-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 28 May 2024 08:56:57 +0200
Source: python-pymysql
Binary: python-pymysql-doc python3-pymysql
Architecture: all
Version: 0.9.3-2+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
 python-pymysql-doc - Pure-Python MySQL driver - doc
 python3-pymysql - Pure-Python MySQL Driver - Python 3.x
Closes: 1071628
Changes:
 python-pymysql (0.9.3-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2024-36039: PyMySQL through 1.1.0 allows SQL injection if used with
     untrusted JSON input because keys are not escaped by escape_dict. Applied
     upstream patch: forbid_dict_parameter.patch (Closes: #1071628).
Checksums-Sha1:
 232e7e471c8ff0c8a4cf8ad5ec9da411d62a61f0 28584 python-pymysql-doc_0.9.3-2+deb11u1_all.deb
 6fa4d9896d8f825adb74a72589f023ccf5435937 9311 python-pymysql_0.9.3-2+deb11u1_all-buildd.buildinfo
 2ac86d9c48faa81130dc5eaf0a44d777ba262592 43664 python3-pymysql_0.9.3-2+deb11u1_all.deb
Checksums-Sha256:
 7e51e3f5e338ab5d9c236aee0c6c9db0a0b87777db1da0f57148f5bfbc767d85 28584 python-pymysql-doc_0.9.3-2+deb11u1_all.deb
 9460bd65ac5ade6d88d8ad06f4a20b3431bc46b508a9b1e9514b20e82eef34d1 9311 python-pymysql_0.9.3-2+deb11u1_all-buildd.buildinfo
 1950bdf76d4bd03954e777b00db5cab1693e6bcd938923af94e19ef7fc15f79f 43664 python3-pymysql_0.9.3-2+deb11u1_all.deb
Files:
 5bb29b9c734485f49fe38d1bec8774f3 28584 doc optional python-pymysql-doc_0.9.3-2+deb11u1_all.deb
 30125f28ab5b84d6d63afc1b1dbc947d 9311 python optional python-pymysql_0.9.3-2+deb11u1_all-buildd.buildinfo
 bfe352d25332383c879542fcb9fa9c8e 43664 python optional python3-pymysql_0.9.3-2+deb11u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmZW1CwACgkQ4cagXJhO
TXtaBg/8CTZ1Ii7PswW3TIQQdMBOMQqHNU+MZNRnpTTIpYvZG0/3/3SrKaR0Ld0N
Rn+XokS2I/g1cpAaGodGLDSc0mjFd3bM6iOcQD/o9u8VoOl7IlNPKJyJUy+0O7ZC
oDUnUuk3iWyzScwPDq1NKu8jPqJ2oKWTomiVPVBpGVbuMtbhHthFq44+ChIsb8lE
tC586q1wcdJokPgJ2VU9rBTE1+4jAm4aHvx1KUvj42YPyMWx7jAVjJDRWk3bZfdQ
H++d3fVF5k4cPvSFQ9Jr+5CZYsEcAFBYJwlfE5TrDHjQYbHL7PamoeU+ujBI48/P
AuBWhkW5RWNQUwFJnXu53fP4pRImqYd8X5CrsDq27r0ohUfoInMQRO6U/NNZgCgD
cKmM2YkZgB9urTeByJ9c9yJ8yTfhek8IFGzPg3wqM4tvBYsRGyuhYOCswlpARTCc
5beA2PDl4vBP9oZ1Tzbr1rp1VojjN7kaMJA4YkvpCmsY2rDGrglwPmuqpOVCX3VZ
nU/XqXjvPW7TIfDeZ6gTeNsQtSQktFSlJDDqYnuX0Qu01220Z3IlcUzgV2fGLU9v
VVpcASnszbB+6vHXYYQS4DjgHQ4eqocKO6jaUimGgemV2N5OHTgrd8nR+1Z/aCG7
o0Vtyfjwp46VGz0IoJv0nkWxNiUUPZ7XbDU+nt7WeYq0vlsdn98=
=hq5c
-----END PGP SIGNATURE-----