diff mbox series

[meta-python] python3-django: upgrade 2.2.24 -> 2.2.25

Message ID 1639561707-12180-1-git-send-email-xuhuan.fnst@fujitsu.com
State New
Headers show
Series [meta-python] python3-django: upgrade 2.2.24 -> 2.2.25 | expand

Commit Message

XU Huan Dec. 15, 2021, 9:48 a.m. UTC 
From: Xu Huan <xuhuan.fnst@fujitsu.com>

changelog:
================================================================================

Django 2.2.25 fixes a security issue with severity "low" in 2.2.24.

CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
=================================================================================

HTTP requests for URLs with trailing newlines could bypass an upstream access
control based on URL paths.

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
---
 .../{python3-django_2.2.24.bb => python3-django_2.2.25.bb}     | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
 rename meta-python/recipes-devtools/python/{python3-django_2.2.24.bb => python3-django_2.2.25.bb} (60%)
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.24.bb b/meta-python/recipes-devtools/python/python3-django_2.2.25.bb
similarity index 60%
rename from meta-python/recipes-devtools/python/python3-django_2.2.24.bb
rename to meta-python/recipes-devtools/python/python3-django_2.2.25.bb
index 982362bdd1..86d21fed06 100644
--- a/meta-python/recipes-devtools/python/python3-django_2.2.24.bb
+++ b/meta-python/recipes-devtools/python/python3-django_2.2.25.bb
@@ -5,8 +5,7 @@  UPSTREAM_CHECK_REGEX = "/${PYPI_PACKAGE}/(?P<pver>(2\.2\.\d*)+)/"
 
 inherit setuptools3
 
-SRC_URI[md5sum] = "ebf3bbb7716a7b11029e860475b9a122"
-SRC_URI[sha256sum] = "3339ff0e03dee13045aef6ae7b523edff75b6d726adf7a7a48f53d5a501f7db7"
+SRC_URI[sha256sum] = "b1e65eaf371347d4b13eb7e061b09786c973061de95390c327c85c1e2aa2349c"
 
 RDEPENDS:${PN} += "\
     ${PYTHON_PN}-sqlparse \