[Buildroot] [PATCH] package/python-django: security bump to version 4.0.8
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Mon Oct 17 21:13:08 UTC 2022
On Mon, 17 Oct 2022 19:29:17 +0200
Peter Korsgaard <peter at korsgaard.com> wrote:
> Fixes the following security issues:
>
> - CVE-2022-36359: Potential reflected file download vulnerability in
> FileResponse (4.0.7)
> https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
>
> - CVE-2022-41323: Potential denial-of-service vulnerability in
> internationalized URLs (4.0.8)
> https://www.djangoproject.com/weblog/2022/oct/04/security-releases/
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ---
> package/python-django/python-django.hash | 4 ++--
> package/python-django/python-django.mk | 4 ++--
> 2 files changed, 4 insertions(+), 4 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list