{"id":"MGASA-2019-0086","summary":"Updated python-django packages fix security vulnerability","details":"If django.utils.numberformat.format() -- used by contrib.admin as well as\nthe floatformat, filesizeformat, and intcomma templates filters -- received\na Decimal with a large number of digits or a large exponent, it could lead\nto significant memory usage due to a call to '{:f}'.format()\n(CVE-2019-6975).\n","modified":"2026-02-02T08:08:38.950258Z","published":"2019-02-14T08:38:16Z","related":["CVE-2019-6975"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0086.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24348"},{"type":"REPORT","url":"https://www.djangoproject.com/weblog/2019/feb/11/security-releases/"}],"affected":[{"package":{"name":"python-django","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/python-django?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.19-1.2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0086.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}