Python/django/3.2.10


A high-level Python web framework that encourages rapid development and clean, pragmatic design.

https://pypi.org/project/django
BSD-3-Clause AND BSD

10 Security Vulnerabilities

Infinite Loop in Django

Published date: 2022-02-04T00:00:26Z
CVE: CVE-2022-23833
Links:

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Affected versions: ["4.0", "4.0.1", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "2.2", "2.2.1", "2.2.10", "2.2.11", "2.2.12", "2.2.13", "2.2.14", "2.2.15", "2.2.16", "2.2.17", "2.2.18", "2.2.19", "2.2.2", "2.2.20", "2.2.3", "2.2.4", "2.2.5", "2.2.6", "2.2.7", "2.2.8", "2.2.9", "2.2.21", "2.2.22", "2.2.23", "2.2.24", "2.2.25", "2.2.26"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django Denial of service vulnerability in django.utils.encoding.uri_to_iri

Published date: 2023-11-03T06:36:29Z
CVE: CVE-2023-41164
Links:

In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uritoiri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

Affected versions: ["4.2", "4.2.1", "4.2.2", "4.2.3", "4.2.4", "4.1", "4.1.1", "4.1.2", "4.1.3", "4.1.4", "4.1.5", "4.1.6", "4.1.7", "4.1.8", "4.1.9", "4.1.10", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15", "3.2.16", "3.2.17", "3.2.18", "3.2.19", "3.2.20"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Cross-site Scripting in Django

Published date: 2022-02-04T00:00:33Z
CVE: CVE-2022-22818
Links:

The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.

Affected versions: ["4.0", "4.0.1", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "2.2", "2.2.1", "2.2.10", "2.2.11", "2.2.12", "2.2.13", "2.2.14", "2.2.15", "2.2.16", "2.2.17", "2.2.18", "2.2.19", "2.2.2", "2.2.20", "2.2.3", "2.2.4", "2.2.5", "2.2.6", "2.2.7", "2.2.8", "2.2.9", "2.2.21", "2.2.22", "2.2.23", "2.2.24", "2.2.25", "2.2.26"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django Denial-of-service in django.utils.text.Truncator

Published date: 2023-11-03T06:36:30Z
CVE: CVE-2023-43665
Links:

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatecharshtml and truncatewordshtml template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.

Affected versions: ["4.2", "4.2.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.1", "4.1.1", "4.1.2", "4.1.3", "4.1.4", "4.1.5", "4.1.6", "4.1.7", "4.1.8", "4.1.9", "4.1.10", "4.1.11", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15", "3.2.16", "3.2.17", "3.2.18", "3.2.19", "3.2.20", "3.2.21"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django has regular expression denial of service vulnerability in EmailValidator/URLValidator

Published date: 2023-07-03T15:30:45Z
CVE: CVE-2023-36053
Links:

In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.

Affected versions: ["3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15", "3.2.16", "3.2.17", "3.2.18", "3.2.19", "4.0", "4.0.1", "4.0.2", "4.0.3", "4.0.4", "4.1a1", "4.0.5", "4.1b1", "4.0.6", "4.1rc1", "4.0.7", "4.1", "4.1.1", "4.0.8", "4.1.2", "4.1.3", "4.1.4", "4.1.5", "4.0.9", "4.1.6", "4.0.10", "4.1.7", "4.1.8", "4.1.9", "4.2", "4.2.1", "4.2.2"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection

Published date: 2022-07-05T00:00:53Z
CVE: CVE-2022-34265
Links:

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

Affected versions: ["4.0", "4.0.1", "4.0.2", "4.0.3", "4.0.4", "4.0.5", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django contains Uncontrolled Resource Consumption via cached header

Published date: 2023-02-01T21:30:23Z
CVE: CVE-2023-23969
Links:

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.

Affected versions: ["4.0b1", "4.0rc1", "4.1a1", "4.1b1", "4.1rc1", "4.1", "4.1.1", "4.1.2", "4.1.3", "4.1.4", "4.1.5", "4.0a1", "4.0", "4.0.1", "4.0.2", "4.0.3", "4.0.4", "4.0.5", "4.0.6", "4.0.7", "4.0.8", "3.0b1", "3.0rc1", "3.1b1", "3.1rc1", "3.2", "3.2a1", "3.2b1", "3.2rc1", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15", "3.2.16"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django potential denial of service vulnerability in UsernameField on Windows

Published date: 2023-11-02T06:30:25Z
CVE: CVE-2023-46695
Links:

An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

Affected versions: ["4.2", "4.2.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.1", "4.1.1", "4.1.2", "4.1.3", "4.1.4", "4.1.5", "4.1.6", "4.1.7", "4.1.8", "4.1.9", "4.1.10", "4.1.11", "4.1.12", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15", "3.2.16", "3.2.17", "3.2.18", "3.2.19", "3.2.20", "3.2.21", "3.2.22"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Django denial-of-service vulnerability in internationalized URLs

Published date: 2022-10-16T12:00:23Z
CVE: CVE-2022-41323
Links:

In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.

