Haixiao Yan 0d50915759 python3-django: fix CVE-2025-64459 ... The methods QuerySet.filter(), QuerySet.exclude(), and QuerySet.get(), and the class Q() were subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the _connector argument. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-64459 https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html Upstream-patch: 98e642c691 Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>		2025-12-18 09:10:52 +01:00
..
CVE-2023-23969.patch
CVE-2023-31047.patch
CVE-2023-36053.patch
CVE-2023-41164.patch
CVE-2023-43665.patch
CVE-2023-46695.patch
CVE-2024-24680.patch
CVE-2024-27351.patch	python3-django: fix CVE-2024-27351	2025-11-30 15:16:29 +01:00
CVE-2024-38875.patch
CVE-2024-39329.patch	python3-django: fix CVE-2024-39329	2025-11-30 15:16:34 +01:00
CVE-2024-39330.patch	python3-django: fix CVE-2024-39330	2025-11-30 15:16:36 +01:00
CVE-2024-39614.patch
CVE-2024-41989-0001.patch
CVE-2024-41989-0002.patch
CVE-2024-41989-0003.patch
CVE-2024-41989-0004.patch
CVE-2024-41990.patch
CVE-2024-41991.patch	python3-django: Fix CVE-2024-41991	2025-01-22 19:22:59 -05:00
CVE-2024-42005.patch
CVE-2024-45230.patch	python3-django: Fix CVE-2024-45230	2025-01-22 19:23:02 -05:00
CVE-2024-45231.patch	python3-django: Fix CVE-2024-45231	2025-01-22 19:23:05 -05:00
CVE-2024-53907.patch	python3-django: Fix CVE-2024-53907	2025-01-22 19:23:09 -05:00
CVE-2024-56374.patch	python3-django: fix CVE-2024-56374	2025-11-30 15:16:31 +01:00
CVE-2025-26699.patch	python3-django: fix CVE-2025-26699	2025-11-30 15:16:30 +01:00
CVE-2025-32873.patch	python3-django: fix CVE-2025-32873	2025-12-05 15:29:59 +01:00
CVE-2025-57833.patch	python3-django: fix CVE-2025-57833	2025-11-30 15:16:32 +01:00
CVE-2025-64459.patch	python3-django: fix CVE-2025-64459	2025-12-18 09:10:52 +01:00