godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-01 13:49:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2019.11.3
buildroot/package/python-django/python-django.hash
Peter Korsgaard 9f0455c911 package/python-django: security bump to version 2.2.11 
Fixes the following security issues (2.2.10):

- CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)
  django.contrib.postgres.aggregates.StringAgg aggregation function was
  subject to SQL injection, using a suitably crafted delimiter.

For more details, see the advisory:
https://www.djangoproject.com/weblog/2020/feb/03/security-releases/

Fixes the following security issues (2.2.11):

- CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS
  functions and aggregates on Oracle.
  GIS functions and aggregates on Oracle were subject to SQL injection,
  using a suitably crafted tolerance.

For more details, see the advisory:
https://www.djangoproject.com/weblog/2020/mar/04/security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-03-07 21:52:12 +01:00

6 lines
323 B
Plaintext
Raw Permalink Blame History

# md5, sha256 from https://pypi.org/pypi/django/json
md5 3d8cc4ec1329c742d848c418932e488a Django-2.2.11.tar.gz
sha256 65e2387e6bde531d3bb803244a2b74e0253550a9612c64a60c8c5be267b30f50 Django-2.2.11.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
Reference in New Issue View Git Blame Copy Permalink