UbuntuUpdates.org

Package "python-django"

Name: python-django

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • High-level Python web development framework (documentation)
  • High-level Python web development framework

Latest version: 2:3.2.12-2ubuntu1.2
Release: jammy (22.04)
Level: updates
Repository: main

Links



Other versions of "python-django" in Jammy

Repository Area Version
base main 2:3.2.12-2ubuntu1
security main 2:3.2.12-2ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:3.2.12-2ubuntu1.2 2022-08-04 19:07:55 UTC

  python-django (2:3.2.12-2ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Potential reflected file download
    - debian/patches/CVE-2022-36359.patch: escaped filename in
      Content-Disposition header in django/http/response.py,
      tests/responses/test_fileresponse.py.
    - CVE-2022-36359

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 27 Jul 2022 11:12:17 -0300

Source diff to previous version
CVE-2022-36359 An issue was discovered in the HTTP FileResponse class in Django 3.2 b ...

Version: 2:3.2.12-2ubuntu1.1 2022-07-05 21:46:34 UTC

  python-django (2:3.2.12-2ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Potential SQL invjection
    - debian/patches/CVE-2022-34265.patch: protected
      trunc/extract against SQL injection in
      django/db/backends/base/operations.py,
      django/db/models/functions/datetime.py.
    - CVE-2022-34265

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 29 Jun 2022 09:29:53 -0300

CVE-2022-34265 An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0 ...



About   -   Send Feedback to @ubuntu_updates