meta-openembedded

mirrors/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 17:59:59 +00:00

Commit Graph

Author	SHA1	Message	Date
Soumya Sambu	46701493ac	python3-django: Fix CVE-2024-41989 An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-41989 Upstream-patches: https://github.com/django/django/commit/08c5a787262c1ae57f6517d4574b54a5fcaad124 https://github.com/django/django/commit/4b066bde692078b194709d517b27e55defae787c https://github.com/django/django/commit/dcd974698301a38081c141ccba6dcafa5ed2c80e https://github.com/django/django/commit/fc76660f589ac07e45e9cd34ccb8087aeb11904b Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2025-01-22 19:20:15 -05:00

Author

SHA1

Message

Date

Soumya Sambu

46701493ac

python3-django: Fix CVE-2024-41989

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The
floatformat template filter is subject to significant memory consumption when
given a string representation of a number in scientific notation with a large
exponent.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-41989

Upstream-patches:
https://github.com/django/django/commit/08c5a787262c1ae57f6517d4574b54a5fcaad124
https://github.com/django/django/commit/4b066bde692078b194709d517b27e55defae787c
https://github.com/django/django/commit/dcd974698301a38081c141ccba6dcafa5ed2c80e
https://github.com/django/django/commit/fc76660f589ac07e45e9cd34ccb8087aeb11904b

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2025-01-22 19:20:15 -05:00

1 Commits