Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3c5e38b by Chris Lamb at 2026-02-27T09:13:50-08:00
Triage CVE-2024-53908 in python-django for bookworm.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -155694,8 +155694,8 @@ CVE-2024-10567 (The TI WooCommerce Wishlist plugin
for WordPress is vulnerable t
NOT-FOR-US: WordPress plugin
CVE-2024-53908 (An issue was discovered in Django 5.1 before 5.1.4, 5.0 before
5.0.10, ...)
- python-django 3:4.2.17-1
- [bookworm] - python-django <postponed> (Minor issue, fix along in
future DSA)
- [bullseye] - python-django <not-affected> (Vulnerable code introduce
later)
+ [bookworm] - python-django <not-affected> (Passing class instances to
.filter() not supported yet)
+ [bullseye] - python-django <not-affected> (Passing class instances to
.filter() not supported yet)
NOTE:
https://www.djangoproject.com/weblog/2024/dec/04/security-releases/
NOTE: Fixed by:
https://github.com/django/django/commit/7376bcbf508883282ffcc0f0fac5cf0ed2d6cbc5
(4.2.17)
CVE-2024-53907 (An issue was discovered in Django 5.1 before 5.1.4, 5.0 before
5.0.10, ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3c5e38b18a437f88d848cc557008407c26a8e6a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3c5e38b18a437f88d848cc557008407c26a8e6a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
