* [Buildroot] [git commit] package/python-django: security bump to version 3.2.11
@ 2022-01-15 14:22 Yann E. MORIN
0 siblings, 0 replies; only message in thread
From: Yann E. MORIN @ 2022-01-15 14:22 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=a17d4aba54e62359cba638809fde5752dd40cf59
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Fixes:
- CVE-2021-45115: Denial-of-service possibility in
UserAttributeSimilarityValidator
- CVE-2021-45116: Potential information disclosure in dictsort template
filter
- CVE-2021-45452: Potential directory-traversal via Storage.save()
https://www.djangoproject.com/weblog/2022/jan/04/security-releases
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
package/python-django/python-django.hash | 4 ++--
package/python-django/python-django.mk | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/python-django/python-django.hash b/package/python-django/python-django.hash
index 3eea17e70f..89bc5ffb19 100644
--- a/package/python-django/python-django.hash
+++ b/package/python-django/python-django.hash
@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.org/pypi/django/json
-md5 eaf0c3b4ac6b22cae9068360e6fd2d1b Django-3.2.10.tar.gz
-sha256 074e8818b4b40acdc2369e67dcd6555d558329785408dcd25340ee98f1f1d5c4 Django-3.2.10.tar.gz
+md5 6c4a53d2ccb464bc3dd772c6f2f07df9 Django-3.2.11.tar.gz
+sha256 69c94abe5d6b1b088bf475e09b7b74403f943e34da107e798465d2045da27e75 Django-3.2.11.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
diff --git a/package/python-django/python-django.mk b/package/python-django/python-django.mk
index 4f80208f0e..25a645823b 100644
--- a/package/python-django/python-django.mk
+++ b/package/python-django/python-django.mk
@@ -4,10 +4,10 @@
#
################################################################################
-PYTHON_DJANGO_VERSION = 3.2.10
+PYTHON_DJANGO_VERSION = 3.2.11
PYTHON_DJANGO_SOURCE = Django-$(PYTHON_DJANGO_VERSION).tar.gz
# The official Django site has an unpractical URL
-PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/a5/8e/c6dfc718d572e4b33b56824b9e71e5ab9be8072e6747fc6184d206c3fdb3
+PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/20/86/e4348aac45bc83fc8e9dda2cfd81004b007c65b68c1499a4233acabdaa3b
PYTHON_DJANGO_LICENSE = BSD-3-Clause
PYTHON_DJANGO_LICENSE_FILES = LICENSE
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2022-01-15 14:22 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-15 14:22 [Buildroot] [git commit] package/python-django: security bump to version 3.2.11 Yann E. MORIN
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.