2350881 – CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.text.wrap()

Bug 2350881 - CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.text.wrap()

Summary: CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.tex...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	python-django5
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Assignee:	Michel Lind
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2350882 2350884
TreeView+	depends on / blocked

Reported:	2025-03-08 18:00 UTC by Michel Lind
Modified:	2025-03-17 00:15 UTC (History)
CC List:	2 users (show)
Fixed In Version:	python-django5-5.1.7-1.fc43 python-django5-5.1.7-1.fc42
Clone Of:
Clones:	2350882 2350884 (view as bug list)
Environment:
Last Closed:	2025-03-17 00:15:15 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Michel Lind 2025-03-08 18:00:08 UTC

https://www.openwall.com/lists/oss-security/2025/03/06/12

Reproducible: Always

Comment 1 Fedora Update System 2025-03-08 18:25:21 UTC

FEDORA-2025-8f86905930 (python-django5-5.1.7-1.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-8f86905930

Comment 2 Fedora Update System 2025-03-08 18:29:55 UTC

FEDORA-2025-8f86905930 (python-django5-5.1.7-1.fc43) has been pushed to the Fedora 43 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 3 Fedora Update System 2025-03-08 18:54:23 UTC

FEDORA-2025-2659ee2b71 (python-django5-5.1.7-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-2659ee2b71

Comment 4 Michel Lind 2025-03-08 18:55:30 UTC

Reopening until the F42 update goes stable

Comment 5 Fedora Update System 2025-03-09 01:24:39 UTC

FEDORA-2025-2659ee2b71 has been pushed to the Fedora 42 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-2659ee2b71`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-2659ee2b71

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 6 Fedora Update System 2025-03-17 00:15:15 UTC

FEDORA-2025-2659ee2b71 (python-django5-5.1.7-1.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.