Debian 9820 Published by

A sqlparse security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue with a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service).



ELA-871-1 sqlparse security update

Package : sqlparse
Version : 0.2.2-1+deb9u1 (stretch)

Related CVEs :
CVE-2023-30608

Erik Krogh Kristensen discovered that sqlparse, a non-validating SQL parser,
contained a regular expression that is vulnerable to ReDoS (Regular Expression
Denial of Service).

ELA-871-1 sqlparse security update