[ubuntu/resolute-proposed] python-django 3:5.2.4-1ubuntu3 (Accepted)

Hlib Korzhynskyy hlib.korzhynskyy at canonical.com
Thu Nov 6 13:34:18 UTC 2025 

python-django (3:5.2.4-1ubuntu3) resolute; urgency=medium

  * SECURITY UPDATE: Potential SQL injection in QuerySet and Q objects
    - debian/patches/CVE-2025-64459-1.patch: Add connects and checks for them
      in django/db/models/query_utils.py.
    - debian/patches/CVE-2025-64459-2.patch: Add PROHIBITED_FILTER_KWARGS and
      check for them in django/db/models/query.py.
    - CVE-2025-64459
  * FTBFS-test_pickle_errors_detection.patch: Fix FTBFS in
    test_pickle_errors_detection test function in
    tests/test_runner/test_parallel.py

Date: Thu, 06 Nov 2025 09:58:31 +0100
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/python-django/3:5.2.4-1ubuntu3
-------------- next part --------------
Format: 1.8
Date: Thu, 06 Nov 2025 09:58:31 +0100
Source: python-django
Built-For-Profiles: noudeb
Architecture: source
Version: 3:5.2.4-1ubuntu3
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Changes:
 python-django (3:5.2.4-1ubuntu3) resolute; urgency=medium
 .
   * SECURITY UPDATE: Potential SQL injection in QuerySet and Q objects
     - debian/patches/CVE-2025-64459-1.patch: Add connects and checks for them
       in django/db/models/query_utils.py.
     - debian/patches/CVE-2025-64459-2.patch: Add PROHIBITED_FILTER_KWARGS and
       check for them in django/db/models/query.py.
     - CVE-2025-64459
   * FTBFS-test_pickle_errors_detection.patch: Fix FTBFS in
     test_pickle_errors_detection test function in
     tests/test_runner/test_parallel.py
Checksums-Sha1:
 aa1d14704cacf09b0e89e35a83bab32c17ff11cc 2892 python-django_5.2.4-1ubuntu3.dsc
 f24160030ccbdc949d3c156f8b1324c378c9046d 36556 python-django_5.2.4-1ubuntu3.debian.tar.xz
 75e841e0733d1901454b3c9553d1cbf8e370986c 17555 python-django_5.2.4-1ubuntu3_source.buildinfo
Checksums-Sha256:
 38cd9d63e6e450cd7601e3a95e7e0cd9ab153867944a0a591cbae27c4c362f8c 2892 python-django_5.2.4-1ubuntu3.dsc
 e23a3640807f2ddd3d6e965ad8f0a0c7611037a1d2024e70e6c6f01b211160fd 36556 python-django_5.2.4-1ubuntu3.debian.tar.xz
 b29a3a7ac14733e1717670872e2073dae762c3f0dc9c49bc57a0fde143b3f99a 17555 python-django_5.2.4-1ubuntu3_source.buildinfo
Files:
 23f4194c15678ee5b096a8a2b2b4be71 2892 python optional python-django_5.2.4-1ubuntu3.dsc
 d094a4b9fe42d1b7a06b855d4d13fcf7 36556 python optional python-django_5.2.4-1ubuntu3.debian.tar.xz
 22e5dfa67f513e25e7f9273ee1abd328 17555 python optional python-django_5.2.4-1ubuntu3_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>

More information about the Resolute-changes mailing list