packages/python-django
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!159 fix CVE-2025-26699

Browse Source 
From: @changtao615 
Reviewed-by: @cherry530 
Signed-off-by: @cherry530
This commit is contained in:
openeuler-ci-bot 2025-03-12 03:11:15 +00:00 committed by Gitee
commit e3a505e06f
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 110 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
CVE-2025-26699.patch Normal file
View File

@ -0,0 +1,102 @@
From 4f2765232336b8ad0afd8017d9d912ae93470017 Mon Sep 17 00:00:00 2001
From: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
Date: Tue, 25 Feb 2025 09:40:54 +0100
Subject: [PATCH] [5.0.x] Fixed CVE-2025-26699 -- Mitigated potential DoS in
wordwrap template filter.
Thanks sw0rd1ight for the report.
Backport of 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b from main.
---
django/utils/text.py | 28 +++++++------------
docs/releases/2.2.27.txt | 8 +++++-
.../filter_tests/test_wordwrap.py | 11 ++++++++
3 files changed, 28 insertions(+), 19 deletions(-)
diff --git a/django/utils/text.py b/django/utils/text.py
index 6631a00..c44d452 100644
--- a/django/utils/text.py
+++ b/django/utils/text.py
@@ -1,6 +1,7 @@
import html.entities
import re
import unicodedata
+import textwrap
from gzip import GzipFile
from io import BytesIO
@@ -88,24 +89,15 @@ def wrap(text, width):
Don't wrap long words, thus the output text may have lines longer than
``width``.
"""
- def _generator():
- for line in text.splitlines(True): # True keeps trailing linebreaks
- max_width = min((line.endswith('\n') and width + 1 or width), width)
- while len(line) > max_width:
- space = line[:max_width + 1].rfind(' ') + 1
- if space == 0:
- space = line.find(' ') + 1
- if space == 0:
- yield line
- line = ''
- break
- yield '%s\n' % line[:space - 1]
- line = line[space:]
- max_width = min((line.endswith('\n') and width + 1 or width), width)
- if line:
- yield line
- return ''.join(_generator())
-
+ wrapper = textwrap.TextWrapper(
+ width=width,
+ break_long_words=False,
+ break_on_hyphens=False,
+ )
+ result = []
+ for line in text.splitlines(True):
+ result.extend(wrapper.wrap(line))
+ return "\n".join(result)
class Truncator(SimpleLazyObject):
"""
diff --git a/docs/releases/2.2.27.txt b/docs/releases/2.2.27.txt
index 688a482..f34bef8 100644
--- a/docs/releases/2.2.27.txt
+++ b/docs/releases/2.2.27.txt
@@ -4,7 +4,13 @@ Django 2.2.27 release notes
*February 1, 2022*
-Django 2.2.27 fixes two security issues with severity "medium" in 2.2.26.
+Django 2.2.27 fixes three security issues with severity "medium" in 2.2.26.
+
+CVE-2025-26699: Potential denial-of-service vulnerability in ``django.utils.text.wrap()``
+=========================================================================================
+
+The ``wrap()`` and :tfilter:`wordwrap` template filter were subject to a
+potential denial-of-service attack when used with very long strings.
CVE-2022-22818: Possible XSS via ``{% debug %}`` template tag
=============================================================
diff --git a/tests/template_tests/filter_tests/test_wordwrap.py b/tests/template_tests/filter_tests/test_wordwrap.py
index 02f8605..f61842c 100644
--- a/tests/template_tests/filter_tests/test_wordwrap.py
+++ b/tests/template_tests/filter_tests/test_wordwrap.py
@@ -51,3 +51,14 @@ class FunctionTests(SimpleTestCase):
), 14),
'this is a long\nparagraph of\ntext that\nreally needs\nto be wrapped\nI\'m afraid',
)
+
+ def test_wrap_long_text(self):
+ long_text = (
+ "this is a long paragraph of text that really needs"
+ " to be wrapped I'm afraid " * 20_000
+ )
+ self.assertIn(
+ "this is a\nlong\nparagraph\nof text\nthat\nreally\nneeds to\nbe wrapped\n"
+ "I'm afraid",
+ wordwrap(long_text, 10),
+ )
--
2.46.0

9
python-django.spec
View File

@ -1,7 +1,7 @@
%global _empty_manifest_terminate_build 0 %global _empty_manifest_terminate_build 0
Name: python-django Name: python-django
Version: 2.2.27 Version: 2.2.27
Release: 14 Release: 15
Summary: A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Summary: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
License: Apache-2.0 and Python-2.0 and OFL-1.1 and MIT License: Apache-2.0 and Python-2.0 and OFL-1.1 and MIT
URL: https://www.djangoproject.com/ URL: https://www.djangoproject.com/
@ -38,6 +38,7 @@ Patch19: CVE-2024-45230.patch
Patch20: CVE-2024-45231.patch Patch20: CVE-2024-45231.patch
Patch21: CVE-2024-53907.patch Patch21: CVE-2024-53907.patch
Patch22: CVE-2024-56374.patch Patch22: CVE-2024-56374.patch
Patch23: CVE-2025-26699.patch
BuildArch: noarch BuildArch: noarch
%description %description
@ -104,6 +105,12 @@ mv %{buildroot}/doclist.lst .
%{_docdir}/* %{_docdir}/*
%changelog %changelog
* Wed Mar 12 2025 changtao <changtao@kylinos.cn> - 2.2.27-15
- Type:CVE
- CVE:CVE-2025-26699
- SUG:NA
- DESC:fix CVE-2025-26699
* Fri Jan 17 2025 caodongxia <caodongxia@h-partners.com> - 2.2.27-14 * Fri Jan 17 2025 caodongxia <caodongxia@h-partners.com> - 2.2.27-14
- Fix CVE-2024-56374 - Fix CVE-2024-56374