==========================================================================
Ubuntu Security Notice USN-4479-1
September 01, 2020

python-django vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Django.

Software Description:
– python-django: High-level Python web development framework

Details:

It was discovered that Django, when used with Python 3.7 or higher,
incorrectly handled directory permissions. A local attacker could possibly
use this issue to obtain sensitive information, or escalate permissions.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
python3-django 2:2.2.12-1ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4479-1
CVE-2020-24583, CVE-2020-24584

Package Information:
https://launchpad.net/ubuntu/+source/python-django/2:2.2.12-1ubuntu0.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl9OOWYACgkQZWnYVadE
vpMBDw//aTcuah1JWbB7TLGKndR57/9IBndQmkQLfwYLIkQ7rFAXJGFnIZzF5Kp+
effLhK1dAg5nxKYpqJ9B/BYh9nbUowQOYVeTrfkSHvAVE9QSF8uTnjII/AFSrHmy
lI6Qg9MByDfxjeFZA8VRcttfUuiq7TmBqM6i62xMXgPHWEs+HPxLrpqtio9D7jYw
kXtv91VYl9s7M/DySYH2HD6lxhRKCZSV6KZgnYWPQ8nb2K+da/pZTxaGZfwz82Ch
YH/TCUP8YT11ybSFR6vWJOe9Lo38ldVAWKDzJ6a1mcWs6280sPiBvpXwHeFmEuKM
qQ5Zi04hq6bmh4+1c+GsJMUN9iOeM2bdordVurqYqM9ayKFiFNVBmbg5TMl69Onb
ymIM+pLPS1+FOIAsl13STfPDs3QVgFFeomrQjXqnpzXKvH6QA6aNX75MIN8bQ2FE
JWedvq85gYCaF++ycNTgE9eev4WVsl/TW1244CbN/Fs1YCg/k1JutKTR06buyOcl
8iZLobIXIQEV/ueM5Y755OcniivGD1TEndTDa0wreeWhLHkmoboKzrVd9MgSNoPq
4Aeo4+gRtLiabUyB0v87eNdNllmXqib870HZQi/grTzeKXEqvzCtjpgG9L8Hx2/F
3zZsDj7lLouJc+RZNqaO981Wbs9jg7/LTNjv5e87qTSeGq3rnNY=
=NJup
—–END PGP SIGNATURE—–
—