WHAT ARE YOU LOOKING FOR?

Ubuntu Security Notice USN-6054-1 ≈ Packet Storm

Alertes Affichages : 427
Ubuntu Security Notice USN-6054-1 ≈ Packet Storm

Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]

Ubuntu Security Notice USN-6054-1[6]
Authored by Ubuntu[7] | Site security.ubuntu.com[8]

Ubuntu Security Notice 6054-1 - Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker could possibly use this issue to bypass certain validations.

systems | linux[9], ubuntu[10]
advisories | CVE-2023-31047[11]
SHA-256 | ae0ba53f9519ac67a1f2ae260d466182a277d6949327391761be0dc5190ca27e
Download[12] | Favorite[13] | View[14]

Change Mirror[15] Download[16]

        ==========================================================================
Ubuntu Security Notice USN-6054-1
May 03, 2023
python-django vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
A Django hardening measure could be bypassed.
Software Description:
- python-django: High-level Python web development framework
Details:
Moataz Al-Sharida and nawaik discovered that Django incorrectly handled
uploading multiple files using one form field. A remote attacker could
possibly use this issue to bypass certain validations.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
python3-django                  3:3.2.18-1ubuntu0.1
Ubuntu 22.10:
python3-django                  3:3.2.15-1ubuntu1.3
Ubuntu 22.04 LTS:
python3-django                  2:3.2.12-2ubuntu1.6
Ubuntu 20.04 LTS:
python3-django                  2:2.2.12-1ubuntu0.17
Ubuntu 18.04 LTS:
python-django                   1:1.11.11-1ubuntu1.21
python3-django                  1:1.11.11-1ubuntu1.21
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6054-1
CVE-2023-31047
Package Information:
https://launchpad.net/ubuntu/+source/python-django/3:3.2.18-1ubuntu0.1
https://launchpad.net/ubuntu/+source/python-django/3:3.2.15-1ubuntu1.3
https://launchpad.net/ubuntu/+source/python-django/2:3.2.12-2ubuntu1.6
https://launchpad.net/ubuntu/+source/python-django/2:2.2.12-1ubuntu0.17
https://launchpad.net/ubuntu/+source/python-django/1:1.11.11-1ubuntu1.21

Login[17] or Register[18] to add favorites

File Archive:

May 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa

File Tags

File Archives

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month[113]
News Tags[114]
Files by Month[115]
File Tags[116]
File Directory[117]
About Us
History & Purpose[118]
Contact Information[119]
Terms of Service[120]
Privacy Statement[121]
Copyright Information[122]
Services
Security Services[123]
Hosting By
Rokasec[124]
close

Read more

Image
Back To Top

Pensée du jour :

Ce que l'homme a fait ,

l'homme peut le défaire.

 

"No secure path in the world"

Category

Popular Sections

About