Package: python-django
Version: 2:2.2.28-1~deb11u5
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for python-django.
CVE-2025-26699 [0]: Potential denial-of-service in
django.utils.text.wrap()
The django.utils.text.wrap() and wordwrap template filter were
subject to a potential denial-of-service attack when used with
very long strings.
Thanks to sw0rd1ight for the report.
This issue has severity "moderate" according to the Django
security policy.
— <https://www.djangoproject.com/weblog/2025/mar/06/security-releases/>
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-26699
https://www.cve.org/CVERecord?id=CVE-2025-26699
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
