bartronx7/guix
1
0
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2026-01-25 12:05:19 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: python-django: Update to 5.2.9 to fix CVEs.

Browse source 
Fixes CVE-2025-32873, CVE-2025-13372, and CVE-2025-64460.

* gnu/packages/django.scm (python-django): Update to 5.2.9.
[properties]: Hide CVE-2025-32873 and unhide CVE-2023-31047.

Change-Id: I75769bbfd36ccba8456b38154db69989f73b62eb
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
This commit is contained in:
Hugo Buddelmeijer 2025-12-06 19:19:53 +01:00 committed by Andreas Enge
parent 14a687789d
commit 70fcd644e9
No known key found for this signature in database
GPG key ID: F7D5C9BF765C61E3
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
gnu/packages/django.scm
View file

@ -203,13 +203,13 @@ your project into different processes.")
(define-public python-django
(package
(name "python-django")
(version "5.2.8")
(version "5.2.9")
(source
(origin
(method url-fetch)
(uri (pypi-uri "django" version))
(sha256
(base32 "0zvc8p4brwbj4yy8jxcannjfnik2xh4vis04c3x2r6mvlmk4h993"))))
(base32 "15d45imlysz7wcm4azf6a9rjv19jxb953x8sav0fc9wcbvycrd8n"))))
(build-system pyproject-build-system)
(arguments
'(#:test-flags
@ -295,8 +295,8 @@ any Web site. Django focuses on automating as much as possible and adhering
to the @dfn{don't repeat yourself} (DRY) principle.")
(license license:bsd-3)
(properties `((cpe-name . "django")
;; This CVE seems fixed since 4.2.1.
(lint-hidden-cve . ("CVE-2023-31047"))))))
;; This CVE seems fixed since 5.2.1.
(lint-hidden-cve . ("CVE-2025-32873"))))))
(define-public python-django-4
(package