python-django 3:5.0.3-1 source package in Debian
Changelog
python-django (3:5.0.3-1) experimental; urgency=medium
* New upstream security release:
- CVE-2024-27351: Fix a potential regular expression denial-of-service
(ReDoS) attack in django.utils.text.Truncator.words. This method
(with html=True) and the truncatewords_html template filter were subject
to a potential regular expression denial-of-service attack via a suitably
crafted string. This is, in part, a follow up to CVE-2019-14232 and
CVE-2023-43665.
<https://docs.djangoproject.com/en/dev/releases/5.0.3/>
-- Chris Lamb <email address hidden> Tue, 05 Mar 2024 12:37:11 +0000
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Experimental
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Experimental | release | main | python |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_5.0.3-1.dsc | 2.7 KiB | 804375eab56c9056ccbcfde2a4a0af2207c613caaabc89897bddbd5f0fbc633e |
| python-django_5.0.3.orig.tar.gz | 10.1 MiB | 5fb37580dcf4a262f9258c1f4373819aacca906431f505e4688e37f3a99195df |
| python-django_5.0.3-1.debian.tar.xz | 28.4 KiB | 73253b1c3cac8d95a2db651bcc95f9ff29d53c74b3ba5b5628d54c639d26400f |
No changes file available.