Affected versions: ["4.1", "4.1.1", "4.0", "4.0.1", "4.0.2", "4.0.3", "4.0.4", "4.0.5", "4.0.6", "4.0.7", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

Regular expression denial-of-service in Django

Published date: 2024-03-15T21:30:43Z
CVE: CVE-2024-27351
Links:

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.

Affected versions: ["5.0", "5.0.1", "5.0.2", "4.2", "4.2.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.2.7", "4.2.8", "4.2.9", "4.2.10", "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2.4", "3.2.5", "3.2.6", "3.2.7", "3.2.8", "3.2.9", "3.2.10", "3.2.11", "3.2.12", "3.2.13", "3.2.14", "3.2.15", "3.2.16", "3.2.17", "3.2.18", "3.2.19", "3.2.20", "3.2.21", "3.2.22", "3.2.23", "3.2.24"]
Secure versions: [3.0a1, 3.1.12, 3.1.13, 3.1.14, 2.2.27, 2.2.28, 4.2a1, 4.2b1, 4.2rc1, 5.0a1, 5.0b1, 4.1.13, 5.0rc1, 3.2.25, 4.2.11, 5.0.3, 5.0.4, 4.2.12, 5.0.5, 4.2.13, 5.0.6, 5.1a1, 5.1b1, 4.2.14, 5.0.7, 5.1rc1, 4.2.15, 5.0.8, 5.1, 4.2.16, 5.0.9, 5.1.1, 5.1.2, 5.1.3]
Recommendation: Update to version 5.1.3.

