Fedora 39: FEDORA-2023-b68bd9e8f5 Critical: python-flask Denial of Service
fedora
November 3, 2023
Security fix for CVE-2023-41164 and CVE-2023-43665
Summary
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.
Update Information:
Security fix for CVE-2023-41164 and CVE-2023-43665
Topics Covered
Change Log
* Fri Oct 13 2023 Michel Lind
References
[ 1 ] Bug #2228196 - python-django-4.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2228196
[ 2 ] Bug #2237870 - CVE-2023-41164 python-django: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()`` [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2237870
[ 3 ] Bug #2242182 - CVE-2023-43665 python-django: Denial-of-service possibility in django.utils.text.Truncator [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2242182
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-a67af7d8f4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: python-django
Product: Fedora 39
Version: 4.2.6
Release: 1.fc39
Summary: A high-level Python Web framework
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!