[Git][security-tracker-team/security-tracker][master] Reserve DLA-4484-1 for python-django

Chris Lamb (@lamby) Thu, 19 Feb 2026 10:29:47 -0800


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker



Commits:
085dc85a by Chris Lamb at 2026-02-19T10:29:31-08:00
Reserve DLA-4484-1 for python-django

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[19 Feb 2026] DLA-4484-1 python-django - security update
+       {CVE-2025-13473 CVE-2026-1207 CVE-2026-1285 CVE-2026-1287 CVE-2026-1312}
+       [bullseye] - python-django 2:2.2.28-1~deb11u12
 [18 Feb 2026] DLA-4483-1 gimp - security update
        {CVE-2025-15059 CVE-2026-2239 CVE-2026-2271 CVE-2026-2272}
        [bullseye] - gimp 2.10.22-4+deb11u6


=====================================
data/dla-needed.txt
=====================================
@@ -355,26 +355,6 @@ python-authlib
 python-cryptography
   NOTE: 20260216: Added by Front-Desk (rouca)
 --
-python-django (Chris Lamb)
-  NOTE: 20251106: Added by Front-Desk (Beuc)
-  NOTE: 20251106: Lots of postponed vulnerabilities triaged for the next 
update.
-  NOTE: 20251106: Also, time to finalize the SPU? (Beuc/front-desk)
-  NOTE: 20251106: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1079454
-  NOTE: 20251212: Working on postponed CVEs. (lamby)
-  NOTE: 20251229: DLA-4425-1 released, now looking at SPU. (lamby)
-  NOTE: 20260118: WIP (lamby)
-  NOTE: 20260123: Prepared bullseye update with fixes for:
-  NOTE: 20260123:   CVE-2024-39330 CVE-2024-41989 CVE-2024-39329 
CVE-2024-41991 CVE-2024-42005 CVE-2024-45231 CVE-2024-39614
-  NOTE: 20260123: .. but hunting down a test regression newly appearing in 
existing bullseye release.
-  NOTE: 20260123: Update for trixie SPU also prepared, fixing:
-  NOTE: 20260123:   CVE-2025-13372 CVE-2025-57833 CVE-2025-59681 
CVE-2025-59682 CVE-2025-64459 CVE-2025-64460
-  NOTE: 20260123: Working on bookworm SPU. (lamby)
-  NOTE: 20260126: trixie SPU filed as #1126461. (lamby)
-  NOTE: 20260126: bullseye regression identified as CVE-2025-6069 in python3.9 
3.9.2-1+deb11u4 (lamby)
-  NOTE: 20260128: trixie uploaded. (lamby)
-  NOTE: 20260128: DLA-4458-1 released, fixing CVE-2024-39329 CVE-2024-39330 
CVE-2024-39614 CVE-2024-41989 CVE-2024-41991 CVE-2024-42005 CVE-2024-45231. 
(lamby)
-  NOTE: 20260128: keeping note here for bookworm SPU (see #1079454). (lamby)
---
 python-geopandas
   NOTE: 20260216: Added by Front-Desk (rouca)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/085dc85a0f5a1a4a402014dad6ee6cb622be8da6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/085dc85a0f5a1a4a402014dad6ee6cb622be8da6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-4484-1 for python-django

Reply via email to