summaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python3-django_4.2.10.bb
Commit message (Collapse)AuthorAgeFilesLines
* python3-django: upgrade 4.2.10 -> 4.2.11Fathi Boudra2024-03-271-14/+0
| | | | | | | | | | | | CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() Fixed a regression in Django 4.2.10 where intcomma template filter could return a leading comma for string representation of floats. https://code.djangoproject.com/ticket/35172 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-python: drop ${PYTHON_PN}Tim Orling2024-02-191-2/+2
| | | | | | | python 2 is long unsupported, so we no longer need this variable. Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-django: upgrade to Django 4.2.10 LTS releaseFathi Boudra2024-02-161-0/+14
Django 4.0.x is no longer supported since April 2023. Upgrade to the latest 4.x LTS release. Fixes CVEs: CVE-2024-24680: Potential denial-of-service in intcomma template filter CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uri_to_iri() CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator CVE-2023-31047: Potential bypass of validation when uploading multiple files using one form field Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-12-28 23:54:04 +0000