Ubuntu
python-django package

python-django 2:2.2.24-1ubuntu1.2 source package in Ubuntu

Changelog

python-django (2:2.2.24-1ubuntu1.2) impish-security; urgency=medium

  * SECURITY UPDATE: Denial-of-service possibility in
    UserAtributeSimilarityValidator
    - debian/patches/CVE-2021-45115.patch: prevent DoS in
      django/contrib/auth/password_validation.py,
      docs/topics/auth/passwords.txt, tests/auth_tests/test_validators.py.
    - CVE-2021-45115
  * SECURITY UPDATE: Potential information disclosure in dictsort template
    filter
    - debian/patches/CVE-2021-45116.patch: properly handle private
      variables in django/template/defaultfilters.py,
      docs/ref/templates/builtins.txt,
      tests/template_tests/filter_tests/test_dictsort.py,
      tests/template_tests/filter_tests/test_dictsortreversed.py.
    - CVE-2021-45116
  * SECURITY UPDATE: Potential directory-traversal via Storage.save()
    - debian/patches/CVE-2021-45452.patch: fix path traversal in
      django/core/files/storage.py,
      tests/file_storage/test_generate_filename.py,
      tests/file_storage/tests.py.
    - CVE-2021-45452

 -- Marc Deslauriers <email address hidden>  Tue, 04 Jan 2022 07:15:17 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Impish
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Impish: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-django_2.2.24.orig.tar.gz 8.8 MiB 3339ff0e03dee13045aef6ae7b523edff75b6d726adf7a7a48f53d5a501f7db7
python-django_2.2.24-1ubuntu1.2.debian.tar.xz 32.5 KiB a8b1393b3e878b9c004febaa86aef575cfd9485e2ac2971ae9b835756fdd19a1
python-django_2.2.24-1ubuntu1.2.dsc 2.8 KiB d2c0aa1335d3487b47ef4756a20fa0513e3f40e2b1b6f8728a81e14bd44addc9

View changes file

Binary packages built by this source

python-django-doc: No summary available for python-django-doc in ubuntu impish.

No description available for python-django-doc in ubuntu impish.

python3-django: No summary available for python3-django in ubuntu impish.

No description available for python3-django in ubuntu impish.