guix_mirror_bot pushed a commit to branch next-master
in repository guix.
commit 770ac515917e719b05b978d818565dd556f7b19c
Author: Hugo Buddelmeijer <[email protected]>
AuthorDate: Sat Dec 6 19:19:53 2025 +0100
gnu: python-django: Update to 5.2.9 to fix CVEs.
Fixes CVE-2025-32873, CVE-2025-13372, and CVE-2025-64460.
* gnu/packages/django.scm (python-django): Update to 5.2.9.
[properties]: Hide CVE-2025-32873 and unhide CVE-2023-31047.
Change-Id: I75769bbfd36ccba8456b38154db69989f73b62eb
Signed-off-by: Sharlatan Hellseher <[email protected]>
---
gnu/packages/django.scm | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/django.scm b/gnu/packages/django.scm
index 90cf5b6726..db642faf9b 100644
--- a/gnu/packages/django.scm
+++ b/gnu/packages/django.scm
@@ -203,13 +203,13 @@ your project into different processes.")
(define-public python-django
(package
(name "python-django")
- (version "5.2.8")
+ (version "5.2.9")
(source
(origin
(method url-fetch)
(uri (pypi-uri "django" version))
(sha256
- (base32 "0zvc8p4brwbj4yy8jxcannjfnik2xh4vis04c3x2r6mvlmk4h993"))))
+ (base32 "15d45imlysz7wcm4azf6a9rjv19jxb953x8sav0fc9wcbvycrd8n"))))
(build-system pyproject-build-system)
(arguments
'(#:test-flags
@@ -295,8 +295,8 @@ any Web site. Django focuses on automating as much as
possible and adhering
to the @dfn{don't repeat yourself} (DRY) principle.")
(license license:bsd-3)
(properties `((cpe-name . "django")
- ;; This CVE seems fixed since 4.2.1.
- (lint-hidden-cve . ("CVE-2023-31047"))))))
+ ;; This CVE seems fixed since 5.2.1.
+ (lint-hidden-cve . ("CVE-2025-32873"))))))
(define-public python-django-4
(package
