python-django 2:2.2.24-1ubuntu1.4 source package in Ubuntu
Changelog
python-django (2:2.2.24-1ubuntu1.4) impish-security; urgency=medium
* SECURITY UPDATE: Potential SQL injection in QuerySet.annotate(),
aggregate(), and extra()
- debian/patches/CVE-2022-28346.patch: prevent SQL injection in column
aliases in django/db/models/sql/query.py, tests/aggregation/tests.py,
tests/annotations/tests.py, tests/queries/tests.py,
tests/expressions/test_queryset_values.py.
- CVE-2022-28346
* SECURITY UPDATE: Potential SQL injection via
QuerySet.explain(**options) on PostgreSQL
- debian/patches/CVE-2022-28347.patch: prevent SQL injection in
django/db/backends/postgresql/features.py,
django/db/backends/postgresql/operations.py,
django/db/models/sql/query.py, tests/queries/test_explain.py.
- CVE-2022-28347
-- Marc Deslauriers <email address hidden> Tue, 05 Apr 2022 12:28:21 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Impish
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_2.2.24.orig.tar.gz | 8.8 MiB | 3339ff0e03dee13045aef6ae7b523edff75b6d726adf7a7a48f53d5a501f7db7 |
| python-django_2.2.24-1ubuntu1.4.debian.tar.xz | 38.2 KiB | 4aaba57c7adc7130f28720c964fdbc79733116ac4cc7a046bf12680507ca02e5 |
| python-django_2.2.24-1ubuntu1.4.dsc | 2.8 KiB | 28224fbde9d2aab964be975d0f6917d9415563f0334bca63eae83c5e35d52cf0 |
Available diffs
Binary packages built by this source
- python-django-doc: No summary available for python-django-doc in ubuntu impish.
No description available for python-django-doc in ubuntu impish.
- python3-django: No summary available for python3-django in ubuntu impish.
No description available for python3-django in ubuntu impish.
