drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Django (Aktualisierung)
| Name: |
Denial of Service in Django (Aktualisierung) |
|
| ID: |
USN-6674-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 18.04 LTS (Available with Ubuntu Pro) |
|
| Datum: |
Di, 5. März 2024, 06:51 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351 |
|
| Applikationen: |
Django |
|
| Update von: |
Denial of Service in Django |
|
Originalnachricht |
--===============1761567984000766156==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="envbJBWh7q8WU6mo"
Content-Disposition: inline
--envbJBWh7q8WU6mo
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-6674-2
March 04, 2024
python-django vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
Summary:
Django could be made to consume resources or crash if it received specially
crafted network traffic.
Software Description:
- python-django: High-level Python web development framework
Details:
USN-6674-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
Seokchan Yoon discovered that the Django Truncator function incorrectly
handled very long HTML input. A remote attacker could possibly use this
issue to cause Django to consume resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
python-django 1:1.11.11-1ubuntu1.21+esm4
python3-django 1:1.11.11-1ubuntu1.21+esm4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6674-2
https://ubuntu.com/security/notices/USN-6674-1
CVE-2024-27351
--envbJBWh7q8WU6mo
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmXl/8IACgkQRbznW4QL
H2nASg/8CDSWUa6XzJVC6oPNFlzeR6WVD+FAIYwMWuLbtR4sWNb+31An/WKcGsNz
5/Imbq1uy87ROLlZEEDu9JYVUbE9LRD22IRVe1idFKAvitmENm641B7YzzoNLK3j
0mm87WIhF79l5LVtTbqrTPTCreL40n0Dfuw/df+ScmgELmOyuVuitWkEX7PK4wkR
FVisvlxcKa6h4ZDV6DEfLKAoarpJT36X7p7Q28rPxU+pvGBWvvDT9lpVKUE3JWUe
Qg3jYyRkwgMGO3CV6lTRVSnUchX43ZzS/YiBwv6HXA8rjjPRRXDH8FK/t8nmIukw
LnRUSah2abESoydVLchIu7bJNP0U84q4DovJnkzXiAIvEQt/a8OZ/VH/lNFIDn/r
nPZz13oAOXx9flkZoFBYuBz+gM+PYQjHiBTrNbuyC4pDmyZZlCOr7OvDhOeG9vEV
G7NLgA3rjKCHqObGaBKSkmtp4oB+lPSo9fv6WICy/493OZS54lTuU4W7W85RcHh2
iKrdTMORmMJFA3qDRg+CAZ7tMjsApCk8BZrmGlmOkQw5wSI/G+C0S8Dnb4A7crVx
XVcHdxcyJHtKSWH9b7i+ZT3CClw6qV5hPo5FrS8UEvtrWirnwU4jn8bXkl8Df5jd
qKrYOgT7ZVWdnzlAg3/1dUAee2DXOP5pm/cXCOhtiPeheHME94M=
=Tpfb
-----END PGP SIGNATURE-----
--envbJBWh7q8WU6mo--
--===============1761567984000766156==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--===============1761567984000766156==--
|
|
|
|
