meta-openembedded

mirrors/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-18 07:10:32 +00:00

Commit Graph

Author	SHA1	Message	Date
Haixiao Yan	838ca22808	python3-django: fix CVE-2025-57833 FilteredRelation was subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias(). Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-57833 Upstream-patch: https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92 Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-04-15 14:12:18 +05:30

Author

SHA1

Message

Date

Haixiao Yan

838ca22808

python3-django: fix CVE-2025-57833

FilteredRelation was subject to SQL injection in column aliases, using a
suitably crafted dictionary, with dictionary expansion, as the **kwargs
passed QuerySet.annotate() or QuerySet.alias().

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-57833

Upstream-patch:
https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92

Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

2026-04-15 14:12:18 +05:30

1 Commits