seedsigner/buildroot
seedsigner/buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48230a4b79
buildroot/package/python-django/python-django.hash
James Hilliard 48230a4b79 package/python-django: security bump to version 5.1.5 
Fixes the following vulnerability:

CVE-2024-56374: Potential denial-of-service vulnerability in IPv6 validation

Lack of upper bound limit enforcement in strings passed when performing IPv6
validation could lead to a potential denial-of-service attack.  The
undocumented and private functions clean_ipv6_address and
is_valid_ipv6_address were vulnerable, as was the
django.forms.GenericIPAddressField form field, which has now been updated to
define a max_length of 39 characters.

The django.db.models.GenericIPAddressField model field was not affected.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c87726dd336b7f9a1cebd26a327e47aa25d8b4d2)
[Peter: Mark as security bump, add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-01-31 18:41:40 +01:00

6 lines
324 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/django/json
md5 272e951dbc4ccb7854c5a69aa5650749 Django-5.1.5.tar.gz
sha256 19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 Django-5.1.5.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
Reference in New Issue View Git Blame Copy Permalink