buildroot/package/python-django/python-django.hash at 3f8ace002831a01ed6aec59b704bd92c8a3b957f - deepcrayon/buildroot - SpaceCruft!

deepcrayon/buildroot

Peter Korsgaard 44e53c6b48 package/python-django: security bump to version 3.0.3

Fixes the following security issues:

- CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)
  django.contrib.postgres.aggregates.StringAgg aggregation function was
  subject to SQL injection, using a suitably crafted delimiter.

For more details, see the advisory:
https://www.djangoproject.com/weblog/2020/feb/03/security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

2020-02-03 12:31:22 +01:00

6 lines

321 B

Plaintext

Raw Blame History

 # md5, sha256 from https://pypi.org/pypi/django/json
 md5	37ec335a56234c0ad56c383b810afc7f  Django-3.0.3.tar.gz
 sha256	2f1ba1db8648484dd5c238fb62504777b7ad090c81c5f1fd8d5eb5ec21b5f283  Django-3.0.3.tar.gz
 # Locally computed sha256 checksums
 sha256	b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669  LICENSE