[ubuntu/focal-updates] python-django 2:2.2.12-1ubuntu0.24 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Aug 6 18:28:51 UTC 2024
python-django (2:2.2.12-1ubuntu0.24) focal-security; urgency=medium
* SECURITY UPDATE: Memory exhaustion issue
- debian/patches/CVE-2024-41989.patch: prevent excessive memory
consumption in floatformat in django/template/defaultfilters.py,
tests/template_tests/filter_tests/test_floatformat.py.
- CVE-2024-41989
* SECURITY UPDATE: DoS vulnerability in django.utils.html.urlize()
- debian/patches/CVE-2024-41990.patch: mitigate potential DoS in urlize
and urlizetrunc template filters in django/utils/html.py,
tests/utils_tests/test_html.py.
- CVE-2024-41990
* SECURITY UPDATE: DoS vulnerability in django.utils.html.urlize() and
AdminURLFieldWidget
- debian/patches/CVE-2024-41991.patch: prevented potential ReDoS
in django/contrib/admin/widgets.py, django/utils/html.py,
tests/admin_widgets/tests.py, tests/utils_tests/test_html.py.
- CVE-2024-41991
Date: 2024-07-31 15:17:17.749666+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/python-django/2:2.2.12-1ubuntu0.24
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list