| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | python3-django: upgrade 3.2.4 -> 3.2.5 | Trevor Gamblin | 2021-07-16 | 1 | -13/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | 3.2.5 fixes CVE-2021-35042: Potential SQL injection via unsanitized QuerySet.order_by() input. Additional release notes: - Fixed a regression in Django 3.2 that caused a crash of QuerySet.values_list(…, named=True) after prefetch_related() (#32812). - Fixed a bug in Django 3.2 that caused a migration crash on MySQL 8.0.13+ when altering BinaryField, JSONField, or TextField to non-nullable (#32503). - Fixed a regression in Django 3.2 that caused a migration crash on MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or TextField with a default value (#32832). - Fixed a bug in Django 3.2 where a system check would crash on a model with an invalid app_label (#32863). There is no corresponding uprev for the 2.x LTS branch since it is already at the latest version (2.2.24). Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> | ||||
| * | python3-django: Upgrade 3.2.3 -> 3.2.4 | Leon Anavi | 2021-06-03 | 1 | -0/+13 |
| Upgrade to release 3.2.4: - CVE-2021-33203: Potential directory traversal via admindocs - CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses - Fixed a bug in Django 3.2 where a final catch-all view in the admin didn't respect the server-provided value of SCRIPT_NAME when redirecting unauthenticated users to the login page. - Fixed a bug in Django 3.2 where a system check would crash on an abstract model - Prevented unnecessary initialization of unused caches following a regression in Django 3.2 - Fixed a crash in Django 3.2 that could occur when running mod_wsgi with the recommended settings while the Windows colorama library was installed - Fixed a bug in Django 3.2 that would trigger the auto-reloader for template changes when directory paths were specified with strings - Fixed a regression in Django 3.2 that caused a crash of auto-reloader with AttributeError, e.g. inside a Conda environment - Fixed a regression in Django 3.2 that caused a loss of precision for operations with DecimalField on MySQL Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> | |||||
 |
index : linux/meta-openembedded.git | |
| Mirror of git.openembedded.org/meta-openembedded | N/A |
| summaryrefslogtreecommitdiffstats |