Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-experimental-changes@lists.debian.org> , <debian-devel-changes@lists.debian.org>
Subject: Accepted python-django 3:5.2.1-1 (source) into experimental
Date: Fri, 30 May 2025 18:21:31 +0000
Signed by: Chris Lamb <lamby@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 07 May 2025 09:27:26 -0700
Source: python-django
Architecture: source
Version: 3:5.2.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1104872
Changes:
 python-django (3:5.2.1-1) experimental; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2025-32873: Denial-of-service possibility in strip_tags()
 .
       django.utils.html.strip_tags() would be slow to evaluate certain inputs
       containing large sequences of incomplete HTML tags. This function is used
       to implement the striptags template filter, which was therefore also
       vulnerable. strip_tags() now raises a SuspiciousOperation exception if it
       encounters an unusually large number of unclosed opening tags.
 .
       (Closes: #1104872)
 .
     <https://www.djangoproject.com/weblog/2025/may/07/security-releases/>
Checksums-Sha1:
 bb09ed045a745017911b8301027d124ff080a9e8 2783 python-django_5.2.1-1.dsc
 c8c6571401bede943be6b1ca4babe93cf2612e16 10818735 python-django_5.2.1.orig.tar.gz
 feb12576e7ffa0f41ff351dc76a0cbcd10ae7d37 30096 python-django_5.2.1-1.debian.tar.xz
 48edea50e99170342a8f2ed80db5d589676954cc 9397 python-django_5.2.1-1_source.buildinfo
Checksums-Sha256:
 3a916198824710e9ceac054feec156bbc69c8ac432863a41b3c3cdfa6c7665ce 2783 python-django_5.2.1-1.dsc
 57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 10818735 python-django_5.2.1.orig.tar.gz
 289c4fa05e3fa1e8c79a76be388142ef987d153dc70a5958eff9c754a2f14743 30096 python-django_5.2.1-1.debian.tar.xz
 e2e841b9e966d8eca1be91b5f0976d285eb2bc40d0c48b80a3ae8d353bf7bd40 9397 python-django_5.2.1-1_source.buildinfo
Files:
 64ae950d20e25f1f9bc5e9afb5c1d01e 2783 python optional python-django_5.2.1-1.dsc
 317174c6e0593c40e58ec1bd428b1091 10818735 python optional python-django_5.2.1.orig.tar.gz
 bf80257ae4ad41ad98d313b4e5d1a42f 30096 python optional python-django_5.2.1-1.debian.tar.xz
 9b177edac3cfbb765638e088bd11d74f 9397 python optional python-django_5.2.1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmg58zYACgkQHpU+J9Qx
HlhGqA//SwcLo/f8aWLLyWBshzgkOiX9w/eXTymoLheNdj3dsEwynXc9rf/pThtw
/JlyWGo6/a0xBBaHW8vqr9ML0bdkAJwYmy9yXziyQpwuKZPjXpKQP7IRi1Pjif+J
fa4B7npD6qs7Q7QRNe5HqwD09GznvHCX43lcHbznersCj0V+g/8SqizrecDRRU2P
0VMmeCCcA4DE7tRggRpx5vHxsoMRkD06lRZmj2taVMJufFDsSkYVHf3gIYH9dEZd
+f8HKZABSLpTXQyf7NktNTc5f7Ve8J3rAnKZx2siJgKMosKjsmIuU2akn7RMb852
Wa7pk4rt5TRlTtku0JFlZLE45wZ1vHA/DjCNC072qLt5U27ToGizmajxvKjA5d7E
JmwNAc/gNPZcq51V7QIE2gzpD50SmQTTG8h6I3dMGQF+u+YmdCqAAjVD6kkViPYQ
/XACsARVYCunAOu71PpLyuUHCDUS9zsI7QjElXxTq70PTTVr+62/79BBFOyf1Elw
A5AC2UdGsRSXTuzloolOuOuLUd5wgiWaQRD11wJAguQthj9W2KcP7jwNv0iCbFfP
5pP7O88txTu7OZlpVJgYcP75UqIqMyo0XIfVDCsDdv8zWnbPdBIWkktHEtu/5LFR
xBwxOJK1YSFYWwsXqbhKvgEIOhvLmDbavt5rvJagYWpG87BWGTQ=
=L4d9
-----END PGP SIGNATURE-----

News for package python-django