373 Other Versions

Version License Security Released
3.0.11 BSD 2 2020-11-02 - 08:12 about 4 years
3.0.10 BSD 2 2020-09-01 - 09:14 about 4 years
3.0.9 BSD 4 2020-08-03 - 07:23 over 4 years
3.0.8 BSD 4 2020-07-01 - 04:49 over 4 years
3.0.7 BSD 4 2020-06-03 - 09:36 over 4 years
3.0.6 BSD 6 2020-05-04 - 05:26 over 4 years
3.0.5 BSD 6 2020-04-01 - 07:59 over 4 years
3.0.4 BSD 6 2020-03-04 - 09:31 over 4 years
3.0.3 BSD 7 2020-02-03 - 09:50 almost 5 years
3.0.2 BSD 7 2020-01-02 - 07:22 almost 5 years
3.0.1 BSD 7 2019-12-18 - 08:59 almost 5 years
3.0 BSD 7 2019-12-02 - 11:13 almost 5 years
2.2.28 BSD 2022-04-11 - 07:52 over 2 years
2.2.27 BSD 2022-02-01 - 07:56 almost 3 years
2.2.26 BSD 2 2022-01-04 - 09:53 almost 3 years
2.2.25 BSD 2 2021-12-07 - 07:34 almost 3 years
2.2.24 BSD 2 2021-06-02 - 08:53 over 3 years
2.2.23 BSD 4 2021-05-13 - 07:36 over 3 years
2.2.22 BSD 4 2021-05-06 - 07:40 over 3 years
2.2.21 BSD 4 2021-05-04 - 08:47 over 3 years
2.2.20 BSD 4 2021-04-06 - 07:34 over 3 years
2.2.19 BSD 4 2021-02-19 - 09:07 over 3 years
2.2.18 BSD 4 2021-02-01 - 09:28 almost 4 years
2.2.17 BSD 5 2020-11-02 - 08:12 about 4 years
2.2.16 BSD 5 2020-09-01 - 09:14 about 4 years
2.2.15 BSD 7 2020-08-03 - 07:23 over 4 years
2.2.14 BSD 7 2020-07-01 - 04:49 over 4 years
2.2.13 BSD 7 2020-06-03 - 09:36 over 4 years
2.2.12 BSD 9 2020-04-01 - 07:59 over 4 years
2.2.11 BSD 9 2020-03-04 - 09:31 over 4 years
2.2.10 BSD 10 2020-02-03 - 09:50 almost 5 years
2.2.9 BSD 10 2019-12-18 - 08:59 almost 5 years
2.2.8 BSD 10 2019-12-02 - 08:57 almost 5 years
2.2.7 BSD 11 2019-11-04 - 08:33 about 5 years
2.2.6 BSD 11 2019-10-01 - 08:36 about 5 years
2.2.5 BSD 11 2019-09-02 - 07:18 about 5 years
2.2.4 BSD 11 2019-08-01 - 09:04 over 5 years
2.2.3 BSD 15 2019-07-01 - 07:19 over 5 years
2.2.2 BSD 16 2019-06-03 - 10:11 over 5 years
2.2.1 BSD 18 2019-05-01 - 06:57 over 5 years
2.2 BSD 18 2019-04-01 - 12:47 over 5 years
2.1.15 BSD 2 2019-12-02 - 08:57 almost 5 years
2.1.14 BSD 3 2019-11-04 - 08:33 about 5 years
2.1.13 BSD 3 2019-10-01 - 08:36 about 5 years
2.1.12 BSD 3 2019-09-02 - 07:18 about 5 years
2.1.11 BSD 3 2019-08-01 - 09:04 over 5 years
2.1.10 BSD 7 2019-07-01 - 07:19 over 5 years
2.1.9 BSD 8 2019-06-03 - 10:11 over 5 years
2.1.8 BSD 10 2019-04-01 - 09:18 over 5 years
2.1.7 BSD 10 2019-02-11 - 15:10 almost 6 years
2.1.5 BSD 11 2019-01-04 - 13:52 almost 6 years
2.1.4 BSD 12 2018-12-03 - 17:02 almost 6 years
2.1.3 BSD 12 2018-11-01 - 14:36 about 6 years
2.1.2 BSD 12 2018-10-01 - 09:22 about 6 years
2.1.1 BSD 13 2018-08-31 - 08:42 about 6 years
2.1 BSD 13 2018-08-01 - 14:11 over 6 years
2.0.13 BSD 3 2019-02-12 - 10:50 almost 6 years
2.0.12 BSD 3 2019-02-11 - 15:10 almost 6 years
2.0.10 BSD 4 2019-01-04 - 14:03 almost 6 years
2.0.9 BSD 5 2018-10-01 - 09:22 about 6 years
2.0.8 BSD 5 2018-08-01 - 13:51 over 6 years
2.0.7 BSD 6 2018-07-02 - 09:02 over 6 years
2.0.6 BSD 6 2018-06-01 - 15:32 over 6 years
2.0.5 BSD 6 2018-05-02 - 01:34 over 6 years
2.0.4 BSD 6 2018-04-03 - 02:39 over 6 years
2.0.3 BSD 6 2018-03-06 - 14:05 over 6 years
2.0.2 BSD 8 2018-02-01 - 14:30 almost 7 years
2.0.1 BSD 8 2018-01-02 - 00:50 almost 7 years
2.0 BSD 8 2017-12-02 - 15:11 almost 7 years
1.11.29 BSD 1 2020-03-04 - 09:31 over 4 years
1.11.28 BSD 2 2020-02-03 - 09:50 almost 5 years
1.11.27 BSD 3 2019-12-18 - 08:59 almost 5 years
1.11.26 BSD 4 2019-11-04 - 08:33 about 5 years
1.11.25 BSD 4 2019-10-01 - 08:36 about 5 years
1.11.24 BSD 4 2019-09-02 - 07:18 about 5 years
1.11.23 BSD 4 2019-08-01 - 09:04 over 5 years
1.11.22 BSD 8 2019-07-01 - 07:19 over 5 years
1.11.21 BSD 9 2019-06-03 - 10:10 over 5 years
1.11.20 BSD 10 2019-02-11 - 15:10 almost 6 years
1.11.18 BSD 11 2019-01-04 - 14:10 almost 6 years
1.11.17 BSD 12 2018-12-03 - 17:02 almost 6 years
1.11.16 BSD 12 2018-10-01 - 09:22 about 6 years
1.11.15 BSD 12 2018-08-01 - 13:45 over 6 years
1.11.14 BSD 12 2018-07-02 - 09:01 over 6 years
1.11.13 BSD 12 2018-05-02 - 01:54 over 6 years
1.11.12 BSD 12 2018-04-03 - 02:45 over 6 years
1.11.11 BSD 12 2018-03-06 - 14:15 over 6 years
1.11.10 BSD 14 2018-02-01 - 14:40 almost 7 years
1.11.9 BSD 15 2018-01-02 - 01:01 almost 7 years
1.11.8 BSD 15 2017-12-02 - 14:20 almost 7 years
1.11.7 BSD 14 2017-11-02 - 01:26 about 7 years
1.11.6 BSD 14 2017-10-05 - 18:21 about 7 years
1.11.5 BSD 14 2017-09-05 - 15:18 about 7 years
1.11.4 BSD 15 2017-08-01 - 12:24 over 7 years
1.11.3 BSD 15 2017-07-01 - 23:24 over 7 years
1.11.2 BSD 15 2017-06-01 - 16:47 over 7 years
1.11.1 BSD 15 2017-05-06 - 13:26 over 7 years
1.11 BSD 15 2017-04-04 - 15:59 over 7 years
1.10.8 BSD 5 2017-09-05 - 15:31 about 7 years
1.10.7 BSD 6 2017-04-04 - 14:27 over 7 years