Package "python-django"

Name:	python-django
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: High-level Python web development framework (documentation) High-level Python web development framework
Latest version:	2:2.2.12-1ubuntu0.29
Release:	focal (20.04)
Level:	updates
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "python-django" in Focal

Repository	Area	Version
base	main	2:2.2.12-1
security	main	2:2.2.12-1ubuntu0.29

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2:2.2.12-1ubuntu0.24 2024-08-06 22:07:06 UTC

Version: 2:2.2.12-1ubuntu0.24	2024-08-06 22:07:06 UTC
python-django (2:2.2.12-1ubuntu0.24) focal-security; urgency=medium * SECURITY UPDATE: Memory exhaustion issue - debian/patches/CVE-2024-41989.patch: prevent excessive memory consumption in floatformat in django/template/defaultfilters.py, tests/template_tests/filter_tests/test_floatformat.py. - CVE-2024-41989 * SECURITY UPDATE: DoS vulnerability in django.utils.html.urlize() - debian/patches/CVE-2024-41990.patch: mitigate potential DoS in urlize and urlizetrunc template filters in django/utils/html.py, tests/utils_tests/test_html.py. - CVE-2024-41990 * SECURITY UPDATE: DoS vulnerability in django.utils.html.urlize() and AdminURLFieldWidget - debian/patches/CVE-2024-41991.patch: prevented potential ReDoS in django/contrib/admin/widgets.py, django/utils/html.py, tests/admin_widgets/tests.py, tests/utils_tests/test_html.py. - CVE-2024-41991 -- Marc Deslauriers <email address hidden> Wed, 31 Jul 2024 07:22:41 -0400
Source diff to previous version

python-django (2:2.2.12-1ubuntu0.24) focal-security; urgency=medium * SECURITY UPDATE: Memory exhaustion issue - debian/patches/CVE-2024-41989.patch: prevent excessive memory consumption in floatformat in django/template/defaultfilters.py, tests/template_tests/filter_tests/test_floatformat.py. - CVE-2024-41989 * SECURITY UPDATE: DoS vulnerability in django.utils.html.urlize() - debian/patches/CVE-2024-41990.patch: mitigate potential DoS in urlize and urlizetrunc template filters in django/utils/html.py, tests/utils_tests/test_html.py. - CVE-2024-41990 * SECURITY UPDATE: DoS vulnerability in django.utils.html.urlize() and AdminURLFieldWidget - debian/patches/CVE-2024-41991.patch: prevented potential ReDoS in django/contrib/admin/widgets.py, django/utils/html.py, tests/admin_widgets/tests.py, tests/utils_tests/test_html.py. - CVE-2024-41991 -- Marc Deslauriers <email address hidden> Wed, 31 Jul 2024 07:22:41 -0400

Source diff to previous version

Version: 2:2.2.12-1ubuntu0.23 2024-07-09 22:07:12 UTC

Version: 2:2.2.12-1ubuntu0.23	2024-07-09 22:07:12 UTC
python-django (2:2.2.12-1ubuntu0.23) focal-security; urgency=medium * SECURITY UPDATE: DoS in django.utils.html.urlize() - debian/patches/CVE-2024-38875.patch: mitigated potential DoS in urlize and urlizetrunc template filters in django/utils/html.py, tests/utils_tests/test_html.py. - CVE-2024-38875 * SECURITY UPDATE: username enumeration via timing issue - debian/patches/CVE-2024-39329.patch: standarized timing of verify_password() when checking unusable passwords in django/contrib/auth/hashers.py, tests/auth_tests/test_hashers.py. - CVE-2024-39329 * SECURITY UPDATE: directory-traversal via Storage.save() - debian/patches/CVE-2024-39330.patch: added extra file name validation in Storage's save method in django/core/files/storage.py, django/core/files/utils.py, tests/file_storage/test_base.py, tests/file_storage/tests.py. - CVE-2024-39330 * SECURITY UPDATE: DoS in get_supported_language_variant() - debian/patches/CVE-2024-39614.patch: mitigated potential DoS in django/utils/translation/trans_real.py, docs/ref/utils.txt, tests/i18n/tests.py. - CVE-2024-39614 -- Marc Deslauriers <email address hidden> Fri, 05 Jul 2024 09:27:42 -0400
Source diff to previous version

python-django (2:2.2.12-1ubuntu0.23) focal-security; urgency=medium * SECURITY UPDATE: DoS in django.utils.html.urlize() - debian/patches/CVE-2024-38875.patch: mitigated potential DoS in urlize and urlizetrunc template filters in django/utils/html.py, tests/utils_tests/test_html.py. - CVE-2024-38875 * SECURITY UPDATE: username enumeration via timing issue - debian/patches/CVE-2024-39329.patch: standarized timing of verify_password() when checking unusable passwords in django/contrib/auth/hashers.py, tests/auth_tests/test_hashers.py. - CVE-2024-39329 * SECURITY UPDATE: directory-traversal via Storage.save() - debian/patches/CVE-2024-39330.patch: added extra file name validation in Storage's save method in django/core/files/storage.py, django/core/files/utils.py, tests/file_storage/test_base.py, tests/file_storage/tests.py. - CVE-2024-39330 * SECURITY UPDATE: DoS in get_supported_language_variant() - debian/patches/CVE-2024-39614.patch: mitigated potential DoS in django/utils/translation/trans_real.py, docs/ref/utils.txt, tests/i18n/tests.py. - CVE-2024-39614 -- Marc Deslauriers <email address hidden> Fri, 05 Jul 2024 09:27:42 -0400

Source diff to previous version

Version: 2:2.2.12-1ubuntu0.22	2024-03-04 20:06:59 UTC
`python-django (2:2.2.12-1ubuntu0.22) focal-security; urgency=medium * SECURITY UPDATE: regular expression denial-of-service - debian/patches/CVE-2024-27351.patch: prevented potential ReDoS in Truncator.words() in django/utils/text.py, tests/utils_tests/test_text.py. - CVE-2024-27351 -- Marc Deslauriers <email address hidden> Mon, 26 Feb 2024 12:03:03 -0500`
Source diff to previous version

Version: 2:2.2.12-1ubuntu0.21	2024-02-06 19:06:54 UTC
`python-django (2:2.2.12-1ubuntu0.21) focal-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2024-24680.patch: rewrite regex logic to avoid DoS in django/contrib/humanize/templatetags /humanize.py, tests/humanize_tests/tests.py. - CVE-2024-24680 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 30 Jan 2024 09:27:23 -0300`
Source diff to previous version

Version: 2:2.2.12-1ubuntu0.20 2023-10-04 19:09:18 UTC

python-django (2:2.2.12-1ubuntu0.20) focal-security; urgency=medium * SECURITY UPDATE: DoS possibility in django.utils.text.Truncator - debian/patches/CVE-2023-43665.patch: limit size of input strings in django/utils/text.py, tests/utils_tests/test_text.py. - CVE-2023-43665 -- Marc Deslauriers <email address hidden> Wed, 27 Sep 2023 13:37:46 -0400

CVE-2023-43665

Denial-of-service possibility in django.utils.text.Truncator

About - Send Feedback to @ubuntu_updates

Package "python-django"

Links

Other versions of "python-django" in Focal

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

security

proposed

PPA updates