Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 41: python-django 4.2.16 Moderate: URL Denial-of-Service Attack

fedora
Calendar Grey September 13, 2024
Dist Fedora Esm H88
The recent security patch implemented by Fedora for Django addresses critical weaknesses in URL processing, which could potentially lead to denial-of-service attacks.
urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.

Summary

Django is a high-level Python Web framework that encourages rapid

development and a clean, pragmatic design. It focuses on automating as

much as possible and adhering to the DRY (Don't Repeat Yourself)

principle.

Update Information:

urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.

Topics%20covered

Topics Covered

security advisory Fedora update information attack denial-of-service python-django

Change Log

* Wed Sep 4 2024 Michel Lind - 4.2.16-1 - Update to version 4.2.16 - Fixes: CVE-2024-45230, RHBZ#2309747

References


[ 1 ] Bug #2309747 - CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() https://bugzilla.redhat.com/show_bug.cgi?id=2309747

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b08735561c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: python-django4.2
Product: Fedora 41
Version: 4.2.16
Release: 1.fc41
URL: https://www.djangoproject.com/
Summary: A high-level Python Web framework

Topics%20covered

Topics Covered

security advisory Fedora update information attack denial-of-service python-django

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here