Month: abril 2018

James Davis discovered two issues in Django, a high-level Python webdevelopment framework, that can lead to a denial-of-service attack.An attacker with control on the input of the django.utils.html.urlize()function or django.utils.text.Truncators chars() and words() methodscould craft a string that might stuck the execution of the application. More info: https://www.debian.org/security/2018/dsa-4161

It was discovered that insufficient input sanitising in libevt, a libraryto access the Windows Event Log (EVT) format, could result in denial ofservice or the execution of arbitrary code if a malformed EVT file isprocessed. More info: https://www.debian.org/security/2018/dsa-4160