Hi Chris, On Mon, Sep 02, 2019 at 02:07:55PM +0100, Chris Lamb wrote: > Chris Lamb wrote: > > > > > +python-django (1:1.11.23-1~deb10u1) buster-security; urgency=high > > > > > > Thanks, these both look good; please upload to security-master. > > > > Both uploaded to security-master. > > There is now a 1.11.24 (ie. 1:1.11.24-1~deb10u1) upstream: > > https://docs.djangoproject.com/en/2.2/releases/1.11.24/ > > Shall I go ahead and upload or was .23 already accepted?
Looking at the above change, following the upstream ticket at https://code.djangoproject.com/ticket/30672 this does not look like this is neither a real new regression nor a very exposed functionality (the upstream issue speaks of a undocumented and untested usage). Thus (if this is true), this does not really warrant another upload, but rather will automatically be fixed in a subsequent (and likely arising) update anyway. Regards, Salvatore