Source: python-django Version: 3:4.2.22-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: fixed -1 3:4.2.23-1
As per https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/ the fix for CVE-2025-48432 was incomplete in upstream 4.2.22 and addressed in 4.2.23 (fixed in unstable with the 3:4.2.23-1 upload). Regards, Salvatore
