.4+dfsg.1-2+deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmFxJMQACgkQDTl9HeUl
XjBPyA/7B8ILgd4qc0pmKkGQRLevs+O0RU+AW7RlIGcMyD7hUO0n89jQBHDTW2bI
zkCGvgN607WbOpb6sVmq40MV+Ti1xihVK9yqorju3AQcdEI88rwLDYyo7o3olRgt
rkdCV7Zax/cmPb3qF7e+Ye26wUfxWPuw+a3ynXvHL/vimCJVOgVozTJmHbpnMsZr
luR+GszvEnKFH3ldHoiqK5VrTfD2qAXJaEWRWbGlzmWc+YzYYLyS8AfX2vOkhnK8
AeJ1iMNOJ0HLyYR+GB31UUIjeXWig0FlEbIFeD2twUjOT+LsyIQpt6kcu8Gb73X5
rQ+CDvWbjYfSDkG2WNj2ydJqs30PjE4QjHizlrdPGH4MKB6CifPp5qFTFSbsSLfk
wdILyQHh3jfsCpksuaZ9vXw0po8d2f8TUALWNupUM7SfrhMsi+yoeMsW8rmfAAtI
ixLwOmje18zglnL9AeiWG2OerwhYqeha8smmU7m9+tGGcvthgR/EqRFnAPXNBLr9
2+8KgbtJdFE/V4NmkaIaGYchlsBsXZXiAYBNPxXonLXoW9a4iIUdi4+jjhExLYtv
Q+TaC6kcmkAUjTi9uHTSsh3yMRsUZ0bSCsRODIDOiH0FdcnePIZgPNDM7YJizdJ5
rAc652ZzQIVkKRmKAB3UO2vsrT1kupWZ90P/tm3E1V9zaQD0kOg=
=5w2q
-----END PGP SIGNATURE-----
News for package python-babel
