Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

Hi Sébastien, > They look fine, please upload to security-master. Done. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org  chris-lamb.co.uk `-

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

On 15/06 10:49, Chris Lamb wrote: > > The full debdiffs are attached. Can you especially check the > > versioning scheme and distribution fields for me? I often get this > > wrong and end up confusing myself. Really appreciated. > > They are now attached. They look fine, please upload to

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

Chris Lamb wrote: > The full debdiffs are attached. Can you especially check the > versioning scheme and distribution fields for me? I often get this > wrong and end up confusing myself. Really appreciated. They are now attached. Regards, -- ,''`. : :' : Chris Lamb `.

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

Chris Lamb wrote: > I will wait a few days to see what upstream says. I will also have to > re-release for jessie LTS, alas. Okay, this is now fixed in the following versions (without and with the regression fix): DistributionUpload with regressionUpload with regression fixed

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

Hi Sébastien, > > Security team, would you like an update for stretch and/or buster to > > address these issues? It's fixed in sid, experimental as well as > > jessie LTS. Bullseye is just pending migration time AFAICT. […] > yes, that'd be fine. Is there any chance you could also piggyback the >

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

On 06/06 10:15, Chris Lamb wrote: > > python-django: CVE-2020-13254 CVE-2020-13596 > > Security team, would you like an update for stretch and/or buster to > address these issues? It's fixed in sid, experimental as well as > jessie LTS. Bullseye is just pending migration time AFAICT. Hi Chris,

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

Hi, > python-django: CVE-2020-13254 CVE-2020-13596 Security team, would you like an update for stretch and/or buster to address these issues? It's fixed in sid, experimental as well as jessie LTS. Bullseye is just pending migration time AFAICT. Regards, -- ,''`. : :' : Chris

Bug#962323: python-django: CVE-2020-13254 CVE-2020-13596

Package: python-django Version: 1.7.11-1+deb8u3 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for python-django. CVE-2020-13254[0]: | An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before | 3.0.7. In cases