python3-django: Fix CVE-2024-45230 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Soumya Sambu <soumya.sambu@windriver.com>	2025-01-10 13:18:00 +0000
committer	Armin Kuster <akuster808@gmail.com>	2025-01-22 19:23:02 -0500
commit	b4feba446d7a8f8232528c4b2ee936e5b98ced3d (patch)
tree	6c0bdb1b0ca864a54fdd5de45ddce37dcdfab2cd /meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch
parent	aa9e8a5557adbd25b5ebaa090c0843dc6b042f1d (diff)
download	meta-openembedded-b4feba446d7a8f8232528c4b2ee936e5b98ced3d.tar.gz

python3-django: Fix CVE-2024-45230

An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-45230 Upstream-patch: https://github.com/django/django/commit/d147a8ebbdf28c17cafbbe2884f0bc57e2bf82e2 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: