Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/python-django: security bump to 5.2.9

Browse Source 
Fixes:
* CVE-2025-13372: Potential SQL injection in FilteredRelation column aliases on PostgreSQL
* CVE-2025-64460: Potential denial-of-service vulnerability in XML Deserializer

Full release notes: https://docs.djangoproject.com/en/6.0/releases/5.2.9/

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 2622f9ca25cdc179ed1be3d733fb9b963a7fc5b8)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
This commit is contained in:
Marcus Hoffmann
2025-12-22 15:54:26 +01:00
committed by Thomas Perale
parent 70072dc0e2
commit 60d6b2a58c
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package/python-django/python-django.hash
View File

@@ -1,6 +1,6 @@
# md5, sha256 from https://pypi.org/pypi/django/json
md5 0268c52cb99bb764490fdd90502def32 django-5.2.8.tar.gz
sha256 23254866a5bb9a2cfa6004e8b809ec6246eba4b58a7589bc2772f1bcc8456c7f django-5.2.8.tar.gz
md5 e7d89ddfdca79542039dbab31e4bede8 django-5.2.9.tar.gz
sha256 16b5ccfc5e8c27e6c0561af551d2ea32852d7352c67d452ae3e76b4f6b2ca495 django-5.2.9.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
sha256 dcac1c86cb7ab491702bdb4c41be680fafde51536748cc8aaee3840eec53ed17 django/contrib/gis/measure.py

4
package/python-django/python-django.mk
View File

@@ -4,10 +4,10 @@
#
################################################################################
PYTHON_DJANGO_VERSION = 5.2.8
PYTHON_DJANGO_VERSION = 5.2.9
PYTHON_DJANGO_SOURCE = django-$(PYTHON_DJANGO_VERSION).tar.gz
# The official Django site has an unpractical URL
PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/05/a2/933dbbb3dd9990494960f6e64aca2af4c0745b63b7113f59a822df92329e
PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/eb/1c/188ce85ee380f714b704283013434976df8d3a2df8e735221a02605b6794
PYTHON_DJANGO_LICENSE = BSD-3-Clause, MIT (jquery, utils/archive.py), BSD-2-Clause (inlines.js)
PYTHON_DJANGO_LICENSE_FILES = LICENSE \
django/contrib/gis/measure.py \