openSUSE: 2023:0178-1 moderate: python-Django
Description
This update for python-Django fixes the following issues: - CVE-2023-36053: Fixed potential regular expression denial of service vulnerability in EmailValidator/URLValidator (boo#1212742) - CVE-2023-24580: Fixed potential denial-of-service vulnerability in file uploads (boo#1208082) - CVE-2023-23969: Fixed potential denial-of-service via Accept-Language headers (boo#1207565) - CVE-2022-41323: Fixed potential denial-of-service vulnerability in internationalized URLs (boo#1203793)
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2023-178=1
Package List
References
https://www.suse.com/security/cve/CVE-2022-41323.html https://www.suse.com/security/cve/CVE-2023-23969.html https://www.suse.com/security/cve/CVE-2023-24580.html https://www.suse.com/security/cve/CVE-2023-36053.html https://bugzilla.suse.com/1203793 https://bugzilla.suse.com/1207565 https://bugzilla.suse.com/1208082 https://bugzilla.suse.com/1212742