Nmmapper.com

Menu

Written by on in Browsers.

Last update on .

Debian Security Advisory PostgreSQL Django SQL injection attacks

Debian Security Advisory PostgreSQL Django SQL injection attacks

This is from Debian Security Advisory DSA-4629-1 python-django -- security update

Date Reported:

19 Feb 2020

 

Affected Packages:

python-django

 

Vulnerable:

Yes

 

Security database references:

In the Debian bugtracking system: Bug 950581.
In Mitre's CVE dictionary: CVE-2020-7471.

 

More information:

Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module. A remote attacker could leverage this to perform SQL injection attacks.

For the oldstable distribution (stretch), this problem has been fixed in version 1:1.10.7-2+deb9u8.

For the stable distribution (buster), this problem has been fixed in version 1:1.11.28-1~deb10u1.

We recommend that you upgrade your python-django packages.

For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django

Comments

Comments are closed.

From our friends

Similar entries

How to Disable Ctrl+Alt+Delete on Debian, Ubuntu and other linux distributions

How to Disable Ctrl+Alt+Delete on Debian, Ubuntu and o…

Latest stable release of Debian is 10.3 Debian 10 -- Release Notes

Latest stable release of Debian is 10.3 Debian 10 -- R…

7 Reasons why you should choose Debian Gnu Linux over other Linux Distribution

7 Reasons why you should choose Debian Gnu Linux over …

How to secure Your Django application by building Django Web Application Firewall

How to secure Your Django application by building Djan…

Linux Security and Vulnerabilities Myths and Reality

Linux Security and Vulnerabilities Myths and Reality