diff --git a/python-django-5.0.8-CVE-2025-26699.patch b/python-django-5.0.8-CVE-2025-26699.patch new file mode 100644 index 0000000000000000000000000000000000000000..170c43a3d36281c80989ea83357124dc7782d725 --- /dev/null +++ b/python-django-5.0.8-CVE-2025-26699.patch @@ -0,0 +1,79 @@ +From 4f2765232336b8ad0afd8017d9d912ae93470017 Mon Sep 17 00:00:00 2001 +From: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> +Date: Tue, 25 Feb 2025 09:40:54 +0100 +Subject: [PATCH] [5.0.x] Fixed CVE-2025-26699 -- Mitigated potential DoS in + wordwrap template filter. + +Thanks sw0rd1ight for the report. + +Backport of 55d89e25f4115c5674cdd9b9bcba2bb2bb6d820b from main. +--- + django/utils/text.py | 28 +++++++------------ + .../filter_tests/test_wordwrap.py | 11 ++++++++ + 2 files changed, 21 insertions(+), 18 deletions(-) + +diff --git a/django/utils/text.py b/django/utils/text.py +index d992f80dd2fe..36ab6a9efcc9 100644 +--- a/django/utils/text.py ++++ b/django/utils/text.py +@@ -1,6 +1,7 @@ + import gzip + import re + import secrets ++import textwrap + import unicodedata + from gzip import GzipFile + from gzip import compress as gzip_compress +@@ -97,24 +98,15 @@ def wrap(text, width): + ``width``. + """ + +- def _generator(): +- for line in text.splitlines(True): # True keeps trailing linebreaks +- max_width = min((line.endswith("\n") and width + 1 or width), width) +- while len(line) > max_width: +- space = line[: max_width + 1].rfind(" ") + 1 +- if space == 0: +- space = line.find(" ") + 1 +- if space == 0: +- yield line +- line = "" +- break +- yield "%s\n" % line[: space - 1] +- line = line[space:] +- max_width = min((line.endswith("\n") and width + 1 or width), width) +- if line: +- yield line +- +- return "".join(_generator()) ++ wrapper = textwrap.TextWrapper( ++ width=width, ++ break_long_words=False, ++ break_on_hyphens=False, ++ ) ++ result = [] ++ for line in text.splitlines(True): ++ result.extend(wrapper.wrap(line)) ++ return "\n".join(result) + + + def add_truncation_text(text, truncate=None): +diff --git a/tests/template_tests/filter_tests/test_wordwrap.py b/tests/template_tests/filter_tests/test_wordwrap.py +index 88fbd274da94..4afa1dd234f1 100644 +--- a/tests/template_tests/filter_tests/test_wordwrap.py ++++ b/tests/template_tests/filter_tests/test_wordwrap.py +@@ -78,3 +78,14 @@ def test_wrap_lazy_string(self): + "this is a long\nparagraph of\ntext that\nreally needs\nto be wrapped\n" + "I'm afraid", + ) ++ ++ def test_wrap_long_text(self): ++ long_text = ( ++ "this is a long paragraph of text that really needs" ++ " to be wrapped I'm afraid " * 20_000 ++ ) ++ self.assertIn( ++ "this is a\nlong\nparagraph\nof text\nthat\nreally\nneeds to\nbe wrapped\n" ++ "I'm afraid", ++ wordwrap(long_text, 10), ++ ) diff --git a/python-django.spec b/python-django.spec index bd9040d74b20c744f6fe52ab551a6d1c74267edb..86bfdfcfd65b94eedc5dd20663fe26df30e7fb16 100644 --- a/python-django.spec +++ b/python-django.spec @@ -4,7 +4,7 @@ Summary: A high-level Python Web framework Name: python-django Version: 5.0.8 -Release: 3%{?dist} +Release: 4%{?dist} License: BSD URL: https://www.djangoproject.com/ Source0: https://github.com/django/django/archive/refs/tags/%{version}.tar.gz @@ -13,6 +13,7 @@ Patch001: python-django-5.0.8-CVE-2024-45230.patch Patch002: python-django-5.0.8-CVE-2024-45231.patch Patch003: python-django-5.0.8-CVE-2024-53907.patch Patch004: python-django-5.0.8-CVE-2024-53908.patch +patch005: python-django-5.0.8-CVE-2025-26699.patch BuildArch: noarch @@ -122,6 +123,10 @@ python3 runtests.py --settings=test_sqlite --verbosity=2 --parallel 1 %changelog +* Sat Jun 21 2025 Wseelly - 5.0.8-4 +- [Type] security +- [DESC] Resolves: CVE-2025-26699 + * Thu Dec 12 2024 Shop You - 5.0.8-3 - [Type] security - [DESC] Resolves: CVE-2024-45230 CVE-2024-45231 CVE-2024-53908 CVE-2024-53907