python-django 3:4.2.4-1ubuntu2.3 source package in Ubuntu
Changelog
python-django (3:4.2.4-1ubuntu2.3) mantic-security; urgency=medium
* SECURITY UPDATE: DoS in django.utils.html.urlize()
- debian/patches/CVE-2024-38875.patch: mitigated potential DoS in
urlize and urlizetrunc template filters in django/utils/html.py,
tests/utils_tests/test_html.py.
- CVE-2024-38875
* SECURITY UPDATE: username enumeration via timing issue
- debian/patches/CVE-2024-39329.patch: standarized timing of
verify_password() when checking unusable passwords in
django/contrib/auth/hashers.py, tests/auth_tests/test_hashers.py.
- CVE-2024-39329
* SECURITY UPDATE: directory-traversal via Storage.save()
- debian/patches/CVE-2024-39330.patch: added extra file name validation
in Storage's save method in django/core/files/storage/base.py,
django/core/files/utils.py, tests/file_storage/test_base.py,
tests/file_storage/tests.py, tests/file_uploads/tests.py.
- CVE-2024-39330
* SECURITY UPDATE: DoS in get_supported_language_variant()
- debian/patches/CVE-2024-39614.patch: mitigated potential DoS in
django/utils/translation/trans_real.py, docs/ref/utils.txt,
tests/i18n/tests.py.
- CVE-2024-39614
-- Marc Deslauriers <email address hidden> Fri, 05 Jul 2024 07:32:29 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Mantic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Mantic | updates | main | python | |
| Mantic | security | main | python |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_4.2.4.orig.tar.gz | 9.9 MiB | 7e4225ec065e0f354ccf7349a22d209de09cc1c074832be9eb84c51c1799c432 |
| python-django_4.2.4-1ubuntu2.3.debian.tar.xz | 40.4 KiB | 7e04afced26d08ccbee5a2756cd82c8e3e77d1107cc62ade72b4b85ce657a5da |
| python-django_4.2.4-1ubuntu2.3.dsc | 2.8 KiB | d133ccec130b38536c81ea485b220f1a106e281cfa304089f04341777c751318 |
Available diffs
Binary packages built by this source
- python-django-doc: High-level Python web development framework (documentation)
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
This package contains the HTML documentation and example projects.
- python3-django: High-level Python web development framework
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
Notable features include:
* An object-relational mapper (ORM)
* Automatic admin interface
* Elegant URL dispatcher
* Form serialization and validation system
* Templating system
* Lightweight, standalone web server for development and testing
* Internationalization support
* Testing framework and client
