| Errata ID | 227 |
|---|---|
| Date | 2019-08-14 |
| Source package | python-django |
| Fixed in version | 1:1.10.7-2+deb9u6 |
| Description | This update addresses the following issues: * Backtracking in a regular expression in django.utils.text.Truncator leads to DoS (CVE-2019-14232) * The behavior of the underlying HTMLParser leading to DoS (CVE-2019-14233) * SQL injection possibility in key and index lookups for JSONField/HStoreField (CVE-2019-14234) * Potential memory exhaustion in django.utils.encoding.uri_to_iri() (CVE-2019-14235) |
| Additional notes | |
| CVE ID | CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 |
| UCS Bug number | #49999 |
