stable

python-django-4.0.10-1.fc38

FEDORA-2023-a53ab7c969 created by churchyard 8 months ago for Fedora 38

Security fix for:

  • CVE-2023-24580
  • CVE-2023-23969
  • CVE-2022-41323
  • CVE-2022-36359
  • CVE-2022-34265
  • CVE-2022-28346
  • CVE-2022-28347

https://docs.djangoproject.com/en/4.2/releases/4.0.3/ https://docs.djangoproject.com/en/4.2/releases/4.0.4/ https://docs.djangoproject.com/en/4.2/releases/4.0.5/ https://docs.djangoproject.com/en/4.2/releases/4.0.6/ https://docs.djangoproject.com/en/4.2/releases/4.0.7/ https://docs.djangoproject.com/en/4.2/releases/4.0.8/ https://docs.djangoproject.com/en/4.2/releases/4.0.9/ https://docs.djangoproject.com/en/4.2/releases/4.0.10/

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-a53ab7c969

This update has been submitted for testing by churchyard.

8 months ago

This update's test gating status has been changed to 'ignored'.

8 months ago

This update has been pushed to testing.

8 months ago

This update has been submitted for stable by bodhi.

8 months ago

This update has been pushed to stable.

8 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Builds
1
python-django-4.0.10-1.fc38
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
8 months ago
in testing
8 months ago
in stable
8 months ago
approved
8 months ago
BZ#2072447 CVE-2022-28346 Django: SQL injection in QuerySet.annotate(),aggregate() and extra()
0
0
BZ#2072459 CVE-2022-28347 Django: SQL injection via QuerySet.explain(options) on PostgreSQL
0
0
BZ#2102896 CVE-2022-34265 python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments
0
0
BZ#2136130 CVE-2022-41323 python-django: Potential denial-of-service vulnerability in internationalized URLs
0
0
BZ#2166457 CVE-2023-23969 python-django: Potential denial-of-service via Accept-Language headers
0
0
BZ#2169402 CVE-2023-24580 python-django: Potential denial-of-service vulnerability in file uploads
0
0
python-django-4.0.10-1.fc38

Automated Test Results

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.2.2^202312051737git3efe1cb on bodhi-web-120-9vzc6.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy