python3-django: fix CVE-2025-57833 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Haixiao Yan <haixiao.yan.cn@windriver.com>	2026-04-10 15:05:06 +0800
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-15 14:12:18 +0530
commit	838ca228086821cf82b3de83fb78412c6d2784c8 (patch)
tree	29cfa39730376a6ddf4b81849b1bcb8a2e2c64b2 /meta-python/recipes-devtools/python/python3-rlp_4.0.0.bb
parent	6f240eceb0fe8ae357a4e5560bb7fb6dcae0e197 (diff)
download	meta-openembedded-838ca228086821cf82b3de83fb78412c6d2784c8.tar.gz

python3-django: fix CVE-2025-57833

FilteredRelation was subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias(). Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-57833 Upstream-patch: https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92 Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-rlp_4.0.0.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: