[Git][security-tracker-team/security-tracker][master] Add new python-django issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 3 18:02:41 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b0e15cd2 by Salvatore Bonaccorso at 2026-03-03T19:02:10+01:00
Add new python-django issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2026-25674
+ - python-django <unfixed> (bug #1129595)
+ [trixie] - python-django <no-dsa> (Minor issue)
+ [bookworm] - python-django <no-dsa> (Minor issue)
+ NOTE: https://www.djangoproject.com/weblog/2026/mar/03/security-releases/
+ NOTE: Fixed by: https://github.com/django/django/commit/54b50bf7d6dcbf02d4c01f853627cc9299d4934d (4.2.29)
+CVE-2026-25673
+ - python-django <not-affected> (Windows-specific)
+ NOTE: https://www.djangoproject.com/weblog/2026/mar/03/security-releases/
CVE-2026-3455 (Versions of the package mailparser before 3.9.3 are vulnerable to Cros ...)
TODO: check
CVE-2026-3449 (Versions of the package @tootallnate/once before 3.0.1 are vulnerable ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0e15cd22b2e7c7032f8ad091c120e32635f130b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0e15cd22b2e7c7032f8ad091c120e32635f130b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260303/d4d168bf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list