python-django 3:3.2.15-1 source package in Ubuntu
Changelog
python-django (3:3.2.15-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-36359: Potential reflected file download vulnerability in
FileResponse. An application may have been vulnerable to a reflected file
download (RFD) attack that sets the Content-Disposition header of a
FileResponse when the filename was derived from user-supplied input. The
filename is now escaped to avoid this possibility.
<https://www.djangoproject.com/weblog/2022/aug/03/security-releases/>
-- Chris Lamb <email address hidden> Wed, 03 Aug 2022 07:11:45 -0700
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- python
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_3.2.15-1.dsc | 2.7 KiB | 5344d8b068b3ea7854c37f8f199f47d08648ec26eef13a85e4a737f639ae3957 |
| python-django_3.2.15.orig.tar.gz | 9.4 MiB | f71934b1a822f14a86c9ac9634053689279cd04ae69cb6ade4a59471b886582b |
| python-django_3.2.15-1.debian.tar.xz | 35.6 KiB | 65f90aae1f3a47e4cfa3cca02da237624340da249c27d3e308880d9a9d1a6b09 |
Available diffs
- diff from 2:3.2.13-1 to 3:3.2.15-1 (16.5 KiB)
- diff from 3:3.2.14-1 to 3:3.2.15-1 (4.1 KiB)
No changes file available.
Binary packages built by this source
- python-django-doc: No summary available for python-django-doc in ubuntu kinetic.
No description available for python-django-doc in ubuntu kinetic.
- python3-django: No summary available for python3-django in ubuntu kinetic.
No description available for python3-django in ubuntu kinetic.
