Описание
Security update for python-Django
This update for python-Django fixes the following issues:
- CVE-2025-59681: SQL injection via the
QuerySetannotate(),alias(),aggregate(), orextra()` methods when processing a specially crafted dictionary with dictionary expansion (bsc#1250485). - CVE-2025-59682: directory traversal via the
django.utils.archive.extract()function when processing an archive with file paths that share a common prefix with the target directory (bsc#1250487).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP6
SUSE Linux Enterprise Module for Package Hub 15 SP7
openSUSE Leap 15.6
Ссылки
- Link for SUSE-SU-2025:03446-1
- E-Mail link for SUSE-SU-2025:03446-1
- SUSE Security Ratings
- SUSE Bug 1250485
- SUSE Bug 1250487
- SUSE CVE CVE-2025-59681 page
- SUSE CVE CVE-2025-59682 page
Описание
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).
Затронутые продукты
Ссылки
- CVE-2025-59681
- SUSE Bug 1250485
Описание
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.
Затронутые продукты
Ссылки
- CVE-2025-59682
- SUSE Bug 1250487