[Bug 2113924] Re: Incomplete fix for CVE-2025-48432

Launchpad Bug Tracker Mon, 16 Jun 2025 08:21:01 -0700

This bug was fixed in the package python-django - 3:4.2.18-1ubuntu1.3

---------------
python-django (3:4.2.18-1ubuntu1.3) plucky-security; urgency=medium


  * SECURITY UPDATE: Prevented log injection
    - debian/patches/CVE-2025-48432-2.patch: prevented log injection in
      remaining response logging in django/views/generic/base.py,
      test/generic_views/test_base.py (LP: #2113924)

 -- Leonidas Da Silva Barbosa <[email protected]>  Tue, 10 Jun
2025 16:08:26 -0300

** Changed in: python-django (Ubuntu)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-48432

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2113924

Title:
  Incomplete fix for CVE-2025-48432

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-django/+bug/2113924/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2113924] Re: Incomplete fix for CVE-2025-48432

Reply via email to