Ubuntu Security Notice 5373-2 - USN-5373-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A remote attacker could possibly use this issue to perform an SQL injection attack.
2d0ada8dcc7b8cd95184a6cb883e28067fd48b7855c636b3d44e3bc4d67ac669