Package "python-django"
| Name: |
python-django
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- High-level Python web development framework (documentation)
- High-level Python web development framework
|
| Latest version: |
3:4.2.11-1ubuntu1.6 |
| Release: |
noble (24.04) |
| Level: |
security |
| Repository: |
main |
Links
Other versions of "python-django" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
|
python-django (3:4.2.11-1ubuntu1.1) noble-security; urgency=medium
* SECURITY UPDATE: DoS in django.utils.html.urlize()
- debian/patches/CVE-2024-38875.patch: mitigated potential DoS in
urlize and urlizetrunc template filters in django/utils/html.py,
tests/utils_tests/test_html.py.
- CVE-2024-38875
* SECURITY UPDATE: username enumeration via timing issue
- debian/patches/CVE-2024-39329.patch: standarized timing of
verify_password() when checking unusable passwords in
django/contrib/auth/hashers.py, tests/auth_tests/test_hashers.py.
- CVE-2024-39329
* SECURITY UPDATE: directory-traversal via Storage.save()
- debian/patches/CVE-2024-39330.patch: added extra file name validation
in Storage's save method in django/core/files/storage/base.py,
django/core/files/utils.py, tests/file_storage/test_base.py,
tests/file_storage/tests.py, tests/file_uploads/tests.py.
- CVE-2024-39330
* SECURITY UPDATE: DoS in get_supported_language_variant()
- debian/patches/CVE-2024-39614.patch: mitigated potential DoS in
django/utils/translation/trans_real.py, docs/ref/utils.txt,
tests/i18n/tests.py.
- CVE-2024-39614
-- Marc Deslauriers <email address hidden> Fri, 05 Jul 2024 07:24:17 -0400
|
About
-
Send Feedback to @ubuntu_updates
