Ubuntu 18.04, 16.04: USN-7136-2 critical: Django denial of service

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Django. Software Description: - python-django: High-level Python web development framework Details: USN-7136-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: jiangniao discovered that Django incorrectly handled the API to strip tags. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. (CVE-2024-53907) Seokchan Yoon discovered that Django incorrectly handled HasKey lookups when using Oracle. A remote attacker could possibly use this issue to inject arbitrary SQL code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2024-53908)