Hi Salvatore,
> > I've attached the following diff for a proposed 1:1.10.7-2+deb9u2
> > update for Django:
[…]
> The debdiff looks good so far, were you able to test the resulting
> package
I believe that is covered in-depth by the additional tests I also
backported (which passes here). The package installs fine for me too I
did not alter any of my in-*production* sites to *specifically* test
pre/post application of the APPEND_SLASH handling.
> There is as well a no-dsa tagged entry (CVE-2017-12794), which is only
> relevant when "DEBUG = true". But as we do an update now via a DSA, we
> can include this fix as well.
That makes sense. Shall I go ahead and add this CVE-2017-12794 and send
another debdiff?
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
