UbuntuUpdates.org

Package "python-django"

Name: python-django

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • High-level Python web development framework (documentation)
  • High-level Python web development framework

Latest version: 2:3.2.12-2ubuntu1.14
Release: jammy (22.04)
Level: updates
Repository: main

Links



Other versions of "python-django" in Jammy

Repository Area Version
base main 2:3.2.12-2ubuntu1
security main 2:3.2.12-2ubuntu1.14

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:3.2.12-2ubuntu1.9 2023-10-04 19:09:20 UTC

  python-django (2:3.2.12-2ubuntu1.9) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS possibility in django.utils.text.Truncator
    - debian/patches/CVE-2023-43665.patch: limit size of input strings in
      django/utils/text.py, tests/utils_tests/test_text.py.
    - CVE-2023-43665

 -- Marc Deslauriers <email address hidden> Wed, 27 Sep 2023 13:36:26 -0400

Source diff to previous version
CVE-2023-43665 Denial-of-service possibility in django.utils.text.Truncator

Version: 2:3.2.12-2ubuntu1.8 2023-09-18 16:08:11 UTC

  python-django (2:3.2.12-2ubuntu1.8) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS in django.utils.encoding.uri_to_iri()
    - debian/patches/CVE-2023-41164.patch: properly handle large number of
      Unicode characters in django/utils/encoding.py,
      tests/utils_tests/test_encoding.py.
    - CVE-2023-41164

 -- Marc Deslauriers <email address hidden> Fri, 15 Sep 2023 08:51:14 -0400

Source diff to previous version

Version: 2:3.2.12-2ubuntu1.7 2023-07-05 15:07:06 UTC

  python-django (2:3.2.12-2ubuntu1.7) jammy-security; urgency=medium

  * SECURITY UPDATE: Potential ReDoS issues
    - debian/patches/CVE-2023-36053.patch: prevent potential ReDoS in
      EmailValidator and URLValidator in django/core/validators.py,
      django/forms/fields.py, docs/ref/forms/fields.txt,
      docs/ref/validators.txt,
      tests/forms_tests/field_tests/test_emailfield.py,
      tests/forms_tests/tests/test_forms.py, tests/validators/tests.py.
    - CVE-2023-36053

 -- Marc Deslauriers <email address hidden> Tue, 27 Jun 2023 09:24:13 -0400

Source diff to previous version
CVE-2023-36053 In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular express

Version: 2:3.2.12-2ubuntu1.6 2023-05-03 16:07:21 UTC

  python-django (2:3.2.12-2ubuntu1.6) jammy-security; urgency=medium

  * SECURITY UPDATE: Potential bypass of validation when uploading multiple
    files using one form field
    - debian/patches/CVE-2023-31047.patch: prevent uploading multiple files
      in django/forms/widgets.py, docs/topics/http/file-uploads.txt,
      tests/forms_tests/field_tests/test_filefield.py,
      tests/forms_tests/widget_tests/test_clearablefileinput.py,
      tests/forms_tests/widget_tests/test_fileinput.py.
    - CVE-2023-31047

 -- Marc Deslauriers <email address hidden> Wed, 26 Apr 2023 10:00:52 -0400

Source diff to previous version
CVE-2023-31047 RESERVED

Version: 2:3.2.12-2ubuntu1.5 2023-02-14 16:07:08 UTC

  python-django (2:3.2.12-2ubuntu1.5) jammy-security; urgency=medium

  * SECURITY UPDATE: Potential denial-of-service in file uploads
    - debian/patches/CVE-2023-24580.patch: add limits to
      django/conf/global_settings.py, django/core/exceptions.py,
      django/core/handlers/exception.py, django/http/multipartparser.py,
      django/http/request.py, docs/ref/exceptions.txt,
      docs/ref/settings.txt, tests/handlers/test_exception.py,
      tests/requests/test_data_upload_settings.py.
    - CVE-2023-24580

 -- Marc Deslauriers <email address hidden> Wed, 08 Feb 2023 08:56:44 -0500




About   -   Send Feedback to @ubuntu_updates