CVE-2013-0306
Publication date 20 February 2013
Last updated 24 July 2024
Ubuntu priority
The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.
Status
Package | Ubuntu Release | Status |
---|---|---|
python-django | 12.10 quantal |
Fixed 1.4.1-2ubuntu0.3
|
12.04 LTS precise |
Fixed 1.3.1-4ubuntu1.6
|
|
11.10 oneiric |
Fixed 1.3-2ubuntu1.6
|
|
10.04 LTS lucid |
Fixed 1.1.1-2ubuntu1.8
|
|
8.04 LTS hardy | Ignored end of life |
Patch details
Package | Patch details |
---|---|
python-django |
|
References
Related Ubuntu Security Notices (USN)
- USN-1757-1
- Django vulnerabilities
- 7 March 2013