-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4086-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 19, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : python-django Version : 2:2.2.28-1~deb11u6 CVE ID : CVE-2025-26699 Debian Bug : 1099682 It was discovered that there was a potential denial-of-service (DoS) vulnerability in Django, a Python-based web development framework. The issue was situated in the wrap() method of the django.utils.text module. This method and the wordwrap template filter were subject to a potential DoS attack when used with very long strings. For Debian 11 bullseye, this problem has been fixed in version 2:2.2.28-1~deb11u6. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmfa6uEACgkQHpU+J9Qx HlinZQ/+JsDDH/tF8+i2DtjUAk58rLggvA9M+tlXZgmtoyzsDFB8amj8v2fFbnNW kPTR30lEbg0N2La+XyPDXdcvpmh2L8VedXXm4JH7V2369awoshAarxMyWb6y2KXc h7k7P89NOiEo8srBAtE1IEAkBrbmhZwiLKISSs1R2pwXErjyb9C3TJVQf4iVGrIz Iz3vDg2SjPRrORA+iAk2kfEUSC3+5uUB1YJoR6ATDny/yKMRcGnvNLWw5Ifpq4lQ +zQUyl+YB3Wa/hlCwHBN/yrfg6LaON29LHHkfp3TXlwPFXSQmhRVuhxVSZafCYOk v/oAV6H6OnL1FqeJk9KUyX/9rGwU0R19iMX8hfCt1l7WjuckT51ShY6Pt6N+TiEa kmiSm700D/mfIVB77vHiE5oVu4ozpFklYdiaLkWwBkMthdLd5JiZVeqSJ5NmFNG0 v09Wp6Z/M9QlJ+hLtavcXXJ06UaS7JTz2CgW5ujcEmsaV20tqbstVc7zEK6iMvsy i5eIrFgfVqQMgL8+oRDBvBccOw/K7av4ODuVLak0ULOAx3A6bphDnnrn0ItIVIHf t6bpxDHtWBdhQigetlNZo/j+10dFcLjF53jMHVHQzeURxrGW8oEJG1BWsIR6Rt97 //B0Wn8+RYYo+dsXKGN3Qjmw/vOH+N0uGqh1Ant5jOUDc9N6uwI= =dzBZ -----END PGP SIGNATURE-----
