Hi again Chris! El 19/04/25 a las 21:16, Salvatore Bonaccorso escribió: > Hi Chris, > > On Fri, Mar 14, 2025 at 06:38:56AM +0100, Salvatore Bonaccorso wrote: > > Hi, > > > > [including Chris in CC] > > > > On Sun, Oct 20, 2024 at 09:05:43AM +0200, Paul Gevers wrote: > > > Hi Steve, > > > > > > On 29-08-2024 17:05, Steve McIntyre wrote: > > > > I've already spent some time looking at this, and in fact there are > > > > *already* changes in our version of django-storages that are clearly > > > > expected to work with the fixes in django. But they're not. I'm > > > > digging in further to see whether it's something I've done or a wider > > > > bug. I don't*think* it's my fault, but stranger things have > > > > happened! > > > > > > > > At this point, I would say let's be safe and hang back on the django > > > > update this - it will wait for the next point release. > > > > > > As you are well aware, the next point release is around the corner: 9 > > > November. Did anything happen, or should python-django be skipped one more > > > time? > > > > We will miss the 12.10 point release with these changes. Chris can you > > help Steve here resolving the regressions and then include as well > > fixes for the new CVEs which appeared in meanwhile? > > Any updates here? The date for the 12.11 point release is not yet set, > but would be great to have the python-django CVEs currently known > fixed in the next point release.
As a follow up of https://lists.debian.org/debian-lts/2025/05/msg00023.html, I forgot to check if a pu for python-django was in the queue. And I would just like to point you out about the above questions from Salvatore. Chris, the next point release window is closing this week-end. Do you think you could help with that? (WRT my debusine-related request, it doesn't matter of course if python-django is updated via a point release instead of a security update.) Cheers! -- Santiago
signature.asc
Description: PGP signature
