ELA-716-1 djangorestframework security update

cross-site scripting vulnerabilities

2022-10-28
Packagedjangorestframework
Version3.4.0-2+deb9u1 (stretch)
Related CVEs CVE-2018-25045 CVE-2020-25626


Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs.



For Debian 9 stretch, these problems have been fixed in version 3.4.0-2+deb9u1.

We recommend that you upgrade your djangorestframework packages.

Further information about Extended LTS security advisories can be found at: debian Extended Long term support