| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Drop patch merged in the upstream.
Release notes:
https://docs.djangoproject.com/en/dev/releases/5.0.12/
https://docs.djangoproject.com/en/dev/releases/5.0.13/
https://docs.djangoproject.com/en/dev/releases/5.0.14/
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream Repository: https://github.com/django/django.git
Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26699
Type: Security Fix
CVE: CVE-2025-26699
Score: 7.5
Patch: https://github.com/django/django/commit/e88f7376fe68
Signed-off-by: Anil Dongare <adongare@cisco.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream Repository: https://github.com/django/django.git
Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556
Type: Security Advisory
CVE: CVE-2025-27556
Score: 7.5
Analysis:
- CVE-2025-27556 affects Django 5.1 before 5.1.8 and 5.0 before 5.0.14.
- The issue occurs due to slow NFKC normalization on Windows, which can cause
a denial-of-service (DoS) when handling inputs containing a very large number
of Unicode characters.
- Affected Django components:
django.contrib.auth.views.LoginView
django.contrib.auth.views.LogoutView
django.views.i18n.set_language
- This performance degradation is specific to Windows, caused by the Windows
Unicode normalization implementation.
Reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-27556
- https://github.com/django/django/commit/2cb311f7b069
Signed-off-by: Anil Dongare <adongare@cisco.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
|
|
|
Fixes CVE-2024-56374
Release Notes:
https://docs.djangoproject.com/en/dev/releases/5.0.11/
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
