Sunday, December 29, 2019

回复: [Security Update] www/django

ping ...
________________________________
发件人: owner-ports@openbsd.org <owner-ports@openbsd.org> 代表 wen heping <wenheping2000@hotmail.com>
发送时间: 2019年12月24日 7:31
收件人: ports@openbsd.org <ports@openbsd.org>
主题: [Security Update] www/django

Hi, ports@:

Here is a patch for www/py-django to update stable to 2.2.9
and update lts to 1.11.27. This update would fix some security isues:
CVE-2019-14232
CVE-2019-14233
CVE-2019-14234
CVE-2019-14235
CVE-2019-19118
CVE-2019-19844


Would anyone have a look of devel/py-tblib and devel/py-asgiref which I send
patch before? If we import these 2 ports,we can do more regression tests and
import latest version of Django3.

Comments? OK?

Regards,
wen

No comments:

Post a Comment