USN-4264-1: Django vulnerability
USN-4264-1: Django vulnerability python-django vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Summary Django could be vulnerable to SQL injection attacks. Software Description python-django – High-level Python web development framework Details Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 python-django – 1:1.11.22-1ubuntu1.2 python3-django – 1:1.11.22-1ubuntu1.2 Ubuntu 18.04 LTS python-django – 1:1.11.11-1ubuntu1.7 python3-django – 1:1.11.11-1ubuntu1.7 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2020-7471 Source: USN-4264-1: Django vulnerability
