Django 4.0.x is no longer supported since April 2023.
Upgrade to the latest 4.x LTS release.
Fixes CVEs:
CVE-2024-24680: Potential denial-of-service in intcomma template filter
CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator
CVE-2023-41164: Potential denial of service vulnerability in
django.utils.encoding.uri_to_iri()
CVE-2023-36053: Potential regular expression denial of service vulnerability in
EmailValidator/URLValidator
CVE-2023-31047: Potential bypass of validation when uploading multiple files
using one form field
Signed-off-by: Fathi Boudra <fathi.bou...@linaro.org>
---
.../{python3-django_4.0.2.bb => python3-django_4.2.10.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-python/recipes-devtools/python/{python3-django_4.0.2.bb =>
python3-django_4.2.10.bb} (79%)
diff --git a/meta-python/recipes-devtools/python/python3-django_4.0.2.bb
b/meta-python/recipes-devtools/python/python3-django_4.2.10.bb
similarity index 79%
rename from meta-python/recipes-devtools/python/python3-django_4.0.2.bb
rename to meta-python/recipes-devtools/python/python3-django_4.2.10.bb
index 7f933d1a37..45de692356 100644
--- a/meta-python/recipes-devtools/python/python3-django_4.0.2.bb
+++ b/meta-python/recipes-devtools/python/python3-django_4.2.10.bb
@@ -1,7 +1,7 @@
require python-django.inc
inherit setuptools3
-SRC_URI[sha256sum] =
"110fb58fb12eca59e072ad59fc42d771cd642dd7a2f2416582aa9da7a8ef954a"
+SRC_URI[sha256sum] =
"b1260ed381b10a11753c73444408e19869f3241fc45c985cd55a30177c789d13"
RDEPENDS:${PN} += "\
${PYTHON_PN}-sqlparse \
--
2.43.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#108762):
https://lists.openembedded.org/g/openembedded-devel/message/108762
Mute This Topic: https://lists.openembedded.org/mt/104390320/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
