search

iiuni / projektzapisy

System Zapisów na zajęcia w Instytucie Informatyki Uniwersytetu Wrocławskiego
https://zapisy.ii.uni.wroc.pl
32 stars 10 forks source link

Update dependency Django to v4 [SECURITY] #1723

Open renovate[bot] opened 2 months ago

renovate[bot] commented 2 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
Django (changelog) ==3.1.14 -> ==4.2.16 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.

CVE-2024-45231

An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).

Release Notes

django/django (Django) ### [`v4.2.16`](https://redirect.github.com/django/django/compare/4.2.15...4.2.16) [Compare Source](https://redirect.github.com/django/django/compare/4.2.15...4.2.16) ### [`v4.2.15`](https://redirect.github.com/django/django/compare/4.2.14...4.2.15) [Compare Source](https://redirect.github.com/django/django/compare/4.2.14...4.2.15) ### [`v4.2.14`](https://redirect.github.com/django/django/compare/4.2.13...4.2.14) [Compare Source](https://redirect.github.com/django/django/compare/4.2.13...4.2.14) ### [`v4.2.13`](https://redirect.github.com/django/django/compare/4.2.12...4.2.13) [Compare Source](https://redirect.github.com/django/django/compare/4.2.12...4.2.13) ### [`v4.2.12`](https://redirect.github.com/django/django/compare/4.2.11...4.2.12) [Compare Source](https://redirect.github.com/django/django/compare/4.2.11...4.2.12) ### [`v4.2.11`](https://redirect.github.com/django/django/compare/4.2.10...4.2.11) [Compare Source](https://redirect.github.com/django/django/compare/4.2.10...4.2.11) ### [`v4.2.10`](https://redirect.github.com/django/django/compare/4.2.9...4.2.10) [Compare Source](https://redirect.github.com/django/django/compare/4.2.9...4.2.10) ### [`v4.2.9`](https://redirect.github.com/django/django/compare/4.2.8...4.2.9) [Compare Source](https://redirect.github.com/django/django/compare/4.2.8...4.2.9) ### [`v4.2.8`](https://redirect.github.com/django/django/compare/4.2.7...4.2.8) [Compare Source](https://redirect.github.com/django/django/compare/4.2.7...4.2.8) ### [`v4.2.7`](https://redirect.github.com/django/django/compare/4.2.6...4.2.7) [Compare Source](https://redirect.github.com/django/django/compare/4.2.6...4.2.7) ### [`v4.2.6`](https://redirect.github.com/django/django/compare/4.2.5...4.2.6) [Compare Source](https://redirect.github.com/django/django/compare/4.2.5...4.2.6) ### [`v4.2.5`](https://redirect.github.com/django/django/compare/4.2.4...4.2.5) [Compare Source](https://redirect.github.com/django/django/compare/4.2.4...4.2.5) ### [`v4.2.4`](https://redirect.github.com/django/django/compare/4.2.3...4.2.4) [Compare Source](https://redirect.github.com/django/django/compare/4.2.3...4.2.4) ### [`v4.2.3`](https://redirect.github.com/django/django/compare/4.2.2...4.2.3) [Compare Source](https://redirect.github.com/django/django/compare/4.2.2...4.2.3) ### [`v4.2.2`](https://redirect.github.com/django/django/compare/4.2.1...4.2.2) [Compare Source](https://redirect.github.com/django/django/compare/4.2.1...4.2.2) ### [`v4.2.1`](https://redirect.github.com/django/django/compare/4.2...4.2.1) [Compare Source](https://redirect.github.com/django/django/compare/4.2...4.2.1) ### [`v4.2`](https://redirect.github.com/django/django/compare/4.1.13...4.2) [Compare Source](https://redirect.github.com/django/django/compare/4.1.13...4.2) ### [`v4.1.13`](https://redirect.github.com/django/django/compare/4.1.12...4.1.13) [Compare Source](https://redirect.github.com/django/django/compare/4.1.12...4.1.13) ### [`v4.1.12`](https://redirect.github.com/django/django/compare/4.1.11...4.1.12) [Compare Source](https://redirect.github.com/django/django/compare/4.1.11...4.1.12) ### [`v4.1.11`](https://redirect.github.com/django/django/compare/4.1.10...4.1.11) [Compare Source](https://redirect.github.com/django/django/compare/4.1.10...4.1.11) ### [`v4.1.10`](https://redirect.github.com/django/django/compare/4.1.9...4.1.10) [Compare Source](https://redirect.github.com/django/django/compare/4.1.9...4.1.10) ### [`v4.1.9`](https://redirect.github.com/django/django/compare/4.1.8...4.1.9) [Compare Source](https://redirect.github.com/django/django/compare/4.1.8...4.1.9) ### [`v4.1.8`](https://redirect.github.com/django/django/compare/4.1.7...4.1.8) [Compare Source](https://redirect.github.com/django/django/compare/4.1.7...4.1.8) ### [`v4.1.7`](https://redirect.github.com/django/django/compare/4.1.6...4.1.7) [Compare Source](https://redirect.github.com/django/django/compare/4.1.6...4.1.7) ### [`v4.1.6`](https://redirect.github.com/django/django/compare/4.1.5...4.1.6) [Compare Source](https://redirect.github.com/django/django/compare/4.1.5...4.1.6) ### [`v4.1.5`](https://redirect.github.com/django/django/compare/4.1.4...4.1.5) [Compare