summaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb
diff options
context:
space:
mode:
authorNarpat Mali <narpat.mali@windriver.com>2023-05-26 13:41:37 +0000
committerArmin Kuster <akuster808@gmail.com>2023-06-17 13:49:44 -0400
commite43d06878866f55b1f261fd06e0b443d378e3ce8 (patch)
treec12fd8e05c360677fc3b6216c96f632f2779f41d /meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb
parent26b9ab59fcad04975377a403dafe05aa8acf3a0e (diff)
downloadmeta-openembedded-e43d06878866f55b1f261fd06e0b443d378e3ce8.tar.gz
python3-django: fix for CVE-2023-31047
In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise. Since, there is no ptest available for python3-django so have not tested the patch changes at runtime. Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-sqlparse_0.4.2.bb')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-09 15:05:05 +0000