From: Xu Huan <[email protected]> changelog: ================================================================================
Django 2.2.25 fixes a security issue with severity "low" in 2.2.24. CVE-2021-44420: Potential bypass of an upstream access control based on URL paths ================================================================================= HTTP requests for URLs with trailing newlines could bypass an upstream access control based on URL paths. Signed-off-by: Xu Huan <[email protected]> --- .../{python3-django_2.2.24.bb => python3-django_2.2.25.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-python/recipes-devtools/python/{python3-django_2.2.24.bb => python3-django_2.2.25.bb} (60%) diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.24.bb b/meta-python/recipes-devtools/python/python3-django_2.2.25.bb similarity index 60% rename from meta-python/recipes-devtools/python/python3-django_2.2.24.bb rename to meta-python/recipes-devtools/python/python3-django_2.2.25.bb index 982362bdd1..86d21fed06 100644 --- a/meta-python/recipes-devtools/python/python3-django_2.2.24.bb +++ b/meta-python/recipes-devtools/python/python3-django_2.2.25.bb @@ -5,8 +5,7 @@ UPSTREAM_CHECK_REGEX = "/${PYPI_PACKAGE}/(?P<pver>(2\.2\.\d*)+)/" inherit setuptools3 -SRC_URI[md5sum] = "ebf3bbb7716a7b11029e860475b9a122" -SRC_URI[sha256sum] = "3339ff0e03dee13045aef6ae7b523edff75b6d726adf7a7a48f53d5a501f7db7" +SRC_URI[sha256sum] = "b1e65eaf371347d4b13eb7e061b09786c973061de95390c327c85c1e2aa2349c" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#94366): https://lists.openembedded.org/g/openembedded-devel/message/94366 Mute This Topic: https://lists.openembedded.org/mt/87741085/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
