python-django 2:2.2.16-1ubuntu0.4 source package in Ubuntu
Changelog
python-django (2:2.2.16-1ubuntu0.4) groovy-security; urgency=medium
* SECURITY UPDATE: Potential directory-traversal via uploaded files
- debian/patches/CVE-2021-31542.patch: tighten path & file name
sanitation in file uploads in django/core/files/storage.py,
django/core/files/uploadedfile.py, django/core/files/utils.py,
django/db/models/fields/files.py, django/http/multipartparser.py,
django/utils/text.py, tests/file_storage/test_generate_filename.py,
tests/file_uploads/tests.py, tests/utils_tests/test_text.py,
tests/forms_tests/field_tests/test_filefield.py.
- CVE-2021-31542
-- Marc Deslauriers <email address hidden> Wed, 28 Apr 2021 06:39:14 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Groovy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_2.2.16.orig.tar.gz | 8.5 MiB | 62cf45e5ee425c52e411c0742e641a6588b7e8af0d2c274a27940931b2786594 |
| python-django_2.2.16-1ubuntu0.4.debian.tar.xz | 34.2 KiB | 686e3053e405798b4ff68a000acb68bec2cfee37835524e642686f70fcbb008e |
| python-django_2.2.16-1ubuntu0.4.dsc | 2.8 KiB | fbb8138598371c9d5bea818b293509c0dfee72df05a19240520575f19e3ff8b0 |
Available diffs
Binary packages built by this source
- python-django-doc: No summary available for python-django-doc in ubuntu groovy.
No description available for python-django-doc in ubuntu groovy.
- python3-django: No summary available for python3-django in ubuntu groovy.
No description available for python3-django in ubuntu groovy.
