python-django 2:2.2.12-1ubuntu0.7 source package in Ubuntu
Changelog
python-django (2:2.2.12-1ubuntu0.7) focal-security; urgency=medium * SECURITY UPDATE: header injection in URLValidator with Python 3.9.5+ - debian/patches/CVE-2021-32052.patch: prevent newlines and tabs from being accepted in URLValidator in django/core/validators.py, tests/validators/tests.py. - CVE-2021-32052 * SECURITY UPDATE: potential directory traversal via admindocs - debian/patches/CVE-2021-33203.patch: use safe_join in django/contrib/admindocs/views.py, tests/admin_docs/test_views.py. - CVE-2021-33203 * SECURITY UPDATE: possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses - debian/patches/CVE-2021-33571.patch: prevent leading zeros in IPv4 addresses in django/core/validators.py, tests/validators/invalid_urls.txt, tests/validators/tests.py, tests/validators/valid_urls.txt. - CVE-2021-33571 -- Marc Deslauriers <email address hidden> Wed, 26 May 2021 08:58:41 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-django_2.2.12.orig.tar.gz | 8.5 MiB | 69897097095f336d5aeef45b4103dceae51c00afa6d3ae198a2a18e519791b7a |
python-django_2.2.12-1ubuntu0.7.debian.tar.xz | 42.7 KiB | fa58eaa01fcaba9f4e23d89c236e9bad28edac7077cd3e636256c3e07b9bbf60 |
python-django_2.2.12-1ubuntu0.7.dsc | 2.8 KiB | a7ac77d4474d22fbdb166ac558150d6e150496095a644fd485fc8bfc7d8e77b8 |
Available diffs
Binary packages built by this source
- python-django-doc: High-level Python web development framework (documentation)
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
This package contains the HTML documentation and example projects.
- python3-django: High-level Python web development framework
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
Notable features include:
* An object-relational mapper (ORM)
* Automatic admin interface
* Elegant URL dispatcher
* Form serialization and validation system
* Templating system
* Lightweight, standalone web server for development and testing
* Internationalization support
* Testing framework and client