kumquat-buildroot/package/python-django
Peter Korsgaard 653f86c0e9 package/python-django: security bump to version 2.1.7
Fixes the following security issues:

CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()

If django.utils.numberformat.format() – used by contrib.admin as well as the
the floatformat, filesizeformat, and intcomma templates filters – received a
Decimal with a large number of digits or a large exponent, it could lead to
significant memory usage due to a call to '{:f}'.format().

To avoid this, decimals with more than 200 digits are now formatted using
scientific notation.

https://docs.djangoproject.com/en/2.1/releases/2.1.6/

2.1.6 contained a packaging error, fixed by 2.1.7:

https://docs.djangoproject.com/en/2.1/releases/2.1.7/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 21:48:38 +01:00
..
Config.in
python-django.hash package/python-django: security bump to version 2.1.7 2019-02-15 21:48:38 +01:00
python-django.mk package/python-django: security bump to version 2.1.7 2019-02-15 21:48:38 +01:00