openRuyi-tutorials/buildroot
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/python-django: security bump to version 5.1.8

Browse Source 
Fixes the following security issues:

- CVE-2025-26699: Potential denial-of-service vulnerability in
    django.utils.text.wrap()

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-26699
  - 8dbb44d342

- CVE-2025-27556: Potential denial-of-service vulnerability in
    LoginView, LogoutView, and set_language() on Windows

This CVE isn't related to buildroot has it is only applicable on
Windows but this package version bump fix it.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27556
  - edc2716d01

For more details on the version bump, see the release notes:
  - https://docs.djangoproject.com/en/5.1/releases/5.1.8/
  - https://docs.djangoproject.com/en/5.1/releases/5.1.7/
  - https://docs.djangoproject.com/en/5.1/releases/5.1.6/

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
This commit is contained in:
Thomas Perale
2025-04-10 22:11:54 +02:00
committed by Julien Olivain
parent e863acaa1a
commit f2b14baf25
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package/python-django/python-django.hash
View File

@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.org/pypi/django/json
md5 272e951dbc4ccb7854c5a69aa5650749 Django-5.1.5.tar.gz
sha256 19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 Django-5.1.5.tar.gz
md5 80247a8b48cdac55e5ad3fb682ab71a3 Django-5.1.8.tar.gz
sha256 42e92a1dd2810072bcc40a39a212b693f94406d0ba0749e68eb642f31dc770b4 Django-5.1.8.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE

4
package/python-django/python-django.mk
View File

@@ -4,10 +4,10 @@
#
################################################################################
PYTHON_DJANGO_VERSION = 5.1.5
PYTHON_DJANGO_VERSION = 5.1.8
PYTHON_DJANGO_SOURCE = Django-$(PYTHON_DJANGO_VERSION).tar.gz
# The official Django site has an unpractical URL
PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/e4/17/834e3e08d590dcc27d4cc3c5cd4e2fb757b7a92bab9de8ee402455732952
PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/00/40/45adc1b93435d1b418654a734b68351bb6ce0a0e5e37b2f0e9aeb1a2e233
PYTHON_DJANGO_LICENSE = BSD-3-Clause
PYTHON_DJANGO_LICENSE_FILES = LICENSE
PYTHON_DJANGO_CPE_ID_VENDOR = djangoproject