[ubuntu/oracular-proposed] python-django 3:4.2.15-1ubuntu1 (Accepted)

Leonidas Da Silva Barbosa leo.barbosa at canonical.com
Tue Sep 3 17:20:14 UTC 2024 

python-django (3:4.2.15-1ubuntu1) oracular; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-45230.patch: mitigate
      potential DoS in urlize and urlizetrunc template filters
      in django/utils/html.py,
      tests/template_tests/filter_tests/test_urlize.py,
      tests/utils_tests/test_html.py.
    - CVE-2024-45230
  * SECURITY UPDATE: User email enumeration
    - debian/patches/CVE-2024-45231.patch: avoid
      server error on password reset when email sending fails
      in django/contrib/auth/forms.py,
      tests/auth_tests/test_forms.py,
      tests/mail/custombackend.py.
    - CVE-2024-45231

Date: Tue, 27 Aug 2024 10:25:18 -0300
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Graham Inggs <graham.inggs+ubuntu at gmail.com>
https://launchpad.net/ubuntu/+source/python-django/3:4.2.15-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 27 Aug 2024 10:25:18 -0300
Source: python-django
Built-For-Profiles: noudeb
Architecture: source
Version: 3:4.2.15-1ubuntu1
Distribution: oracular
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Changes:
 python-django (3:4.2.15-1ubuntu1) oracular; urgency=medium
 .
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2024-45230.patch: mitigate
       potential DoS in urlize and urlizetrunc template filters
       in django/utils/html.py,
       tests/template_tests/filter_tests/test_urlize.py,
       tests/utils_tests/test_html.py.
     - CVE-2024-45230
   * SECURITY UPDATE: User email enumeration
     - debian/patches/CVE-2024-45231.patch: avoid
       server error on password reset when email sending fails
       in django/contrib/auth/forms.py,
       tests/auth_tests/test_forms.py,
       tests/mail/custombackend.py.
     - CVE-2024-45231
Checksums-Sha1:
 bae335474f1b08df727a951b756767604c5f8629 2871 python-django_4.2.15-1ubuntu1.dsc
 a0cfb34b65c1b40c8529a88691454297d9fa16cd 35716 python-django_4.2.15-1ubuntu1.debian.tar.xz
 7e90825f4eb8a41ca1acfaf0a0ce152caf848691 10843 python-django_4.2.15-1ubuntu1_source.buildinfo
Checksums-Sha256:
 6d286f2f491fb7b7eed2e8d6029038c8525f8b63d5c56131362da9ae315f86fc 2871 python-django_4.2.15-1ubuntu1.dsc
 8167f837c90e42fe87d0bd0ea9ec662be4361d026432489f1b11f6f870c8c230 35716 python-django_4.2.15-1ubuntu1.debian.tar.xz
 d65dd0623a5537c11ee136c465a0f16434c83c0b3d08d1795917786c252b570c 10843 python-django_4.2.15-1ubuntu1_source.buildinfo
Files:
 31016ed326c7fd3e7dbdf243bb2a5e57 2871 python optional python-django_4.2.15-1ubuntu1.dsc
 2b1ca096e0f73bd5029ea9071c72457f 35716 python optional python-django_4.2.15-1ubuntu1.debian.tar.xz
 4122d9572d030303b4f0269d47b210b3 10843 python optional python-django_4.2.15-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>

More information about the oracular-changes mailing list