diff options
| author | Leon Anavi <leon.anavi@konsulko.com> | 2021-06-02 16:36:02 +0300 | 
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2021-06-03 09:13:02 -0700 | 
| commit | 624e3e18982775d2ea88e55e16d179420f0575fc (patch) | |
| tree | f1ff0ed1a74dbb835fa291a3cc6f78097711c974 /meta-python/recipes-devtools/python/python3-grpcio/boring_ssl.patch | |
| parent | f7d0b01539a0035abc7c116e5048ae1743261eb9 (diff) | |
| download | meta-openembedded-624e3e18982775d2ea88e55e16d179420f0575fc.tar.gz | |
python3-django: Upgrade 3.2.3 -> 3.2.4
Upgrade to release 3.2.4:
- CVE-2021-33203: Potential directory traversal via admindocs
- CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks
  since validators accepted leading zeros in IPv4 addresses
- Fixed a bug in Django 3.2 where a final catch-all view in the
  admin didn't respect the server-provided value of SCRIPT_NAME
  when redirecting unauthenticated users to the login page.
- Fixed a bug in Django 3.2 where a system check would crash on an
  abstract model
- Prevented unnecessary initialization of unused caches following
  a regression in Django 3.2
- Fixed a crash in Django 3.2 that could occur when running
  mod_wsgi with the recommended settings while the Windows
  colorama library was installed
- Fixed a bug in Django 3.2 that would trigger the auto-reloader
  for template changes when directory paths were specified with
  strings
- Fixed a regression in Django 3.2 that caused a crash of
  auto-reloader with AttributeError, e.g. inside a Conda
  environment
- Fixed a regression in Django 3.2 that caused a loss of precision
  for operations with DecimalField on MySQL
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-grpcio/boring_ssl.patch')
0 files changed, 0 insertions, 0 deletions
