-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3558-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Chris Lamb September 07, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : python-django Version : 1:1.11.29-1+deb10u10 CVE ID : CVE-2023-41164 Debian Bug : 1051226 It was discovered that there was a potential denial of service vulnerability in Django, a popular Python-based web development framework. Upstream reported that there was a potential vulnerability in django.utils.encoding.uri_to_iri(). This method was subject to potential DoS attack via certain inputs with a very large number of Unicode characters. For Debian 10 buster, this problem has been fixed in version 1:1.11.29-1+deb10u10. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmT6LyMACgkQHpU+J9Qx Hlj6HRAAo5GhR58j5PCnWjVVuyeKGJeowHHjLLF3PRmTzrS4mRaJyAgXYj3PAVh/ Ly9BJ6Xio1PWN2ECWQhParMAklELRxAJBYYmg07NnFUjhvg6Xl/ZgK9w30KU8Duv 6T/mkw1XaL2IFDKGhi8ygP9yGqeFD3CmNpmeMEluRuW3BnSvosiRLtcT4R3j6vCm 1E5oX+P24wcqEJlw5Qyq4piVTuI2Y6B+CaZIsjGFvrgaG5bXCULXJh7hpWOlWgiO 6yXckY1uIYj65C0LnVaFSLpVTb3JXTFZ1RFWHwbGgWkaQb9eEhsZu+ZoTy4JzlNK ZQsQ/hbvBoeXw863MrcunV18UY8JhWSTw0VFaCji79Nz8H7uUKe99mkEdOg9/TIf LQsA4hQmy3F3pTFIsEVFShiceD7uOWap9kvOprSj5g/zhu98UCI8/T/E+PnkQCeK /YQfEbbe4GgR0NsU9hIAMGt4FOj7q4rIgtI/U8AUxZy4orizshTxea88kMD1+xiH WkJLjbkv7pFrEwSygka5lUMMwljSz0XKeJQ6Jl6jpvITBsCp8p0NwvvmUzHJVVhD m2egPSF3z5AzCCStfrX0xRJCbJWetsYmUGprdZFR1FppaKBnjRaRoPOq5Oubh2aj OPA7a19I5O+kMbSqr/2EpcDik0YTba3QhQXF9ts+0UKmqAxwFqk= =q5GH -----END PGP SIGNATURE-----