Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 3890-1 Moderate: Django Resource Consumption Risk

Calendar Feb 13, 2019 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu resource consumption python-django
Django could be made to consume resources if it received specially crafted network traffic. 
=========================================================================Ubuntu Security Notice USN-3890-1
February 13, 2019

python-django vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Django could be made to consume resources if it received specially crafted
network traffic.

Software Description:
- python-django: High-level Python web development framework

Details:

It was discovered that Django incorrectly handled formatting certain
numbers. A remote attacker could possibly use this issue to cause Django to
consume resources, leading to a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  python-django                   1:1.11.15-1ubuntu1.2
  python3-django                  1:1.11.15-1ubuntu1.2

Ubuntu 18.04 LTS:
  python-django                   1:1.11.11-1ubuntu1.3
  python3-django                  1:1.11.11-1ubuntu1.3

Ubuntu 16.04 LTS:
  python-django                   1.8.7-1ubuntu5.8
  python3-django                  1.8.7-1ubuntu5.8

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3890-1
  CVE-2019-6975

Package Information:
  https://launchpad.net/ubuntu/+source/python-django/1:1.11.15-1ubuntu1.2
  https://launchpad.net/ubuntu/+source/python-django/1:1.11.11-1ubuntu1.3
  https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.8

Ubuntu 3890-1 Moderate: Django Resource Consumption Risk

ubuntu
Calendar Grey February 13, 2019
Dist Ubuntu Esm H88
=========================================================================Ubuntu Security Notice USN-
Django could be made to consume resources if it received specially crafted network traffic.

Summary

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu resource consumption python-django

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: python-django 1:1.11.15-1ubuntu1.2 python3-django 1:1.11.15-1ubuntu1.2 Ubuntu 18.04 LTS: python-django 1:1.11.11-1ubuntu1.3 python3-django 1:1.11.11-1ubuntu1.3 Ubuntu 16.04 LTS: python-django 1.8.7-1ubuntu5.8 python3-django 1.8.7-1ubuntu5.8 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3890-1

CVE-2019-6975

February 13, 2019

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu resource consumption python-django

Package Information

https://launchpad.net/ubuntu/+source/python-django/1:1.11.15-1ubuntu1.2 https://launchpad.net/ubuntu/+source/python-django/1:1.11.11-1ubuntu1.3 https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.8

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here