File _patchinfo of Package patchinfo.34947

<patchinfo incident="34947">
  <issue tracker="cve" id="2024-42005"/>
  <issue tracker="cve" id="2024-41989"/>
  <issue tracker="cve" id="2024-41991"/>
  <issue tracker="cve" id="2024-41990"/>
  <issue tracker="bnc" id="1228632">VUL-0: EMBARGOED: CVE-2024-42005: python-Django,python-Django1,python-Django4: Potential SQL injection in QuerySet.values() and values_list()</issue>
  <issue tracker="bnc" id="1228631">VUL-0: EMBARGOED: CVE-2024-41991: python-Django,python-Django1,python-Django4: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget</issue>
  <issue tracker="bnc" id="1228629">VUL-0: EMBARGOED: CVE-2024-41989: python-Django,python-Django1,python-Django4: Memory exhaustion in django.utils.numberformat.floatformat()</issue>
  <issue tracker="bnc" id="1228630">VUL-0: EMBARGOED: CVE-2024-41990: python-Django,python-Django1,python-Django4: Potential denial-of-service vulnerability in django.utils.html.urlize()</issue>
  <packager>mcalabkova</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for python-Django</summary>
  <description>This update for python-Django fixes the following issues:

- CVE-2024-42005: Fixed SQL injection in QuerySet.values() and values_list() (bsc#1228629)
- CVE-2024-41989: Fixed Memory exhaustion in django.utils.numberformat.floatformat() (bsc#1228630)
- CVE-2024-41990: Fixed denial-of-service vulnerability in django.utils.html.urlize() (bsc#1228631)
- CVE-2024-41991: Fixed another denial-of-service vulnerability in django.utils.html.urlize() (bsc#1228632)
</description>
</patchinfo>