-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 02 Jul 2019 23:07:21 -0300 Source: python-django Binary: python-django python3-django python-django-common python-django-doc Architecture: source all Version: 1:1.10.7-2+deb9u5 Distribution: stretch-security Urgency: high Maintainer: Debian Python Modules Team Changed-By: Chris Lamb Description: python-django - High-level Python web development framework (Python 2 version) python-django-common - High-level Python web development framework (common) python-django-doc - High-level Python web development framework (documentation) python3-django - High-level Python web development framework (Python 3 version) Closes: 922027 929927 931316 Changes: python-django (1:1.10.7-2+deb9u5) stretch-security; urgency=high . * CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format. (Closes: #922027) * CVE-2019-12308: Prevent a XSS vulnerability in the Django admin via the AdminURLFieldWidget. (Closes: #929927) * CVE-2019-12781: Prevent incorrect HTTPS detection with reverse-proxies connecting via HTTPS. (Closes: #931316) Checksums-Sha1: 9cf46ff6b53e327287a635d7947504bab66f5e5b 2804 python-django_1.10.7-2+deb9u5.dsc 4b9acc86beb3e79ac0fcfc3339fb7cad9cb7b286 39828 python-django_1.10.7-2+deb9u5.debian.tar.xz 1383e694395bc1db1985a303a387592011dcb2d8 1513850 python-django-common_1.10.7-2+deb9u5_all.deb fbe06f7c2ed9995875601de4fbf915219332b420 2535508 python-django-doc_1.10.7-2+deb9u5_all.deb 0783192722e7846642837d8000e4ee0ea5e99034 904054 python-django_1.10.7-2+deb9u5_all.deb e3f0210d8f6f2158f63b8a3ef46b7ab19792334e 9329 python-django_1.10.7-2+deb9u5_amd64.buildinfo 40303e6ec9bc24c3a99cee145f1297d8d2373097 885816 python3-django_1.10.7-2+deb9u5_all.deb Checksums-Sha256: 5634a1d5ce9a9426076abb87945d7af24b9eab0115f6db039646f6f20437b2b8 2804 python-django_1.10.7-2+deb9u5.dsc f794310b8048bf962425ea1c23ad447cda236d04bba02f518cabab027b988cff 39828 python-django_1.10.7-2+deb9u5.debian.tar.xz 5bc2c68ac9797eba7b2fa3beeae7ee5fa08954ce9fa2b078d2fc6c93fd44207b 1513850 python-django-common_1.10.7-2+deb9u5_all.deb e2cc407ab765e5e0068509471880f0b53c2776d1bb76a847ad33bf56d831dc30 2535508 python-django-doc_1.10.7-2+deb9u5_all.deb c62e37da6e5fe58bfff7fbdb7547a59fd8456ac0825777d86ecc84eafc2b8004 904054 python-django_1.10.7-2+deb9u5_all.deb 25f8ec5325f48dba984300b3393e4ea73b75da5789722dae4981e7b6dcf1968c 9329 python-django_1.10.7-2+deb9u5_amd64.buildinfo e445e5695962a7a120206e4dc16022d670b253e0f275968d4b54776961b27c66 885816 python3-django_1.10.7-2+deb9u5_all.deb Files: 52ccdf5159351ca16a1f676901ae31ae 2804 python optional python-django_1.10.7-2+deb9u5.dsc eb488426deda61b3ba6811ffe1009c3d 39828 python optional python-django_1.10.7-2+deb9u5.debian.tar.xz fa0695738a8ba2b94d9ef7331f29bd24 1513850 python optional python-django-common_1.10.7-2+deb9u5_all.deb 0428ccc6fd9f8dae732b5f085e3a3904 2535508 doc optional python-django-doc_1.10.7-2+deb9u5_all.deb 8b9bdd5aee8b7be9d4c3e15c87e44013 904054 python optional python-django_1.10.7-2+deb9u5_all.deb dd5236564e0e51a91c4fe3d781e6c7d8 9329 python optional python-django_1.10.7-2+deb9u5_amd64.buildinfo 21396fe97a0ec5511abc5c642b494354 885816 python optional python3-django_1.10.7-2+deb9u5_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0cm48ACgkQHpU+J9Qx Hlh7exAAjFGkoYJ+LSIxq+0TmgIdSlbJixN3QemPsd7w/jWcIPpy8u0MjmjqMWqh qe1vvYdBDvW8NUHGa7QW5sUKzaYh9Lcj1f4G9VrcBp45vOXT/ao6RiSeyCsvXBRd WOED9SdOSqOoCS0TGaOVRewkqXxx82MAPXcYeC77mhJvWQ4McvfByHRVw8mvy9uP Ecw2YZ6rPxBrz2l0OVTRhw+HpYWgNSBFiEEBFSt6hSMcfinJlKW48lrAfhVtaje2 uPpucg4feUNQ8RMMueox0tEaJdNMgZ2GCY+I9MhBGyPkvKM/IZtoiCJr3hB560ck OPAoP6vQR3iNafXE7jQRposSHwCUIi0SpmpKVCiW9ZcCjsv7J0dp14Z5uSpUR+mY YVZ7uhCa3NALYsZM/+lj67sTw2H9MV6qZFtNigKvK29f6IuiHeVzMUal3SxWy35m xUvczA4/SXsWn+ov2OVT0IqZATRNZ4lAOv4vTlBCR9mNVXy1RA8iP0ITn0PkzbRZ yA/amxZ6a51a+WR0TUTAecgRjRvwe6GKQSXTQ8abD3Z1g3+/v6mXxNyXmNFRm0vf VvP1892TXDwE69GmW2axmbTnSJ6kl4xHDkHpWhEtoqidraO75Ef0mMvtYyXcGv8g xq94b2P1enGHcfkTnGc4gbfZKSEhgmSvAltxi9xb+W4TNDaLVnY= =Awug -----END PGP SIGNATURE-----