Source: python-django Severity: normal Dear Maintainer,
The python-django Debian package - stable-sec - is CVE-2017-12794 vulnerable. Probably because stable-bpo offers 1:1.11.10-1. But version 1:1.11.11-1 also has a security fix - CVE-2018-7536. And version 1:1.11.14-1 is on testing since 2018-07-05. Fifteen days. Can version 1:1.11.14-1 be part of backports? I volunteer if necessary. Regards, Herbert -- System Information: Debian Release: 9.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-7-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)