Debian 10261 Published by

A djangorestframework security update has been released for Debian GNU/Linux 9 Extended LTS to address two cross-site scripting vulnerabilities.



ELA-716-1 djangorestframework security update

Package djangorestframework
Version 3.4.0-2+deb9u1 (stretch)
Related CVEs CVE-2018-25045 CVE-2020-25626

Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs.

For Debian 9 stretch, these problems have been fixed in version 3.4.0-2+deb9u1.

We recommend that you upgrade your djangorestframework packages.

Further information about Extended LTS security advisories can be found at: debian Extended Long term support

  ELA-716-1 djangorestframework security update