Advisories » MGASA-2025-0095

Updated python-django packages fix security vulnerability

Publication date: 12 Mar 2025
Modification date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-26699

Description

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13,
and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap
template filter are subject to a potential denial-of-service attack when
used with very long strings. (CVE-2025-26699)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34073
• https://ubuntu.com/security/notices/USN-7335-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699

SRPMS

9/core

• python-django-4.1.13-1.3.mga9