python-django 2:2.2.18-1 source package in Ubuntu
Changelog
python-django (2:2.2.18-1) unstable; urgency=medium
* New upstream security release:
- CVE-2021-3281: Potential directory-traversal via archive.extract().
The django.utils.archive.extract() function, used by startapp --template
and startproject --template, allowed directory-traversal via an archive
with absolute paths or relative paths with dot segments.
(Closes: #981562)
<https://www.djangoproject.com/weblog/2021/feb/01/security-releases/>
* Drop 0006-Fixed-31850-Fixed-BasicExtractorTests.test_extractio.patch;
applied upstream.
-- Chris Lamb <email address hidden> Mon, 01 Feb 2021 11:59:58 +0000
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_2.2.18-1.dsc | 2.7 KiB | 95cb504064636be4757c71bd85b63bf43f8971136e8210fd705efa732307318c |
| python-django_2.2.18.orig.tar.gz | 8.8 MiB | c9c994f5e0a032cbd45089798b52e4080f4dea7241c58e3e0636c54146480bb4 |
| python-django_2.2.18-1.debian.tar.xz | 25.9 KiB | a30ad38ea067f0f078c709d880aa1ca88c286e2351be84c8fcb290fc028c6fb7 |
Available diffs
- diff from 2:2.2.17-2 to 2:2.2.18-1 (4.3 KiB)
No changes file available.
Binary packages built by this source
- python-django-doc: No summary available for python-django-doc in ubuntu hirsute.
No description available for python-django-doc in ubuntu hirsute.
- python3-django: No summary available for python3-django in ubuntu hirsute.
No description available for python3-django in ubuntu hirsute.
