mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-12 15:31:45 +00:00
ab9a31fabc
In Django 3.2 before 3.2.21, 4 before 4.1.11, and 4.2 before 4.2.5, ``django.utils.encoding.uri_to_iri()`` was subject to potential denial of service attack via certain inputs with a very large number of Unicode characters. Since, there is no ptest available for python3-django so have not tested the patch changes at runtime. References: https://security-tracker.debian.org/tracker/CVE-2023-41164 https://www.djangoproject.com/weblog/2023/sep/04/security-releases/ Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>