Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=kirkstone-next 2023-08-25T14:45:34+00:00 2023-08-25T14:45:34+00:00 Narpat Mali narpat.mali@windriver.com 2023-07-28T08:13:18+00:00 urn:sha1:ac60beb44f62181ce48134bac61d89b7c0f4476f In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. Since, there is no ptest available for python3-django so have not tested the patch changes at runtime. References: https://github.com/advisories/GHSA-jh3w-4vvf-mjgr https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582 Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>