MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-27 12:01:38 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
ab9a31fabc
meta-openembedded/meta-python/recipes-devtools/python/python3-django
History
Narpat Mali ab9a31fabc python3-django: fix CVE-2023-41164 
In Django 3.2 before 3.2.21, 4 before 4.1.11, and 4.2 before 4.2.5,
``django.utils.encoding.uri_to_iri()`` was subject to potential denial
of service attack via certain inputs with a very large number of Unicode
characters.

Since, there is no ptest available for python3-django so have not
tested the patch changes at runtime.

References:
https://security-tracker.debian.org/tracker/CVE-2023-41164
https://www.djangoproject.com/weblog/2023/sep/04/security-releases/

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-09-27 10:23:14 -04:00
..
CVE-2023-31047.patch python3-django: fix for CVE-2023-31047 2023-06-17 13:49:44 -04:00
CVE-2023-36053.patch python3-django: fix CVE-2023-36053 2023-08-25 10:45:34 -04:00
CVE-2023-41164.patch python3-django: fix CVE-2023-41164 2023-09-27 10:23:14 -04:00