You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa python-django

Sigurnosni nedostatak programskog paketa python-django

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4629-1 security@debian.org
https://www.debian.org/security/ Sebastien Delafond
February 19, 2020 https://www.debian.org/security/faq
– ————————————————————————-

Package : python-django
CVE ID : CVE-2020-7471
Debian Bug : 950581

Simon Charette discovered that Django, a high-level Python web
development framework, did not properly handle input in its PostgreSQL
module. A remote attacker could leverage this to perform SQL injection
attacks.

For the oldstable distribution (stretch), this problem has been fixed
in version 1:1.10.7-2+deb9u8.

For the stable distribution (buster), this problem has been fixed in
version 1:1.11.28-1~deb10u1.

We recommend that you upgrade your python-django packages.

For the detailed security status of python-django please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-django

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAl5M7iIACgkQEL6Jg/PV
nWSJnQgAx6apWFroZ90PoqfwIGZOFIwZBOmQqkUEBDXWr7i/mVA8m2G+rrj3nFem
71EK+b+T/CUgku1DmtANB0d/e8Kb8HVFjd1N9B6tyoB90xGGLbOFJTQn+owdgsCs
nJb4mZUYCsZ2Kk8cyJvsk2x1uMo9bAGGqZs5shqG2VsyfjifC3BUGeB+9KTR+bXP
wBFcq00ZFgFWiKsxl/CwiYQCn5uk+24Hd/FCuhp4v3yr/HmOtwnfMS9I0+u0c9ep
ThM64NRH/FKyXfcGgiJFi4ifD2gFWkgJhe9326ZHf4ruGW1/rtPv8rl7+2lg5AMX
RKkXSLkv8Sd+GG3QK+1dHHwoQ3Ey9A==
=f5GS
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke Mbed TLS

Otkriven je sigurnosni nedostatak programske biblioteke Mbed TLS za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija....

Close