USN-5373-1: Django vulnerabilities

Releases

• Ubuntu 21.10
• Ubuntu 20.04 LTS
• Ubuntu 18.04 ESM

Packages

• python-django - High-level Python web development framework

Details

It was discovered that Django incorrectly handled certain certain column
aliases in the QuerySet.annotate(), aggregate(), and extra() methods. A
remote attacker could possibly use this issue to perform an SQL injection
attack. (CVE-2022-28346)

It was discovered that Django incorrectly handled certain option names in
the QuerySet.explain() method. A remote attacker could possibly use this
issue to perform an SQL injection attack. This issue only affected Ubuntu
20.04 LTS, and Ubuntu 21.10. (CVE-2022-28347)

It was discovered that the Django URLValidator function incorrectly handled
newlines and tabs. A remote attacker could possibly use this issue to
perform a header injection attack. This issue only affected Ubuntu 18.04
LTS. (CVE-2021-32052)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.10

• python3-django - 2:2.2.24-1ubuntu1.4

Ubuntu 20.04

• python3-django - 2:2.2.12-1ubuntu0.11

Ubuntu 18.04

• python3-django - 1:1.11.11-1ubuntu1.17
• python-django - 1:1.11.11-1ubuntu1.17

In general, a standard system update will make all the necessary changes.

References

• CVE-2022-28346
• CVE-2021-32052
• CVE-2022-28347

Related notices

• USN-5373-2: python-django, python-django-common, python-django-doc, python3-django
• USN-4975-1: python-django, python-django-common, python-django-doc, python3-django