Publishing details

Published on 2023-05-03
Copied from ubuntu bionic in Private PPA for Ubuntu Security Team by Marc Deslauriers

Changelog

python-django (1:1.11.11-1ubuntu1.21) bionic-security; urgency=medium

  * SECURITY UPDATE: Potential bypass of validation when uploading multiple
    files using one form field
    - debian/patches/CVE-2023-31047.patch: prevent uploading multiple files
      in django/forms/widgets.py, docs/topics/http/file-uploads.txt,
      tests/forms_tests/field_tests/test_filefield.py,
      tests/forms_tests/widget_tests/test_clearablefileinput.py,
      tests/forms_tests/widget_tests/test_fileinput.py.
    - CVE-2023-31047

 -- Marc Deslauriers <email address hidden>  Wed, 26 Apr 2023 10:05:28 -0400

Available diffs

diff from 1:1.11.11-1ubuntu1.20 to 1:1.11.11-1ubuntu1.21 (4.2 KiB)

Builds

amd64

Built packages

python-django High-level Python web development framework (Python 2 version)

python-django-common High-level Python web development framework (common)

python-django-doc High-level Python web development framework (documentation)

python3-django High-level Python web development framework (Python 3 version)

Package files

python-django-common_1.11.11-1ubuntu1.21_all.deb (1.5 MiB)
python-django-doc_1.11.11-1ubuntu1.21_all.deb (2.5 MiB)
python-django_1.11.11-1ubuntu1.21.debian.tar.xz (71.2 KiB)
python-django_1.11.11-1ubuntu1.21.dsc (3.2 KiB)
python-django_1.11.11-1ubuntu1.21_all.deb (880.7 KiB)
python-django_1.11.11.orig.tar.gz (7.6 MiB)
python3-django_1.11.11-1ubuntu1.21_all.deb (880.8 KiB)