Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/python-django: security bump to v5.1.10

This fixes the following CVE:

- CVE-2025-48432: An issue was discovered in Django 5.2 before 5.2.2,
                  5.1 before 5.1.10, and 4.2 before 4.2.22.
                  Internal HTTP response logging does not escape request.path,
                  which allows remote attackers to potentially manipulate log
                  output via crafted URLs.
                  This may lead to log injection or forgery when logs are
                  viewed in terminals or processed by external systems.

See https://www.cve.org/CVERecord?id=CVE-2025-48432

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Titouan Christophe 1 month ago
parent
e5ca807360
commit
243add1034
2 changed files with 4 additions and 4 deletions
Unified View Show Diff Stats
  1. 2 2
      package/python-django/python-django.hash
  2. 2 2
      package/python-django/python-django.mk

+ 2 - 2
package/python-django/python-django.hash
View File 

@@ -1,6 +1,6 @@
 
 # md5, sha256 from https://pypi.org/pypi/django/json
 
 # md5, sha256 from https://pypi.org/pypi/django/json
 
-md5  da93c81fcaf2e0b4dab3cf44e7564c7c  django-5.1.9.tar.gz
 
-sha256  565881bdd0eb67da36442e9ac788bda90275386b549070d70aee86327781a4fc  django-5.1.9.tar.gz
 
+md5  d3b7a04b581dec5d74769df44e0ddbd1  django-5.1.10.tar.gz
 
+sha256  73e5d191421d177803dbd5495d94bc7d06d156df9561f4eea9e11b4994c07137  django-5.1.10.tar.gz
 
 # Locally computed sha256 checksums
 
 # Locally computed sha256 checksums
 
 sha256  b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669  LICENSE
 
 sha256  b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669  LICENSE
 
 sha256  dcac1c86cb7ab491702bdb4c41be680fafde51536748cc8aaee3840eec53ed17  django/contrib/gis/measure.py
 
 sha256  dcac1c86cb7ab491702bdb4c41be680fafde51536748cc8aaee3840eec53ed17  django/contrib/gis/measure.py

+ 2 - 2
package/python-django/python-django.mk
View File 

@@ -4,10 +4,10 @@
 
 #
 
 #
 
 ################################################################################
 
 ################################################################################
 
 
 
-PYTHON_DJANGO_VERSION = 5.1.9
 
+PYTHON_DJANGO_VERSION = 5.1.10
 
 PYTHON_DJANGO_SOURCE = django-$(PYTHON_DJANGO_VERSION).tar.gz
 
 PYTHON_DJANGO_SOURCE = django-$(PYTHON_DJANGO_VERSION).tar.gz
 
 # The official Django site has an unpractical URL
 
 # The official Django site has an unpractical URL
 
-PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/10/08/2e6f05494b3fc0a3c53736846034f882b82ee6351791a7815bbb45715d79
 
+PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/73/ca/1c724be89e603eb8b5587ea24c63a8c30094c8ff4d990780b5033ee15c40
 
 PYTHON_DJANGO_LICENSE = BSD-3-Clause, MIT (jquery, utils/archive.py), BSD-2-Clause (inlines.js)
 
 PYTHON_DJANGO_LICENSE = BSD-3-Clause, MIT (jquery, utils/archive.py), BSD-2-Clause (inlines.js)
 
 PYTHON_DJANGO_LICENSE_FILES = LICENSE \
 
 PYTHON_DJANGO_LICENSE_FILES = LICENSE \
 
 	django/contrib/gis/measure.py \
 
 	django/contrib/gis/measure.py \