Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4285

Security update for python-Django

Type: security
Severity: critical
Issued: 2024-12-11
Description:
This update for python-Django fixes the following issues:

  - CVE-2024-53907: Fixed denial-of-service in django.utils.html.strip_tags() (bsc#1234232)
  - CVE-2024-53908: Fixed SQL injection in HasKey(lhs, rhs) on Oracle (bsc#1234231)

References

Packages

  • python-Django-4.2.11-150600.3.12.1