drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in python-django
Name: |
Mehrere Probleme in python-django |
|
ID: |
DSA-4705-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian stretch, Debian buster |
|
Datum: |
Do, 18. Juni 2020, 22:40 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13596 |
|
Applikationen: |
Django |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4705-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond June 18, 2020 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : python-django CVE ID : CVE-2020-9402 CVE-2020-13254 CVE-2020-13596
It was discovered that Django, a high-level Python web development framework, did not properly sanitize input. This would allow a remote attacker to perform SQL injection attacks, Cross-Site Scripting (XSS) attacks, or leak sensitive information.
For the oldstable distribution (stretch), these problems have been fixed in version 1:1.10.7-2+deb9u9.
For the stable distribution (buster), these problems have been fixed in version 1:1.11.29-1~deb10u1.
We recommend that you upgrade your python-django packages.
For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAl7rKgsACgkQEL6Jg/PV nWQUpQf/a6ouTulgXuSAegdWfc6ehpmZVgKb8Ln6K9lqvHsvYQyNQVjI3Loj+Squ Jw5n0gXf/n3uW9/gKlMC/gKVie/ED7STZFgFr5k4xMvFcXiTE1V9ljv2eIQjCh9o YtT40NCCM1oTfVemsaoyUJ5rtr5nFznY3R8yf9Rdlq7I5SZGw5BdYHaUbSKutwIp OnrjL+VscoMBffgtaJY6/tQyMwOPiu+xynUCKEfaMHRuwwHl1+rj7gr+HRImQhTX 7FezQOxpvLPrh/tj/4DdQ6VMG1ClOCPvISGuZ1mhnMHcHy2KzA5OtoWRnVks7udG h/WYma9kPi3CSSYNWzEVTknN/wQwxA== =7/E0 -----END PGP SIGNATURE-----
|
|
|
|