NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ea422f9950
kumquat-buildroot/package/python-django/python-django.hash
Peter Korsgaard 28355e20fe package/python-django: security bump to version 3.0.12 
Fixes the following security issues:

CVE-2021-3281: Potential directory-traversal via archive.extract()

The django.utils.archive.extract() function, used by startapp --template and
startproject --template, allowed directory-traversal via an archive with
absolute paths or relative paths with dot segments.

For details, see the advisory:
https://www.djangoproject.com/weblog/2021/feb/01/security-releases/

Additionally, 3.0.11 fixed a regression:
https://docs.djangoproject.com/en/3.1/releases/3.0.11/

Update indentation in hash file (two spaces).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-02 16:35:01 +01:00

6 lines
326 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/django/json
md5 55291777e25bd9e0a286c6f64751246a Django-3.0.12.tar.gz
sha256 fd63e2c7acca5f2e7ad93dfb53d566e040d871404fc0f684a3e720006d221f9a Django-3.0.12.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
Reference in New Issue View Git Blame Copy Permalink