UbuntuUpdates.org

Package "sqlparse"

Name: sqlparse

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • documentation for non-validating SQL parser in Python
  • non-validating SQL parser for Python 3
Latest version: 0.4.2-1ubuntu0.22.04.2
Release: jammy (22.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "sqlparse" in Jammy

Repository Area Version
base main 0.4.2-1
base universe 0.4.2-1
security universe 0.4.2-1ubuntu0.22.04.2
updates universe 0.4.2-1ubuntu0.22.04.2
updates main 0.4.2-1ubuntu0.22.04.2
PPA: Postgresql 0.2.4-0.1~pgdg16.04+1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.4.2-1ubuntu0.22.04.2 2024-05-13 15:06:57 UTC

  sqlparse (0.4.2-1ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-4340.patch: raise SQLParseError instead
      of RecursionError in sqlparse/sql.py, tests/test_regressions.py.
    - CVE-2024-4340

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 May 2024 10:18:32 -0300
Source diff to previous version
CVE-2024-4340 Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.

Version: 0.4.2-1ubuntu0.22.04.1 2023-05-10 14:07:26 UTC

  sqlparse (0.4.2-1ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: ReDoS
    - debian/patches/CVE-2023-30608.patch: remove unnecessary parts
      in regex for bad escaping in sqlparse/keywords.py.
    - CVE-2023-30608

 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 04 May 2023 09:58:06 -0300


About   -   Send Feedback to @ubuntu_updates