aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Asaf Kahlon <asafka7@gmail.com>2019-01-04 16:11:08 +0200
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-01-04 21:57:01 +0100
commit86d0ecf07615ff47a11ca6aa4d6aba908d6f359a (patch)
treef2f25cb8c4e9c38e4b0156725f9db6f25c66a110
parent45aabcddc5668b926078d43decc5fc5e59d43788 (diff)
downloadbuildroot-86d0ecf07615ff47a11ca6aa4d6aba908d6f359a.tar.gz
buildroot-86d0ecf07615ff47a11ca6aa4d6aba908d6f359a.tar.bz2
package/python-django: security bump to version 2.1.5
Fixes CVE-2019-3498: Content spoofing possibility in the default 404 page For more details, see the announcement: https://www.djangoproject.com/weblog/2019/jan/04/security-releases/ Signed-off-by: Asaf Kahlon <asafka7@gmail.com> [Peter: mention that bump fixes security issues] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/python-django/python-django.hash4
-rw-r--r--package/python-django/python-django.mk4
2 files changed, 4 insertions, 4 deletions
diff --git a/package/python-django/python-django.hash b/package/python-django/python-django.hash
index b6c85922a5..4b932ac907 100644
--- a/package/python-django/python-django.hash
+++ b/package/python-django/python-django.hash
@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.org/pypi/django/json
-md5 3afc8bcec941e37221287f1a5323b1f1 Django-2.1.4.tar.gz
-sha256 068d51054083d06ceb32ce02b7203f1854256047a0d58682677dd4f81bceabd7 Django-2.1.4.tar.gz
+md5 9309c48c8b92503b8969a7603a97e2a1 Django-2.1.5.tar.gz
+sha256 d6393918da830530a9516bbbcbf7f1214c3d733738779f06b0f649f49cc698c3 Django-2.1.5.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
diff --git a/package/python-django/python-django.mk b/package/python-django/python-django.mk
index 9ce74fbdc5..53e8f20e87 100644
--- a/package/python-django/python-django.mk
+++ b/package/python-django/python-django.mk
@@ -4,10 +4,10 @@
#
################################################################################
-PYTHON_DJANGO_VERSION = 2.1.4
+PYTHON_DJANGO_VERSION = 2.1.5
PYTHON_DJANGO_SOURCE = Django-$(PYTHON_DJANGO_VERSION).tar.gz
# The official Django site has an unpractical URL
-PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/83/f7/4939b60c4127d5f49ccb570e34f4c59ecc222949220234a88e4f363f1456
+PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/5c/7f/4c750e09b246621e5e90fa08f93dec1b991f5c203b0ff615d62a891c8f41
PYTHON_DJANGO_LICENSE = BSD-3-Clause
PYTHON_DJANGO_LICENSE_FILES = LICENSE
PYTHON_DJANGO_SETUP_TYPE = setuptools