packages/python-django
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2024-24680

Browse Source
This commit is contained in:
starlet-dx 2024-02-07 11:03:20 +08:00
parent 5f6d977183
commit fd6e5068c9
2 changed files with 197 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
CVE-2024-24680.patch Normal file
View File

@ -0,0 +1,191 @@
From 572ea07e84b38ea8de0551f4b4eda685d91d09d2 Mon Sep 17 00:00:00 2001
From: Adam Johnson <me@adamj.eu>
Date: Mon, 22 Jan 2024 13:21:13 +0000
Subject: [PATCH] [4.2.x] Fixed CVE-2024-24680 -- Mitigated potential DoS in
intcomma template filter.
Thanks Seokchan Yoon for the report.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Shai Berger <shai@platonix.com>
---
.../contrib/humanize/templatetags/humanize.py | 13 ++--
tests/humanize_tests/tests.py | 64 +++++++++++++++++++
2 files changed, 71 insertions(+), 6 deletions(-)
diff --git a/django/contrib/humanize/templatetags/humanize.py b/django/contrib/humanize/templatetags/humanize.py
index 2322477..2c26f89 100644
--- a/django/contrib/humanize/templatetags/humanize.py
+++ b/django/contrib/humanize/templatetags/humanize.py
@@ -75,12 +75,13 @@ def intcomma(value, use_l10n=True):
return intcomma(value, False)
else:
return number_format(value, use_l10n=True, force_grouping=True)
- orig = str(value)
- new = re.sub(r"^(-?\d+)(\d{3})", r"\g<1>,\g<2>", orig)
- if orig == new:
- return new
- else:
- return intcomma(new, use_l10n)
+ result = str(value)
+ match = re.match(r"-?\d+", result)
+ if match:
+ prefix = match[0]
+ prefix_with_commas = re.sub(r"\d{3}", r"\g<0>,", prefix[::-1])[::-1]
+ result = prefix_with_commas + result[len(prefix) :]
+ return result
# A tuple of standard large number to their converters
diff --git a/tests/humanize_tests/tests.py b/tests/humanize_tests/tests.py
index cf29f58..a78bbad 100644
--- a/tests/humanize_tests/tests.py
+++ b/tests/humanize_tests/tests.py
@@ -116,39 +116,71 @@ class HumanizeTests(SimpleTestCase):
def test_intcomma(self):
test_list = (
100,
+ -100,
1000,
+ -1000,
10123,
+ -10123,
10311,
+ -10311,
1000000,
+ -1000000,
1234567.25,
+ -1234567.25,
"100",
+ "-100",
"1000",
+ "-1000",
"10123",
+ "-10123",
"10311",
+ "-10311",
"1000000",
+ "-1000000",
"1234567.1234567",
+ "-1234567.1234567",
Decimal("1234567.1234567"),
+ Decimal("-1234567.1234567"),
None,
"",
+ "-",
".",
+ "-.",
+ "the quick brown fox jumped over the lazy dog",
)
result_list = (
"100",
+ "-100",
"1,000",
+ "-1,000",
"10,123",
+ "-10,123",
"10,311",
+ "-10,311",
"1,000,000",
+ "-1,000,000",
"1,234,567.25",
+ "-1,234,567.25",
"100",
+ "-100",
"1,000",
+ "-1,000",
"10,123",
+ "-10,123",
"10,311",
+ "-10,311",
"1,000,000",
+ "-1,000,000",
"1,234,567.1234567",
+ "-1,234,567.1234567",
"1,234,567.1234567",
+ "-1,234,567.1234567",
None,
"1,234,567",
+ "-1,234,567",
",,.",
+ "-,,.",
+ "the quick brown fox jumped over the lazy dog",
)
with translation.override("en"):
self.humanize_tester(test_list, result_list, "intcomma")
@@ -156,39 +188,71 @@ class HumanizeTests(SimpleTestCase):
def test_l10n_intcomma(self):
test_list = (
100,
+ -100,
1000,
+ -1000,
10123,
+ -10123,
10311,
+ -10311,
1000000,
+ -1000000,
1234567.25,
+ -1234567.25,
"100",
+ "-100",
"1000",
+ "-1000",
"10123",
+ "-10123",
"10311",
+ "-10311",
"1000000",
+ "-1000000",
"1234567.1234567",
+ "-1234567.1234567",
Decimal("1234567.1234567"),
+ -Decimal("1234567.1234567"),
None,
"",
+ "-",
".",
+ "-.",
+ "the quick brown fox jumped over the lazy dog",
)
result_list = (
"100",
+ "-100",
"1,000",
+ "-1,000",
"10,123",
+ "-10,123",
"10,311",
+ "-10,311",
"1,000,000",
+ "-1,000,000",
"1,234,567.25",
+ "-1,234,567.25",
"100",
+ "-100",
"1,000",
+ "-1,000",
"10,123",
+ "-10,123",
"10,311",
+ "-10,311",
"1,000,000",
+ "-1,000,000",
"1,234,567.1234567",
+ "-1,234,567.1234567",
"1,234,567.1234567",
+ "-1,234,567.1234567",
None,
"1,234,567",
+ "-1,234,567",
",,.",
+ "-,,.",
+ "the quick brown fox jumped over the lazy dog",
)
with self.settings(USE_THOUSAND_SEPARATOR=False):
with translation.override("en"):
--
2.33.0

7
python-django.spec
View File

@ -1,7 +1,7 @@
%global _empty_manifest_terminate_build 0
Name: python-django
Version: 4.2.3
Release: 5
Release: 6
Summary: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
License: Apache-2.0 and Python-2.0 and BSD-3-Clause
URL: https://www.djangoproject.com/
@ -11,6 +11,8 @@ Patch0: CVE-2023-41164.patch
Patch1: CVE-2023-43665.patch
# https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f
Patch2: CVE-2023-46695.patch
# https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2
Patch3: CVE-2024-24680.patch
BuildArch: noarch
%description
@ -77,6 +79,9 @@ mv %{buildroot}/doclist.lst .
%{_docdir}/*
%changelog
* Wed Feb 07 2024 yaoxin <yao_xin001@hoperun.com> - 4.2.3-6
- Fix CVE-2024-24680
* Fri Sep 15 2023 xu_ping <707078654@qq.com> - 4.2.3-5
- Fix changelog bad date