python3-django: Fix CVE-2024-38875 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Soumya Sambu <soumya.sambu@windriver.com>	2025-01-10 13:17:53 +0000
committer	Armin Kuster <akuster808@gmail.com>	2025-01-22 19:20:02 -0500
commit	580693f8b9e0e27ba984d83e3e4b4b8a749b8480 (patch)
tree	c6a8f7ee7bc81aeb9b6bd2b537b27d6f8c8953d0 /meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch
parent	ff5e933e58384b180a339fb8808478db1ff4ade7 (diff)
download	meta-openembedded-580693f8b9e0e27ba984d83e3e4b4b8a749b8480.tar.gz

python3-django: Fix CVE-2024-38875

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets. References: https://nvd.nist.gov/vuln/detail/CVE-2024-38875 https://github.com/advisories/GHSA-qg2p-9jwr-mmqf Upstream-patch: https://github.com/django/django/commit/79f368764295df109a37192f6182fb6f361d85b5 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: