mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-08 02:09:48 +03:00
3e4f6e1b20
Fix CVE-2022-34265: An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. https://www.djangoproject.com/weblog/2022/jul/04/security-releases Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>