Overview
Request 1146262 accepted
- Add CVE-2023-43665.patch (bsc#1215978, CVE-2023-43665)
* Denial-of-service possibility in django.utils.text.Truncator
- Add CVE-2023-41164.patch (bsc#1214667, CVE-2023-41164)
* Potential denial of service vulnerability
in django.utils.encoding.uri_to_iri()
- Add CVE-2023-36053.patch (bsc#1212742, CVE-2023-36053)
- Add CVE-2023-24580-DOS_file_upload.patch (CVE-2023-24580,
bsc#1208082) to prevent DOS in file uploads.
- Rename Django-1.11.29.tar.gz.asc to Django-1.11.29.tar.gz.checksums.txt
to avoid source_validator incorrectly trying to use it as a detached
signature file for the sources tarball.
- Add CVE-2022-28346.patch (bsc#1198398, CVE-2022-28346)
* Potential SQL injection in QuerySet.annotate(),aggregate() and extra()
- Add CVE-2022-34265.patch (bsc#1201186, CVE-2022-34265)
* SQL injection via Trunc(kind) and Extract(lookup_name) arguments
Request History
gosipyan created request
- Add CVE-2023-43665.patch (bsc#1215978, CVE-2023-43665)
* Denial-of-service possibility in django.utils.text.Truncator
- Add CVE-2023-41164.patch (bsc#1214667, CVE-2023-41164)
* Potential denial of service vulnerability
in django.utils.encoding.uri_to_iri()
- Add CVE-2023-36053.patch (bsc#1212742, CVE-2023-36053)
- Add CVE-2023-24580-DOS_file_upload.patch (CVE-2023-24580,
bsc#1208082) to prevent DOS in file uploads.
- Rename Django-1.11.29.tar.gz.asc to Django-1.11.29.tar.gz.checksums.txt
to avoid source_validator incorrectly trying to use it as a detached
signature file for the sources tarball.
- Add CVE-2022-28346.patch (bsc#1198398, CVE-2022-28346)
* Potential SQL injection in QuerySet.annotate(),aggregate() and extra()
- Add CVE-2022-34265.patch (bsc#1201186, CVE-2022-34265)
* SQL injection via Trunc(kind) and Extract(lookup_name) arguments
jzerebecki accepted request
Thank you
