python-django 2:2.2.20-1ubuntu0.1 source package in Ubuntu
Changelog
python-django (2:2.2.20-1ubuntu0.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Potential directory-traversal via uploaded files
- debian/patches/CVE-2021-31542.patch: tighten path & file name
sanitation in file uploads in django/core/files/storage.py,
django/core/files/uploadedfile.py, django/core/files/utils.py,
django/db/models/fields/files.py, django/http/multipartparser.py,
django/utils/text.py, tests/file_storage/test_generate_filename.py,
tests/file_uploads/tests.py, tests/utils_tests/test_text.py,
tests/forms_tests/field_tests/test_filefield.py.
- CVE-2021-31542
-- Marc Deslauriers <email address hidden> Wed, 28 Apr 2021 06:36:37 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Hirsute
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_2.2.20.orig.tar.gz | 8.8 MiB | 2569f9dc5f8e458a5e988b03d6b7a02bda59b006d6782f4ea0fd590ed7336a64 |
| python-django_2.2.20-1ubuntu0.1.debian.tar.xz | 30.1 KiB | d8add42f75dc58694ad8bbef1e9249333f844ad758b24d534f48dea5a936b8d6 |
| python-django_2.2.20-1ubuntu0.1.dsc | 2.8 KiB | 1d46f87df1ddbefd5210de08d134f77edd46486cf3d45cc5f209c6c913d4239c |
Available diffs
Binary packages built by this source
- python-django-doc: No summary available for python-django-doc in ubuntu impish.
No description available for python-django-doc in ubuntu impish.
- python3-django: No summary available for python3-django in ubuntu impish.
No description available for python3-django in ubuntu impish.
