-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 01 Jan 2026 12:22:27 +0200 Source: starlette Architecture: source Version: 0.50.0-1 Distribution: unstable Urgency: medium Maintainer: Piotr Ożarowski <piotr@debian.org> Changed-By: Carsten Schoenert <c.schoenert@t-online.de> Closes: 1119662 Changes: starlette (0.50.0-1) unstable; urgency=medium . * Team upload. . [ Piotr Ożarowski ] * [a6c184c] fix changelog indentation . [ Carsten Schoenert ] * [48c5e6e] d/watch: Convert to version 5 * [5c75aa2] New upstream version 0.50.0 Fixed CVE issue by upstream version 0.49.1: CVE-2025-62727: O(n^2) DoS via Range header merging in `starlette.responses.FileResponse` Fixed CVE issue by upstream version 0.47.2: CVE-2025-54121: Possible denial-of-service vector when parsing large files in multipart forms (Closes: #1119662) * [ef9cf9c] Rebuild patch queue from patch-queue branch Removed patch (included upstream): 0002-fix-cve-2024-28849-async-write.patch Renamed patch: json-format.patch --> tests-Adjust-JSON-formating-to-work-with-older-packages.patch * [0b20e68] d/control: Bump Standards-Version to 4.7.3 No further changes needed. * [2eeb4b3] d/gbp.conf: Add some more minor default config * [b5247df] d/u/metadata: Update data * [ba0f23f] d/copyright: Drop entry about non exiting file * [2d637ab] d/copyright: Update Source field data Checksums-Sha1: d2b9c9a76a5c5090a1cc930a0a861c0fda5e8cd0 2493 starlette_0.50.0-1.dsc 65934c4ceb985c08d7b8bd2ff3a72cd551747a41 2646673 starlette_0.50.0.orig.tar.gz cbf543d44b88d3a00b255f26f431d27e7d5468fc 5152 starlette_0.50.0-1.debian.tar.xz 317041ace47816139d04e8ee304c4e80ac6bfd24 8157 starlette_0.50.0-1_amd64.buildinfo Checksums-Sha256: 9275426ccfbf4d658f08d58aab77f6a46cfb02d3dc3526ba4f4b5544bed07331 2493 starlette_0.50.0-1.dsc 2828c73fe8998b2fde7c326a5485d409ed28c4fe583f0d784c85ce40a09f5ba7 2646673 starlette_0.50.0.orig.tar.gz 6d19a0db96252601275ffd40369a16ee48d40230122c2f54e1c7699e4aa79174 5152 starlette_0.50.0-1.debian.tar.xz 325656e0a9413487edd62522aa47e0ad5beecc7a7ebd943b9e063d059537d0ba 8157 starlette_0.50.0-1_amd64.buildinfo Files: dbaafcdb485baefa09236857bf982d4b 2493 python optional starlette_0.50.0-1.dsc 38c70b067778866f2d263cc66623475a 2646673 python optional starlette_0.50.0.orig.tar.gz b0a029f07a6de695fcc469734bddfc2a 5152 python optional starlette_0.50.0-1.debian.tar.xz 727c9232b6048142cb21e35cc76adc8f 8157 python optional starlette_0.50.0-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJMBAEBCgA2FiEEtw38bxNP7PwBHmKqgwFgFCUdHbAFAmlWTnAYHGMuc2Nob2Vu ZXJ0QHQtb25saW5lLmRlAAoJEIMBYBQlHR2wNkoP/0C6vXeaTmqOLz+3MDV3PaDY kU318QNCXVSgze29xph+cvD+T1n6JlAaTln0k7vkjKOVCsqJI8yWwBv9giRO63qy BH67sAcLbeloA4PBwO0jn1CK/uw1IaiB9jd8fcd7uWnA4Nj0DhXKUv6zw42EVML5 bejBncewfZ9xPLaqyQw9+g923xpoyHXIrIsLcsUadflHziI0jFbIzcdLob/rxfWU gxPPf0kK7KhN9/Gy+4UueypJBoKfGMbdMK+0GN7SAdXPfgl1z1TEMhIBWZMS6geS k/bTwjIrADhOGGjs89mJwojZockZCNCRduLxoZ//N6lzJ+YiCPg3CKjwBTH0GCz/ 7WXv/eGsAW5JVnEtlsJffw/aBBfJHCavwLXJ4ZkeAUBr2SDUHdndw/DLXgCqFIN4 fEI/lMnHCr8Kv7Y/GKbKELtE7KcqeSqAw041jkFitjjlFo8YxVTc9xLsHKNgNbuF IpzlNJ8tx5mYlFRk+qDY6DNksxQ/kv4FcoB3uyEUG5qjWdzaUqKOSLNjwY0kptal VN29yI8O9g9J3IJXi4NJThEJMgPyYhYJtvauMsCFcOpp4byCUfdZW8/yxOlFBwtw i5r3omLlh1w4jckQ7nUrSYmjh7yiXmXXsTX4D2fjl20KNCRRUy7UTGh4BRAd/YlB Fio/JDWiIrwQG8VSoS99 =E746 -----END PGP SIGNATURE-----
