[SECURITY] Fedora 40 Update: python-django-4.2.11-2.fc40

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-5c7fb64c74 2024-04-13 03:40:51.150299 -------------------------------------------------------------------------------- Name : python-django Product : Fedora 40 Version : 4.2.11 Release : 2.fc40 URL : https://www.djangoproject.com/ Summary : A high-level Python Web framework Description : Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2024-24680 and CVE-2024-27351 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 9 2024 Michel Lind <salimma(a)fedoraproject.org&gt; - 4.2.11-2 - Update list of bundled Javascript modules - Add virtual Provides and Conflicts to allow swapping Django stacks - Re-enable tests temporarily disabled for Python 3.12 beta * Mon Apr 8 2024 Michel Lind <salimma(a)fedoraproject.org&gt; - 4.2.11-1 - Update to 4.2.11 - Resolves CVE-2024-24680 (rhbz#2263505) - Resolves CVE-2024-27351 (rhbz#2267654) * Tue Mar 12 2024 Miro Hron��ok <miro(a)hroncok.cz&gt; - 4.2.6-5 - No longer own the /usr/share/bash-completion directory -------------------------------------------------------------------------------- References: [ 1 ] Bug #2263505 - CVE-2024-24680 python-django: Django: denial-of-service in ``intcomma`` template filter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2263505 [ 2 ] Bug #2267654 - CVE-2024-27351 python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2267654 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-5c7fb64c74' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------