python-django 2:2.2.20-1ubuntu0.4 source package in Ubuntu
Changelog
python-django (2:2.2.20-1ubuntu0.4) hirsute-security; urgency=medium * SECURITY UPDATE: Denial-of-service possibility in UserAtributeSimilarityValidator - debian/patches/CVE-2021-45115.patch: prevent DoS in django/contrib/auth/password_validation.py, docs/topics/auth/passwords.txt, tests/auth_tests/test_validators.py. - CVE-2021-45115 * SECURITY UPDATE: Potential information disclosure in dictsort template filter - debian/patches/CVE-2021-45116.patch: properly handle private variables in django/template/defaultfilters.py, docs/ref/templates/builtins.txt, tests/template_tests/filter_tests/test_dictsort.py, tests/template_tests/filter_tests/test_dictsortreversed.py. - CVE-2021-45116 * SECURITY UPDATE: Potential directory-traversal via Storage.save() - debian/patches/CVE-2021-31542-2.patch: fix regression caused by fix for CVE-2021-31542, and add allow_relative_path parameter to validate_file_name(), required by the following patch. - debian/patches/CVE-2021-45452.patch: fix path traversal in django/core/files/storage.py, tests/file_storage/test_generate_filename.py, tests/file_storage/tests.py. - CVE-2021-45452 -- Marc Deslauriers <email address hidden> Tue, 04 Jan 2022 07:29:07 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Hirsute
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-django_2.2.20.orig.tar.gz | 8.8 MiB | 2569f9dc5f8e458a5e988b03d6b7a02bda59b006d6782f4ea0fd590ed7336a64 |
python-django_2.2.20-1ubuntu0.4.debian.tar.xz | 39.1 KiB | 581fac9a17fe62990926704e35a0d09dc2056e0e021ed85b8f8a7e745ccd4e32 |
python-django_2.2.20-1ubuntu0.4.dsc | 2.8 KiB | 66304b33ba2e82ec991ab4f8a04c2fdf50eebafb26a4fb620bb4147208894080 |
Available diffs
Binary packages built by this source
- python-django-doc: No summary available for python-django-doc in ubuntu hirsute.
No description available for python-django-doc in ubuntu hirsute.
- python3-django: No summary available for python3-django in ubuntu hirsute.
No description available for python3-django in ubuntu hirsute.