-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5254-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 15, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2022-22818 CVE-2022-23833 CVE-2022-28346 CVE-2022-28347 CVE-2022-34265 CVE-2022-36359 CVE-2022-41323 Debian Bug : 1004752 1009677 1014541 Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting. For the stable distribution (bullseye), these problems have been fixed in version 2:2.2.28-1~deb11u1. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNK2BoACgkQEMKTtsN8 TjZ7Hw/+JYONqaFlHSM1zoAZ5Siogck70+ffsSF8NJ1fMyBExPnL7YMF+F9GwzFd S4FqDd3SnEN2pZlSK84cWp4MXvqwsUEkVcbylZeCQOsk2WoE0BtruxCN937GNcvV 37ixBSC0uekx2B1f8n0YX5mA1nbezZjUnqw8/PomVAf98a0U1er7WJVypgXvvrkT KMT+D6PB1H3ASPEcNtFcuANd3QN9PGcuRQQHXeonAOSCYVnsiDYj3UN5ts9x+Nap gC981Uh6jxd07hiCdpPIam3Gjqp2wKFde9UiH25KYoPuw9Z7VkYZiI6lBZS2v4ZH bvPBTPDjD7c3UUzHeY7F9IqAyY7UlPC+tKcqYyKIXnHm0xiPj6Z6aQRq3E/sM6eP MLpiuMNEIhoy4AO+5wsexERfgWe5oGdkaXFO+kO1z7eqyZbsFaMZiTBkMRW9M1wo SJ5l5Acl5MCwVhCzuiCJQG9znCCpgKwcqLwNlEWDQmK0n/suhIotMkDTeYP4nvoo EimlTT08Yap2O66MwXGQPRwhZPN76HarJB0n08XPNEpjmg+LgF1dZuPrJIVbGL8L aeK+eRW64IEikTR7B2mq/gKFGWWsq6fsk6TFRtnjJp4McfYsaRx8L40YzJwCPIec P7dDNk4Tt5D3Psa+jU4e0f1hCBN+Chsd1LFfP55e9GtC/BHRg1E= =kzuc -----END PGP SIGNATURE-----