Package python3-module-django2.2: Information
Danger alert: Package removed from p9 repository
Removed in the task: #266900
Package removed: Alexey Shabalin
Deletion date: April 12, 2021
Message: cve_bugfix
Package removed: Alexey Shabalin
Deletion date: April 12, 2021
Message: cve_bugfix
Source package: python3-module-django2.2
Version: 2.2.4-alt1
Build time: Aug 5, 2019, 08:32 PM in the task #235518
Category: Development/Python3
Report package bugHome page: http://www.djangoproject.com/
License: BSD
Summary: A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.
Description:
A high-level Python 3 Web framework that encourages rapid development and clean, pragmatic design.
List of rpms provided by this srpm:
python3-module-django2.2 (noarch)
python3-module-django2.2-dbbackend-mysql (noarch)
python3-module-django2.2-dbbackend-psycopg2 (noarch)
python3-module-django2.2-dbbackend-sqlite3 (noarch)
python3-module-django2.2-doc (noarch)
python3-module-django2.2-tests (noarch)
python3-module-django2.2 (noarch)
python3-module-django2.2-dbbackend-mysql (noarch)
python3-module-django2.2-dbbackend-psycopg2 (noarch)
python3-module-django2.2-dbbackend-sqlite3 (noarch)
python3-module-django2.2-doc (noarch)
python3-module-django2.2-tests (noarch)
Maintainer: Alexey Shabalin
List of contributors:
Alexey Shabalin
Grigory Ustinov
Ivan Zakharyaschev
Mikhail Efremov
Eugeny A. Rostovtsev
Aleksey Avdeev
Vladimir V Kamarzin
Vitaly Kuznetsov
Andrey Rahmatullin
Denis Klimov
Andrew Kornilov
ns
Alexey Shabalin
Grigory Ustinov
Ivan Zakharyaschev
Mikhail Efremov
Eugeny A. Rostovtsev
Aleksey Avdeev
Vladimir V Kamarzin
Vitaly Kuznetsov
Andrey Rahmatullin
Denis Klimov
Andrew Kornilov
ns
Last changed
Aug. 5, 2019 Alexey Shabalin 2.2.4-alt1
- 2.2.4 - Fixes for the following security vulnerabilities: + CVE-2019-14232 Adjusted regex to avoid backtracking issues when truncating HTML + CVE-2019-14233 Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities + CVE-2019-14234 Protected JSONField/HStoreField key and index lookups against SQL injection + CVE-2019-14235 Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri()
July 16, 2019 Alexey Shabalin 2.2.3-alt2
- tear circular dependencies python3-module-django2.2 and python3-module-django2.2-tests
July 15, 2019 Alexey Shabalin 2.2.3-alt1
- 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS + CVE-2019-6975 Memory exhaustion in django.utils.numberformat.format() + CVE-2019-3498 Content spoofing possibility in the default 404 page + CVE-2018-16984 Password hash disclosure to view only admin users + CVE-2018-14574 Open redirect possibility in CommonMiddleware + CVE-2018-7536 Denial-of-service possibility in urlize and urlizetrunc template filters + CVE-2018-7537 Denial-of-service possibility in truncatechars_html and truncatewords_html template filters + CVE-2018-6188 Information leakage in AuthenticationForm