ELA-716-1 djangorestframework security update

cross-site scripting vulnerabilities

Version3.4.0-2+deb9u1 (stretch)
Related CVEs CVE-2018-25045 CVE-2020-25626

Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs.

For Debian 9 stretch, these problems have been fixed in version 3.4.0-2+deb9u1.

We recommend that you upgrade your djangorestframework packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.