1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5465-1] python-django security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Aug 3 22:50:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5465-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 03, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : python-django
    CVE ID : CVE-2023-36053

    Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result
    in denial of service.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 2:2.2.28-1~deb11u2. This update also addresses CVE-2023-23969, CVE-2023-31047 and CVE-2023-24580.

    For the stable distribution (bookworm), this problem has been fixed in
    version 3:3.2.19-1+deb12u1.

    We recommend that you upgrade your python-django packages.

    For the detailed security status of python-django please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/python-django

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTMEXoACgkQEMKTtsN8 TjYgbA//QyvH70qUWpZtGBT19rQ8JQdcHCdh/FqlsosbYFwKwc+jZNfqyZWr45oM VKQvi8vggxPGXs9LfQb1LhWxsBzhNzCrvN24z7vSqWNensHVBA3NNaGkSDASsIXF Z/LvO0bMjdk0QQ5774CjhoixTBx5SmYy/oapTNeHrZv8geF+E5ga3+r2/lDLNZEf IFFMkfJRhoXuKS/cKKtfDnz37YDr0a8tAXDb/RbGvfu4igjDLWCMnq2aOmx2UaS2 euvOlWknhv0r72Skp8ipLx5ykcEJ4WmD3LuNZbXZQNqbsYO9FX2yoXGJqwnuLvTH g/JCnYwrkUEDTcBAY8pbQ/MRM4yIYRxqEnQEyV8HIouajLgFKDtCJCG7Rii/axav cnBiNqgnp8Vg6/F0jKjJOEe4lnVl7xufAQcLTs2aUk9B2WlqKEpAF2xgPc1SdPXe tdXy57N2R20Ft3jOS/s2V5YaButrGB0bKa7ktkpSez6Cr9FpNGSSP9G6sjoggRFc DSwHR9FIsX68cHE9DsCVE5J1PLAbJwqQiGl7s1ViDf1Ab4mMmdShPMOWB4mX57wx TcoAdxts6wgjotNwjEwOPEhYOSSAwxjGgeTvs3La4+nrjpFcq7Hg2Ot/FNBq0WsD st/oPfeZ/Lt/teUT36m5crWOovRMAAXKMSpg/KQ8L9b3HDrlwUE=
    =ozYQ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)