Package "python3-django"

Name:	python3-django
Description:	High-level Python web development framework
Latest version:	3:5.2.4-1ubuntu2.2
Release:	questing (25.10)
Level:	updates
Repository:	main
Head package:	python-django
Homepage:	http://www.djangoproject.com/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "python3-django"

All arch deb package

APT INSTALL

Other versions of "python3-django" in Questing

Repository	Area	Version
base	main	3:5.2.4-1ubuntu2
security	main	3:5.2.4-1ubuntu2.2

Changelog

Version: 3:5.2.4-1ubuntu2.2 2025-12-03 00:07:15 UTC

python-django (3:5.2.4-1ubuntu2.2) questing-security; urgency=medium * SECURITY UPDATE: SQL injection in FilteredRelation column aliases on PostgreSQL - debian/patches/CVE-2025-13372.patch: protect FilteredRelation against SQL injection in column aliases in django/db/backends/postgresql/compiler.py, tests/annotations/tests.py. - CVE-2025-13372 * SECURITY UPDATE: DoS vulnerability in XML serializer text extraction - debian/patches/CVE-2025-64460.patch: corrected quadratic inner text accumulation in XML serializer in django/core/serializers/xml_serializer.py, docs/topics/serialization.txt, tests/serializers/test_deserialization.py. - CVE-2025-64460 -- Marc Deslauriers <email address hidden> Wed, 26 Nov 2025 11:25:51 -0500

Source diff to previous version

CVE-2025-13372	An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4. ...
CVE-2025-64460	An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4. ...

Version: 3:5.2.4-1ubuntu2.1 2025-11-05 22:07:01 UTC

Version: 3:5.2.4-1ubuntu2.1	2025-11-05 22:07:01 UTC
python-django (3:5.2.4-1ubuntu2.1) questing-security; urgency=medium * SECURITY UPDATE: Potential SQL injection in QuerySet and Q objects - debian/patches/CVE-2025-62769-1.patch: Add connects and checks for them in django/db/models/query_utils.py. - debian/patches/CVE-2025-62769-2.patch: Add PROHIBITED_FILTER_KWARGS and check for them in django/db/models/query.py. - CVE-2025-62769 -- Hlib Korzhynskyy <email address hidden> Thu, 30 Oct 2025 10:37:09 -0230

python-django (3:5.2.4-1ubuntu2.1) questing-security; urgency=medium * SECURITY UPDATE: Potential SQL injection in QuerySet and Q objects - debian/patches/CVE-2025-62769-1.patch: Add connects and checks for them in django/db/models/query_utils.py. - debian/patches/CVE-2025-62769-2.patch: Add PROHIBITED_FILTER_KWARGS and check for them in django/db/models/query.py. - CVE-2025-62769 -- Hlib Korzhynskyy <email address hidden> Thu, 30 Oct 2025 10:37:09 -0230

About - Send Feedback to @ubuntu_updates

Package "python3-django"

Links

Download "python3-django"

Other versions of "python3-django" in Questing

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates