it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5254-1] python-django security update
- Date: Sat, 15 Oct 2022 16:00:48 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/Y0rZMJWZyO+6TnRq AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=cj2qLmjMdV6+JJaHE5BDM42JchgUYbvZpVYg6FYijH4=; b=Fu PoQC0np6Wpj48cOGoa1xw3pnQFWRtryI3oM1pW7H6aC4uVh0rePqqtgz6jxzmoSISDxGBk9wmIbf9 FDU1bYbV+VKTFw50IG3+xGVdXbugTHMAtWKPrQ8kF+u1ncH50ese2SxJMK9j5Pi5m9gdxAlEuXcDD 3GUQdxQ5H55RRvw0NpyMwZ/EybHw69tVaJiYlmr5v2lCyendWh7c63eFKomMOreewqLAlFNIEht+s TLVN+kM3pCyPgaH/51YpyH+UcF49V6eHOt/0qbTywkUTiafMQ4gqwzR9tIGOo0J8eZG7kEmFORfyK Z/MniZDAEgzkUL0EDsf/jtm2+JZBtnqw==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Sat, 15 Oct 2022 16:01:17 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <RPSrlRcekbP.A.-6C.NltSjB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5254-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 15, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : python-django
CVE ID : CVE-2022-22818 CVE-2022-23833 CVE-2022-28346 CVE-2022-28347
CVE-2022-34265 CVE-2022-36359 CVE-2022-41323
Debian Bug : 1004752 1009677 1014541
Multiple security issues were found in Django, a Python web development
framework, which could result in denial of service, SQL injection or
cross-site scripting.
For the stable distribution (bullseye), these problems have been fixed in
version 2:2.2.28-1~deb11u1.
We recommend that you upgrade your python-django packages.
For the detailed security status of python-django please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-django
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNK2BoACgkQEMKTtsN8
TjZ7Hw/+JYONqaFlHSM1zoAZ5Siogck70+ffsSF8NJ1fMyBExPnL7YMF+F9GwzFd
S4FqDd3SnEN2pZlSK84cWp4MXvqwsUEkVcbylZeCQOsk2WoE0BtruxCN937GNcvV
37ixBSC0uekx2B1f8n0YX5mA1nbezZjUnqw8/PomVAf98a0U1er7WJVypgXvvrkT
KMT+D6PB1H3ASPEcNtFcuANd3QN9PGcuRQQHXeonAOSCYVnsiDYj3UN5ts9x+Nap
gC981Uh6jxd07hiCdpPIam3Gjqp2wKFde9UiH25KYoPuw9Z7VkYZiI6lBZS2v4ZH
bvPBTPDjD7c3UUzHeY7F9IqAyY7UlPC+tKcqYyKIXnHm0xiPj6Z6aQRq3E/sM6eP
MLpiuMNEIhoy4AO+5wsexERfgWe5oGdkaXFO+kO1z7eqyZbsFaMZiTBkMRW9M1wo
SJ5l5Acl5MCwVhCzuiCJQG9znCCpgKwcqLwNlEWDQmK0n/suhIotMkDTeYP4nvoo
EimlTT08Yap2O66MwXGQPRwhZPN76HarJB0n08XPNEpjmg+LgF1dZuPrJIVbGL8L
aeK+eRW64IEikTR7B2mq/gKFGWWsq6fsk6TFRtnjJp4McfYsaRx8L40YzJwCPIec
P7dDNk4Tt5D3Psa+jU4e0f1hCBN+Chsd1LFfP55e9GtC/BHRg1E=
=kzuc
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5254-1] python-django security update, Moritz Muehlenhoff, 15.10.2022
Archiv bereitgestellt durch MHonArc 2.6.24.