python-django 1:1.11.22-1ubuntu1 source package in Ubuntu
Changelog
python-django (1:1.11.22-1ubuntu1) eoan; urgency=medium
* SECURITY UPDATE: Denial-of-service possibility in
django.utils.text.Truncator
- debian/patches/CVE-2019-14232.patch: adjusted regex to avoid
backtracking issues when truncating HTML in django/utils/text.py,
tests/template_tests/filter_tests/test_truncatewords_html.py,
tests/utils_tests/test_text.py.
- CVE-2019-14232
* SECURITY UPDATE: Denial-of-service possibility in strip_tags()
- debian/patches/CVE-2019-14233.patch: prevented excessive HTMLParser
recursion in strip_tags() when handling incomplete HTML entities in
django/utils/html.py, tests/utils_tests/test_html.py.
- CVE-2019-14233
* SECURITY UPDATE: SQL injection possibility in key and index lookups for
JSONField/HStoreField
- debian/patches/CVE-2019-14234.patch: protected JSONField/HStoreField
key and index lookups against SQL injection in
django/contrib/postgres/fields/hstore.py,
django/contrib/postgres/fields/jsonb.py,
tests/postgres_tests/test_hstore.py,
tests/postgres_tests/test_json.py.
- CVE-2019-14234
* SECURITY UPDATE: Potential memory exhaustion in
django.utils.encoding.uri_to_iri()
- debian/patches/CVE-2019-14235.patch: fixed potential memory
exhaustion in django.utils.encoding.uri_to_iri() in
django/utils/encoding.py, tests/utils_tests/test_encoding.py.
- CVE-2019-14235
-- Marc Deslauriers <email address hidden> Thu, 19 Sep 2019 16:21:15 +0200
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_1.11.22.orig.tar.gz | 7.6 MiB | 830d5d40a1705089502bba70605ab3246831440ffc16d1501dfeeef5f4b9c845 |
| python-django_1.11.22-1ubuntu1.debian.tar.xz | 30.1 KiB | db34e8491389cf87135eb361999ceb0ea8476987621cb4407f20fbb6b8a28f92 |
| python-django_1.11.22-1ubuntu1.dsc | 3.3 KiB | 3286a3b8edd149daf46f90388138d0666b7fdba7edaf3643a05d8b47d053b40c |
Available diffs
Binary packages built by this source
- python-django: No summary available for python-django in ubuntu focal.
No description available for python-django in ubuntu focal.
- python-django-common: No summary available for python-django-common in ubuntu eoan.
No description available for python-
django- common in ubuntu eoan.
- python-django-doc: High-level Python web development framework (documentation)
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
This package contains the HTML documentation and example projects.
- python3-django: High-level Python web development framework
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
Notable features include:
* An object-relational mapper (ORM)
* Automatic admin interface
* Elegant URL dispatcher
* Form serialization and validation system
* Templating system
* Lightweight, standalone web server for development and testing
* Internationalization support
* Testing framework and client
