Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted python-django 2:2.2.28-1~deb11u5 (source) into oldstable-security
Date: Thu, 23 Jan 2025 14:50:21 +0000
Signed by: Chris Lamb <lamby@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 21 Jan 2025 12:32:26 +0000
Source: python-django
Architecture: source
Version: 2:2.2.28-1~deb11u5
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1093049
Changes:
 python-django (2:2.2.28-1~deb11u5) bullseye-security; urgency=high
 .
   * CVE-2024-56374: The lack of upper-bound limit enforcement in IPv6
     validation could have led to a potential denial-of-service attack. The
     undocumented and private clean_ipv6_address and is_valid_ipv6_address
     functions were vulnerable, as was the GenericIPAddressField form field.
     (Closes: #1093049)
Checksums-Sha1:
 9524b08c942656e360a9cce0c4d857310903e851 2811 python-django_2.2.28-1~deb11u5.dsc
 0661bddaeca016d84abc4c808c1c677cd7d4aa7b 9187543 python-django_2.2.28.orig.tar.gz
 854068b267ddad63fa4f16975664cb8c7b8b1bbf 45744 python-django_2.2.28-1~deb11u5.debian.tar.xz
 d270b25c62d7a5035ad1fe3309a70bd3e75dec3f 14294 python-django_2.2.28-1~deb11u5_amd64.buildinfo
Checksums-Sha256:
 751c026a2cfc06dd1e939dd3aef10ee1e0ebf410849e935ac2082eab708bd3b5 2811 python-django_2.2.28-1~deb11u5.dsc
 0200b657afbf1bc08003845ddda053c7641b9b24951e52acd51f6abda33a7413 9187543 python-django_2.2.28.orig.tar.gz
 1ba8a428276ec8e33aab65328b94350949aa221b672ec24def7defc178d7cabb 45744 python-django_2.2.28-1~deb11u5.debian.tar.xz
 0d38578cf4da78a80c9456fb57e0c7bc909094e39ca91a8885fd684504b31582 14294 python-django_2.2.28-1~deb11u5_amd64.buildinfo
Files:
 ed4370f171cf753f9fb3c62e99105b62 2811 python optional python-django_2.2.28-1~deb11u5.dsc
 62550f105ef66ac7d08e0126f457578a 9187543 python optional python-django_2.2.28.orig.tar.gz
 ff207bee81e51ddbc37470abded7eba4 45744 python optional python-django_2.2.28-1~deb11u5.debian.tar.xz
 514cbc5812f5666a63111dc7e45db071 14294 python optional python-django_2.2.28-1~deb11u5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmeSVREACgkQHpU+J9Qx
HlhsmQ/+OXyvzQ9ShBfjkj1HV2bqupxC/CmXVI1E30VfamMBfRmZEiyCK2WV5Tlk
zOvv8EVHsenufgWFXyytyLjVvy5+uKJbTL3fIhSRR5i2sE6kGxigfTZXZK7Hqkwd
uZIVJtldLbpEODV17jcDojhlSgrdu2Nwlrk3WuiEHoTq7wqI7L8awD+/40MQ27rC
+UM99cDqVSutYJGuoMUFrOhkEctHn0G5xFEj9qOiSqKv236iSb9M3IGoFqThVNwB
kB7qlEs0RZHZ2Pn6XeI0oW0mgi79tvgSKRG2YkKZ2Th3dkFQFe5p/TUuGo63OIbW
iJJJqSClNzWdsW8HQyZLVFYMz2cpq8uKHYu2TNSPPE1TtkfmoloOduqRHmX8EAZM
gDXZYSctCnQtRX2B7kKlrIZxbtENbmrszgOkSvsThZKgWXnsc74QDGNxdOSZKVoV
bMIjEsAFVYgYtQygqFmsIHLKsUpiLK5f2sLyx7wkWTnZ83yvhS2wmj9YJXTXlj4R
Y/KK2wuprKlshacMmVwChQKRmdFQJTeH2d4K/OSKhzSaZCZEUUd2wC2WrpfPlO/y
ZOlfDEY1XfYPS+VcuZIVBngm+6im56deVkrIGuKzwVwo9KKVxOpA51Io4mqWYb6q
ZtnXpR4h+p5I8g7F4ioFn008ty76XsmuZTOREYfSQ2WpKbA8oVg=
=cOKk
-----END PGP SIGNATURE-----

News for package python-django