| Message ID | 20240216133747.2755857-1-fathi.boudra@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-python,langdale] python3-django: upgrade from 4.1.6 to 4.2.10 | expand |
diff --git a/meta-python/recipes-devtools/python/python3-django_4.1.6.bb b/meta-python/recipes-devtools/python/python3-django_4.2.10.bb similarity index 58% rename from meta-python/recipes-devtools/python/python3-django_4.1.6.bb rename to meta-python/recipes-devtools/python/python3-django_4.2.10.bb index e54398c456..a25ebc4b11 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.1.6.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.10.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "bceb0fe1a386781af0788cae4108622756cd05e7775448deec04a71ddf87685d" +SRC_URI[sha256sum] = "b1260ed381b10a11753c73444408e19869f3241fc45c985cd55a30177c789d13" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \
Django 4.1.x is no longer supported since December 2023. Upgrade to the latest 4.x LTS release. Fixes CVEs: CVE-2024-24680: Potential denial-of-service in intcomma template filter CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uri_to_iri() CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator CVE-2023-31047: Potential bypass of validation when uploading multiple files using one form field Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> --- .../{python3-django_4.1.6.bb => python3-django_4.2.10.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_4.1.6.bb => python3-django_4.2.10.bb} (58%)