[ubuntu/focal-proposed] python-django 2:2.2.10-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Mar 4 14:49:14 UTC 2020 

python-django (2:2.2.10-1ubuntu1) focal; urgency=medium

  * SECURITY UPDATE: SQL injection in Oracle GIS functions and aggregates
    - debian/patches/CVE-2020-9402.patch: properly escaped tolerance
      parameter in GIS functions and aggregates on Oracle in
      django/contrib/gis/db/models/aggregates.py,
      django/contrib/gis/db/models/functions.py,
      tests/gis_tests/distapp/tests.py, tests/gis_tests/geoapp/tests.py.
    - CVE-2020-9402

Date: Wed, 04 Mar 2020 09:05:10 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-django/2:2.2.10-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 04 Mar 2020 09:05:10 -0500
Source: python-django
Architecture: source
Version: 2:2.2.10-1ubuntu1
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 python-django (2:2.2.10-1ubuntu1) focal; urgency=medium
 .
   * SECURITY UPDATE: SQL injection in Oracle GIS functions and aggregates
     - debian/patches/CVE-2020-9402.patch: properly escaped tolerance
       parameter in GIS functions and aggregates on Oracle in
       django/contrib/gis/db/models/aggregates.py,
       django/contrib/gis/db/models/functions.py,
       tests/gis_tests/distapp/tests.py, tests/gis_tests/geoapp/tests.py.
     - CVE-2020-9402
Checksums-Sha1:
 214df86c9133a45c17e4a4e608d97b30f98da743 2884 python-django_2.2.10-1ubuntu1.dsc
 4b661c0692d31e8c6a91a3a8849ef473a17f4972 28004 python-django_2.2.10-1ubuntu1.debian.tar.xz
 98913b7d26bbbe5fd3f724e8915e3cfc9bc6f006 13025 python-django_2.2.10-1ubuntu1_source.buildinfo
Checksums-Sha256:
 f5175b68bf9f46ab5ac5003b148bec0fbd5442a8bbb4440df7a8a14de0e3a84e 2884 python-django_2.2.10-1ubuntu1.dsc
 f2c5ab4fa83dc73c32694b2a87964bee4e03bade15aecd4e2ea128d9c571b610 28004 python-django_2.2.10-1ubuntu1.debian.tar.xz
 0e2270b07ccc2c308b87c8731c299663a372f849ac0b9ffcd68b52d7c620fb59 13025 python-django_2.2.10-1ubuntu1_source.buildinfo
Files:
 2c1606a11001e1913c304e39923010c5 2884 python optional python-django_2.2.10-1ubuntu1.dsc
 f834723d93a01e31bd745b1a2c238217 28004 python optional python-django_2.2.10-1ubuntu1.debian.tar.xz
 aaf040f0b8dd042407c0766f7fca2395 13025 python optional python-django_2.2.10-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl5fuA0ACgkQZWnYVadE
vpNmPQ/+IGSWFCVOc58LIgPKIfiYTcbYOxqr98cquG5p7JW48hAIr4Lpv4/VeOVy
2ofkfBMRQyQD2r5dE238RNBHIk9tHwhkxZg86VveP0G0cQIc7Zu2+mHe0lBbmC/q
bolXyLsSUrrzfoV1QYmL4bM6072bkL11Sp4HcxNda1yu0KdGdAYEcpv/1w+4OBNG
MCSKZoRjnOd39shzWHZvydX3l/iuS/VFs8ZT2uhb/+wW4tA4ZJmN6O1NJ86Ps9hb
0ev/4e2F8DZQtajQ4CjxK0I6glnRVvpGRgDp2Ol58CRATSh+tCgJiV3ZyT9bNnJz
5OTfDvJvU1BVlb7TFs3TYma7e6MPPXAmx2Be2jOzLjKYHyBGzjnWZyu6kAK2bOAK
+dX7l5f1/eeqHvnfcqbl6XmI7Febc3sV9yyd1b+AMruFNo9WCc/LEw35GT6vslTT
X1vfe/8/Y9eWp5jsxMVtz42uGbUU68jErycj34YVfxqTJVpF/FpuPtBBY7b2F6zg
4b79MD32ixHMULgGLzgDC6KhDRBhhcSELwZez+0H6w35adScchn4GeZihPZw9rS/
g6DOYO12CBYEUJuPKw3Ykvm/QNvuQsUvx6GHzW+zhcXNk160qF8aIt+H/cOL1H6O
mYqldZzlHI8kX8IjZVmnT48yZgDNSdUpL2R9xt8ebYX4xYr2vAA=
=UevS
-----END PGP SIGNATURE-----

More information about the Focal-changes mailing list