|
|
Subscribe / Log in / New account

Debian alert DLA-2540-1 (python-django)



From:
              Chris Lamb <lamby@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 2540-1] python-django security update


Date:
              Mon, 01 Feb 2021 18:37:39 +0000


Message-ID:
               <161220378825.262673.7741887772626337630@tinycat.chris-lamb.co.uk>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2540-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
February 01, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : python-django
Version        : 1:1.10.7-2+deb9u10
CVE ID         : CVE-2021-3281
Debian Bug     : #981562

It was discovered that there was a potential directory-traversal in
Django, a Python-based web development framework.

For Debian 9 "Stretch", this problem has been fixed in version
1:1.10.7-2+deb9u10.

We recommend that you upgrade your python-django packages.

For the detailed security status of python-django please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-django

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmAYRwkACgkQHpU+J9Qx
HlheghAAnZxkmkarIf5y6lkszHZqrSd8U441+migqyY2EJa7T8k4QH5ZT7N39wLB
YIEVs/LW9DZfDbJgX/GwkC6H6Ke1JpLBTuYQ9qRyFG/frzfNchRp8wNmqR1q5Slk
4Qet0F9ByR7v/nNW93DTgFkpyw9dbfQMdbOwskcm+Fr5Lubg7V9MEdZ6DnXT9Zaw
2mGgjuGPtlPEe/tml+y/vIKrkaTpx8K0byBbExqZ12l7a49pOrASNedGZ/9fYQ3z
9yUGkOzJjC4Ma/x8u8qQHLDJPxpZmELrMroYs2vayR8+rhKXDCrgqVDN2ucb6dL/
5ErLICl0wpoCGnu5gtM0zeI+hmKO+QogyfaCSZTYpB8Uwm7mTy7Ln+TuAqRZYung
iHDey7B9khQ8soJ9xjKXsKX7gzwq7z+NfkIurcQ22wBR171DLAyVZ821yEZ30frT
A/sa+f/5e0+LnGd7GoCfv2zpyxpnd/9tz+tNgI0JGpluQtfCKkDPxVBiHDqnVuaj
utrzk67y+L+0bOs2rDrSILWeSSRhDio8ccGiKTE8807WYIWaPxIvPK1cwkcdBUm1
iG9UqUGik48pU0OOXzWNah2uYpX0xs7S9f9Qp8JhB66iK0mZ0RgYhlUhjIrnYkxt
7LmUVV5mWhjTN11T1jEvyQ1CKeMlCS602mjYr2SvT+9BQQkhIgc=
=peu7
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds