projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bcace42) | patch
package/python-django: security bump to version 3.2.4
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Mon, 21 Jun 2021 19:28:00 +0000 (21:28 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 23 Jun 2021 07:03:38 +0000 (09:03 +0200)
commit7c69da6295627dabcbfd6ec0faf3bc6b8d9410d7
treeb6f633f5fcf59591247cdd431168309880b8cb9btree
parentbcace429426ee91aac56f3dcc33b69e22141d384commit | diff
package/python-django: security bump to version 3.2.4

Django 3.2.4 fixes two security issues and several bugs in 3.2.3.
- CVE-2021-33203: Potential directory traversal via ``admindocs``
- CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks
  since validators accepted leading zeros in IPv4 addresses

https://github.com/django/django/blob/3.2.4/docs/releases/3.2.4.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/python-django/python-django.hash diff | blob | history
package/python-django/python-django.mk diff | blob | history