-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 07 Dec 2024 16:44:56 +0800 Source: python-werkzeug Architecture: source Version: 2.2.2-3+deb12u1 Distribution: bookworm Urgency: high Maintainer: Debian Python Team <team+python@tracker.debian.org> Changed-By: Sean Whitton <spwhitton@spwhitton.name> Closes: 1054553 1070711 1086062 Changes: python-werkzeug (2.2.2-3+deb12u1) bookworm; urgency=high . * Backport upstream fix for CVE-2023-46136 (denial of service when file upload begins with CR or LF) (Closes: #1054553). * Backport upstream fixes for CVE-2024-34069 (arbitrary code execution on developer's machine via the debugger) (Closes: #1070711). * Backport upstream fix for CVE-2024-49767 (denial of service when processing multipart/form-data requests) (Closes: #1086062). Checksums-Sha1: 564bdc41c16af520e84fea8a64e4b396ace11943 2760 python-werkzeug_2.2.2-3+deb12u1.dsc 4807723cdea3666c001068bbcbf70d5f6c3a5f2a 16648 python-werkzeug_2.2.2-3+deb12u1.debian.tar.xz Checksums-Sha256: dc96b1bd611993c7e9b5deebea43e676e96f5c35b9e9f4fd5eea5a96b3afdd0f 2760 python-werkzeug_2.2.2-3+deb12u1.dsc 7c2f39f24182e433fea2ecee1e60839485614628af236ee92d4e7f3f0f1e25c0 16648 python-werkzeug_2.2.2-3+deb12u1.debian.tar.xz Files: 6f642302401d59600ad541fd7c3c0e1d 2760 python optional python-werkzeug_2.2.2-3+deb12u1.dsc 19f7708a39698a1ea1072e457528e734 16648 python optional python-werkzeug_2.2.2-3+deb12u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmdUC5gACgkQaVt65L8G YkBVsw/9Hh+r4VbvRb+ojwMDuAJ4vH0p6KHygIwr5GepUlBLp4g3+rAb2K9BL6+z /pvIScUczrbfL6DrDLi+/6WJu9TKlZMbPt2d/NEWLE6XHJrdisacXIRxttcNLELE i9yWE73UsMPNrpeemexaQQdZgSGIiP8axECNrI2OfldSyAAH+VwYGr0Tme3VClmF bJgKO9+4eV2p0CWzWVZjyEBU3PCuNamgYYY6PUE68y4HAd0mxVyKOY+DHEZH8xKc iJI7NMcCzkhsLDULDT86IqCxXu5wl94q4GbVR/kpTLP8LFppIB1HKTg5K2HMgWVo BwGOvM4NUmLS5hnIFlTDh7NQD7ZH5nDKWjE6etH8UjGs1YPJPXu4RKWZ0XI/wDMu 5Fgv3si9Q0e6IPYi5FoBy6iHSxxZMPNg7qiQuLdnzEHQovPYIoe8z6xaLejk5KAX LXQVB0RToZnhadDRAtfEgLUEr2s5kFND/wTFyOJf3BlhlIJu2UvFsD+ACmyQZ91k EwqOc13q7bbFT8K8m6PfZN2GCHBxw6Ys/oIqoLvNbwQF7dtCF5SWEwpXkZS03+Ff cUWnseXfS7dnVU3WSo+4Umzx+gn4yM3QBlIMDSffiV1VyMS8FAzyXDqGeR7Hadwd Psvxtv4qfOmVO6k0HechAsXnMS7S2+8VEkrry1CTtzYNVVqi7AQ= =7GNi -----END PGP SIGNATURE-----