NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4161f9f1c9
kumquat-buildroot/package/python-django/python-django.hash
Peter Korsgaard 653f86c0e9 package/python-django: security bump to version 2.1.7 
Fixes the following security issues:

CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()

If django.utils.numberformat.format() – used by contrib.admin as well as the
the floatformat, filesizeformat, and intcomma templates filters – received a
Decimal with a large number of digits or a large exponent, it could lead to
significant memory usage due to a call to '{:f}'.format().

To avoid this, decimals with more than 200 digits are now formatted using
scientific notation.

https://docs.djangoproject.com/en/2.1/releases/2.1.6/

2.1.6 contained a packaging error, fixed by 2.1.7:

https://docs.djangoproject.com/en/2.1/releases/2.1.7/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-15 21:48:38 +01:00

6 lines
321 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/django/json
md5 a042e6ba117d2e01950d842cceb5eee0 Django-2.1.7.tar.gz
sha256 939652e9d34d7d53d74d5d8ef82a19e5f8bb2de75618f7e5360691b6e9667963 Django-2.1.7.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
Reference in New Issue View Git Blame Copy Permalink