Publishing details
-
Removed from disk
.
-
Removal requested
.
-
Superseded
by python-django - 1.8.7-1ubuntu5.14
-
Published
-
Copied from
ubuntu xenial in
Private PPA for Ubuntu Security Team
by Marc Deslauriers
Changelog
python-django (1.8.7-1ubuntu5.13) xenial-security; urgency=medium
* SECURITY UPDATE: Potential data leakage via malformed memcached keys
- debian/patches/CVE-2020-13254.patch: enforced cache key validation in
memcached backends in django/core/cache/__init__.py,
django/core/cache/backends/base.py,
django/core/cache/backends/memcached.py, tests/cache/tests.py.
- CVE-2020-13254
* SECURITY UPDATE: Possible XSS via admin ForeignKeyRawIdWidget
- debian/patches/CVE-2020-13596.patch: fixed potential XSS in admin
ForeignKeyRawIdWidget in django/contrib/admin/widgets.py.
- CVE-2020-13596
-- Marc Deslauriers <email address hidden> Thu, 28 May 2020 10:48:45 -0400
Builds
Package files