drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Django (Aktualisierung)
| Name: |
Denial of Service in Django (Aktualisierung) |
|
| ID: |
USN-7501-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 18.04 LTS |
|
| Datum: |
Do, 8. Mai 2025, 06:36 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2025-32873 |
|
| Applikationen: |
Django |
|
| Update von: |
Denial of Service in Django |
|
Originalnachricht |
--===============2612137213025801571==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="qDbXVdCdHGoSgWSk"
Content-Disposition: inline
--qDbXVdCdHGoSgWSk
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inlin
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-7501-2
May 07, 2025
python-django vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Django could be made to crash if it received specially crafted network
traffic.
Software Description:
- python-django: High-level Python web development framework
Details:
USN-7501-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
Elias Myllymäki discovered that Django incorrectly handled stripping large
sequences of incomplete HTML tags. A remote attacker could possibly use
this issue to cause Django to consume resources, leading to a denial of
service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
python-django 1:1.11.11-1ubuntu1.21+esm11
Available with Ubuntu Pro
python3-django 1:1.11.11-1ubuntu1.21+esm11
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7501-2
https://ubuntu.com/security/notices/USN-7501-1
CVE-2025-32873
--qDbXVdCdHGoSgWSk
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmgbt4oACgkQRbznW4QL
H2lWMQ/+LxqqHbQ0dXWT8zUmMtKaqmKXxlkP0Mcds35Hlrx0i0w+whZ8eWmdTeq5
aJbUr8Ynq3K9UowkhxakAqJYIAJ9Yva4jIPq0DkoDwjVaVy38IpsYx9Ta9Arol2f
JO/VX50E0GP3KrcEVbatylShLx2dp22kkUvpEtXYyFecDmqyHixeXjTwMKLaFLWs
8akwH4m3sXF5BOvYKwOb5QJvPWc3DucGW5wlsIFha0R/iLAt12Us38WyK4Rwz0ij
SlZ4ihhnw6LvWxONTwHbyqqzqYF0DBAEh9TkVUM/Iq5a6V/RzCVIXalECG68b0xL
t3WWqDIABxc+gzx7fgL7uvLYFsI/DhMIqa/WM561l6DjBSd1xmrU7PYQ92GxZI6I
vb51KtVN8LYXMD/dhDKY9TUkscR1IHFkzYTBn76/Aqef9m1IVOWZygygGc7VEch7
DhPoIG1UHxlJ/o8sYT82zE3B44k4xZ/llWYgg/iDjZMF/X+fJDuqYqOFg/pXlzFl
UFlRhxaTyEbhMjJmzCsjo5HsHIJI+0mcbt8qe517LG1UurdaSJZHP92G35OJIF2j
j7GXabafnuxMCKu1HahQxYI463uCysyVR0qInDOiWmaHE8rMxJDfphfsj2F5ogBb
h5qjRjxV4n0vmpjUMcIEkVOqqom49rxfQYfK8mu8de+uPYkNAek=
=nWGi
-----END PGP SIGNATURE-----
--qDbXVdCdHGoSgWSk--
--===============2612137213025801571==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
Cg==
--===============2612137213025801571==--
|
|
|
|
