- ------------------------------------------------------------------------- Debian LTS Advisory DLA-2622-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb April 09, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : python-django Version : 1:1.10.7-2+deb9u12 CVE ID : CVE-2021-28658 Debian Bug : #986447 It was discovered that there was a potential directory traversal issue in Django, a Python-based web development framework. The vulnerability could have been exploited by maliciously crafted filenames. However, the upload handlers built into Django itself were not affected. For Debian 9 "Stretch", this problem has been fixed in version 1:1.10.7-2+deb9u12. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Debian LTS: DLA-2622-1: python-django security update
April 9, 2021
It was discovered that there was a potential directory traversal issue in Django, a Python-based web development framework
Summary
It was discovered that there was a potential directory traversal issue in Django, a Python-based web development framework. The vulnerability could have been exploited by maliciously crafted filenames. However, the upload handlers built into Django itself were not affected. For Debian 9 "Stretch", this problem has been fixed in version 1:1.10.7-2+deb9u12. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Debian LTS Advisory DLA-2622-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb April 09, 2021 https://wiki.debian.org/LTS Version : 1:1.10.7-2+deb9u12
Severity
Package : python-django
CVE ID : CVE-2021-28658
Debian Bug : #986447
News
HOWTOs
Features
Secure Linux Hosting for Businesses
What Is Threat Intelligence?
CloudLinux Simplifies & Enhances Linux Security with its TuxCare Unified Enterprise Support Services
LinuxSecurity, Leading Provider of Linux Security News and Information, Unveils its New Website
Biden's New Executive Cybersecurity Order Highlights the Power of Open-Source Security
About Us
Powered By
