linux/meta-openembedded.git/meta-python/recipes-devtools/python/python3-django_5.0.11.bb, branch scarthgap

python3-django: upgrade 5.0.11 -> 5.0.14

2025-12-09T01:31:20+00:00

Drop patch merged in the upstream. Release notes: https://docs.djangoproject.com/en/dev/releases/5.0.12/ https://docs.djangoproject.com/en/dev/releases/5.0.13/ https://docs.djangoproject.com/en/dev/releases/5.0.14/ Signed-off-by: Ankur Tyagi Signed-off-by: Anuj Mittal

python3-django 5.0.11: Fix CVE-2025-26699

2025-11-12T05:58:54+00:00

Upstream Repository: https://github.com/django/django.git Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26699 Type: Security Fix CVE: CVE-2025-26699 Score: 7.5 Patch: https://github.com/django/django/commit/e88f7376fe68 Signed-off-by: Anil Dongare Signed-off-by: Anuj Mittal

python3-django 5.0.11: ignore CVE-2025-27556

2025-11-12T05:58:54+00:00

Upstream Repository: https://github.com/django/django.git Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556 Type: Security Advisory CVE: CVE-2025-27556 Score: 7.5 Analysis: - CVE-2025-27556 affects Django 5.1 before 5.1.8 and 5.0 before 5.0.14. - The issue occurs due to slow NFKC normalization on Windows, which can cause a denial-of-service (DoS) when handling inputs containing a very large number of Unicode characters. - Affected Django components: django.contrib.auth.views.LoginView django.contrib.auth.views.LogoutView django.views.i18n.set_language - This performance degradation is specific to Windows, caused by the Windows Unicode normalization implementation. Reference: - https://nvd.nist.gov/vuln/detail/CVE-2025-27556 - https://github.com/django/django/commit/2cb311f7b069 Signed-off-by: Anil Dongare Signed-off-by: Anuj Mittal

python3-django: upgrade 5.0.10 -> 5.0.11

2025-03-03T13:05:00+00:00

Fixes CVE-2024-56374 Release Notes: https://docs.djangoproject.com/en/dev/releases/5.0.11/ Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster