mirror of
https://github.com/godotengine/buildroot.git
synced 2025-12-31 09:48:56 +03:00
28355e20fe
Fixes the following security issues: CVE-2021-3281: Potential directory-traversal via archive.extract() The django.utils.archive.extract() function, used by startapp --template and startproject --template, allowed directory-traversal via an archive with absolute paths or relative paths with dot segments. For details, see the advisory: https://www.djangoproject.com/weblog/2021/feb/01/security-releases/ Additionally, 3.0.11 fixed a regression: https://docs.djangoproject.com/en/3.1/releases/3.0.11/ Update indentation in hash file (two spaces). Signed-off-by: Peter Korsgaard <peter@korsgaard.com>