Fedora 38: python-django3 2023-a74513bda8 | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-a74513bda8
2023-03-11 03:04:11.187367
--------------------------------------------------------------------------------

Name        : python-django3
Product     : Fedora 38
Version     : 3.2.18
Release     : 1.fc38
URL         : https://www.djangoproject.com/
Summary     : A high-level Python Web framework
Description :
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.

--------------------------------------------------------------------------------
Update Information:

Security fixes for CVE-2022-24580 and CVE-2023-41323
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 24 2023 Michel Alexandre Salim  - 3.2.18-1
- Update to 3.2.18
- convert to SPDX license identifier
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2136134 - CVE-2022-41323 python-django3: python-django: Potential denial-of-service vulnerability in internationalized URLs [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2136134
  [ 2 ] Bug #2136137 - CVE-2022-41323 python-django3: python-django: Potential denial-of-service vulnerability in internationalized URLs [fedora-36]
        https://bugzilla.redhat.com/show_bug.cgi?id=2136137
  [ 3 ] Bug #2169742 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2169742
  [ 4 ] Bug #2169744 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [fedora-36]
        https://bugzilla.redhat.com/show_bug.cgi?id=2169744
  [ 5 ] Bug #2169746 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2169746
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-a74513bda8' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 38: python-django3 2023-a74513bda8

March 11, 2023
Security fixes for CVE-2022-24580 and CVE-2023-41323

Summary

Django is a high-level Python Web framework that encourages rapid

development and a clean, pragmatic design. It focuses on automating as

much as possible and adhering to the DRY (Don't Repeat Yourself)

principle.

Update Information:

Security fixes for CVE-2022-24580 and CVE-2023-41323

Change Log

* Fri Feb 24 2023 Michel Alexandre Salim - 3.2.18-1 - Update to 3.2.18 - convert to SPDX license identifier

References

[ 1 ] Bug #2136134 - CVE-2022-41323 python-django3: python-django: Potential denial-of-service vulnerability in internationalized URLs [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2136134 [ 2 ] Bug #2136137 - CVE-2022-41323 python-django3: python-django: Potential denial-of-service vulnerability in internationalized URLs [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2136137 [ 3 ] Bug #2169742 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2169742 [ 4 ] Bug #2169744 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2169744 [ 5 ] Bug #2169746 - CVE-2023-24580 python-django3: python-django: Potential denial-of-service vulnerability in file uploads [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2169746

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-a74513bda8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : python-django3
Product : Fedora 38
Version : 3.2.18
Release : 1.fc38
URL : https://www.djangoproject.com/
Summary : A high-level Python Web framework

Related News

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

Microsoft Opens Azure Confidential Containers to Public Preview

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy