USN-4715-2: Django vulnerability
1 February 2021
Django could be made to overwrite files.
- python-django - High-level Python web development framework
USN-4715-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Wang Baohua discovered that Django incorrectly extracted archive files. A
remote attacker could possibly use this issue to extract files outside of
their expected location.
- USN-4715-1: python-django, python-django-doc, python3-django, python-django-common