-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 28 May 2024 08:15:32 +0200
Source: python-pymysql
Binary: python-pymysql-doc python3-pymysql
Architecture: all
Version: 1.0.2-2+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: amd64 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
 python-pymysql-doc - Pure-Python MySQL driver - doc
 python3-pymysql - Pure-Python MySQL Driver - Python 3.x
Closes: 1071628
Changes:
 python-pymysql (1.0.2-2+deb12u1) bookworm-security; urgency=medium
 .
   * CVE-2024-36039: PyMySQL through 1.1.0 allows SQL injection if used with
     untrusted JSON input because keys are not escaped by escape_dict. Applied
     upstream patch: forbid_dict_parameter.patch (Closes: #1071628).
Checksums-Sha1:
 df4c712cbd770a189147d50bc7ebd5104d7615ef 29924 python-pymysql-doc_1.0.2-2+deb12u1_all.deb
 9cc7b5227dc96c5022c3fbc45470d45e124222d5 9180 python-pymysql_1.0.2-2+deb12u1_all-buildd.buildinfo
 67b045a8d2adad600237d33e58f569541511efb8 40868 python3-pymysql_1.0.2-2+deb12u1_all.deb
Checksums-Sha256:
 765ad35443f51467185fb3eed60aa010b4f41d81e3691e2176a952347c86a853 29924 python-pymysql-doc_1.0.2-2+deb12u1_all.deb
 f4bb1fed20b0cb3ca657e21510e373d751b94533245a000d6b44ee238870bfd9 9180 python-pymysql_1.0.2-2+deb12u1_all-buildd.buildinfo
 f472e9f993bbccf8a004e6f4d4ea2c0cfe37c3141256e593e1f78a3b9dd65989 40868 python3-pymysql_1.0.2-2+deb12u1_all.deb
Files:
 6f2ff58e5875bc40d61a5fafaa1c35e8 29924 doc optional python-pymysql-doc_1.0.2-2+deb12u1_all.deb
 cfa36d332e643c27917d9a831f4346f1 9180 python optional python-pymysql_1.0.2-2+deb12u1_all-buildd.buildinfo
 66861b0694e98d0b0b49eee391d64031 40868 python optional python3-pymysql_1.0.2-2+deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmZW1EUACgkQgDm7h4zf
CpIHQg/9GmGzoOLM1SAYqzumoS4gtGv+3P4eNcfxtNIvGd3hY4GZx8k/zP+oDv22
ldZIV2IA+BEedefKyoJaUm/W8Ny/ktYNYh2fkNO816glYKI6GN8Pft3jrnlhzBGO
KgSsX8e5koQw/GpqVxciDwG2492uvHSUKjndJkBrr85bpgUxJ0b194ai1L/0E1KS
18TGryQrkRDJD2fodPwK2C3NRbFLMhMF/bFvyug4Gjw7OWaYVdgktDhsEbXIn9BY
5VfsQXnkf+SV5X/oNjOlnV31soc8sFX+9g37m5gPWddKtjCm/lWWY16CSkljkiPI
LbaiGtqv76fZMsS+P+GxzW1YhHWD/jha5t7HbItqvF/IO9kDcxAg98SUdw6m17j0
g5AAqGqaUYLglJVVt8x3vf2ij7sCl/gXMKbHKvH9mebbmYpunHnLL4WUwK58eRUH
EbdsGN+kCE6vbyaibNF5C2O3wFOWDW5AfWKCibfT2GfWlownnbGJD1pLVJ+iDadu
G3ME4aS9yhjY9PB2izQeRbY2mf0zNR4UnVSPlbEaez4RrXCxEJuFhRu5QLWQ8Q9m
Jnbqe9jeN/xhRjKKCi3SAKk3SaRR3ZWEfuBkpeKUyRhYiUKJYW5yJMoL2eK44Sxh
QPyzRWjQhAMx96kwmftL/hc20r3rC0vH8GgzYQYbQMgLsCZ3Dvg=
=7sba
-----END PGP SIGNATURE-----