Source](https://redirect.github.com/django/django/compare/4.1.4...4.1.5) ### [`v4.1.4`](https://redirect.github.com/django/django/compare/4.1.3...4.1.4) [Compare Source](https://redirect.github.com/django/django/compare/4.1.3...4.1.4) ### [`v4.1.3`](https://redirect.github.com/django/django/compare/4.1.2...4.1.3) [Compare Source](https://redirect.github.com/django/django/compare/4.1.2...4.1.3) ### [`v4.1.2`](https://redirect.github.com/django/django/compare/4.1.1...4.1.2) [Compare Source](https://redirect.github.com/django/django/compare/4.1.1...4.1.2) ### [`v4.1.1`](https://redirect.github.com/django/django/compare/4.1...4.1.1) [Compare Source](https://redirect.github.com/django/django/compare/4.1...4.1.1) ### [`v4.1`](https://redirect.github.com/django/django/compare/4.0.10...4.1) [Compare Source](https://redirect.github.com/django/django/compare/4.0.10...4.1) ### [`v4.0.10`](https://redirect.github.com/django/django/compare/4.0.9...4.0.10) [Compare Source](https://redirect.github.com/django/django/compare/4.0.9...4.0.10) ### [`v4.0.9`](https://redirect.github.com/django/django/compare/4.0.8...4.0.9) [Compare Source](https://redirect.github.com/django/django/compare/4.0.8...4.0.9) ### [`v4.0.8`](https://redirect.github.com/django/django/compare/4.0.7...4.0.8) [Compare Source](https://redirect.github.com/django/django/compare/4.0.7...4.0.8) ### [`v4.0.7`](https://redirect.github.com/django/django/compare/4.0.6...4.0.7) [Compare Source](https://redirect.github.com/django/django/compare/4.0.6...4.0.7) ### [`v4.0.6`](https://redirect.github.com/django/django/compare/4.0.5...4.0.6) [Compare Source](https://redirect.github.com/django/django/compare/4.0.5...4.0.6) ### [`v4.0.5`](https://redirect.github.com/django/django/compare/4.0.4...4.0.5) [Compare Source](https://redirect.github.com/django/django/compare/4.0.4...4.0.5) ### [`v4.0.4`](https://redirect.github.com/django/django/compare/4.0.3...4.0.4) [Compare Source](https://redirect.github.com/django/django/compare/4.0.3...4.0.4) ### [`v4.0.3`](https://redirect.github.com/django/django/compare/4.0.2...4.0.3) [Compare Source](https://redirect.github.com/django/django/compare/4.0.2...4.0.3) ### [`v4.0.2`](https://redirect.github.com/django/django/compare/4.0.1...4.0.2) [Compare Source](https://redirect.github.com/django/django/compare/4.0.1...4.0.2) ### [`v4.0.1`](https://redirect.github.com/django/django/compare/4.0...4.0.1) [Compare Source](https://redirect.github.com/django/django/compare/4.0...4.0.1) ### [`v4.0`](https://redirect.github.com/django/django/compare/3.2.25...4.0) [Compare Source](https://redirect.github.com/django/django/compare/3.2.25...4.0) ### [`v3.2.25`](https://redirect.github.com/django/django/compare/3.2.24...3.2.25) [Compare Source](https://redirect.github.com/django/django/compare/3.2.24...3.2.25) ### [`v3.2.24`](https://redirect.github.com/django/django/compare/3.2.23...3.2.24) [Compare Source](https://redirect.github.com/django/django/compare/3.2.23...3.2.24) ### [`v3.2.23`](https://redirect.github.com/django/django/compare/3.2.22...3.2.23) [Compare Source](https://redirect.github.com/django/django/compare/3.2.22...3.2.23) ### [`v3.2.22`](https://redirect.github.com/django/django/compare/3.2.21...3.2.22) [Compare Source](https://redirect.github.com/django/django/compare/3.2.21...3.2.22) ### [`v3.2.21`](https://redirect.github.com/django/django/compare/3.2.20...3.2.21) [Compare Source](https://redirect.github.com/django/django/compare/3.2.20...3.2.21) ### [`v3.2.20`](https://redirect.github.com/django/django/compare/3.2.19...3.2.20) [Compare Source](https://redirect.github.com/django/django/compare/3.2.19...3.2.20) ### [`v3.2.19`](https://redirect.github.com/django/django/compare/3.2.18...3.2.19) [Compare Source](https://redirect.github.com/django/django/compare/3.2.18...3.2.19) ### [`v3.2.18`](https://redirect.github.com/django/django/compare/3.2.17...3.2.18) [Compare Source](https://redirect.github.com/django/django/compare/3.2.17...3.2.18) ### [`v3.2.17`](https://redirect.github.com/django/django/compare/3.2.16...3.2.17) [Compare Source](https://redirect.github.com/django/django/compare/3.2.16...3.2.17) ### [`v3.2.16`](https://redirect.github.com/django/django/compare/3.2.15...3.2.16) [Compare Source](https://redirect.github.com/django/django/compare/3.2.15...3.2.16) ### [`v3.2.15`](https://redirect.github.com/django/django/compare/3.2.14...3.2.15) [Compare Source](https://redirect.github.com/django/django/compare/3.2.14...3.2.15) ### [`v3.2.14`](https://redirect.github.com/django/django/compare/3.2.13...3.2.14) [Compare Source](https://redirect.github.com/django/django/compare/3.2.13...3.2.14) ### [`v3.2.13`](https://redirect.github.com/django/django/compare/3.2.12...3.2.13) [Compare Source](https://redirect.github.com/django/django/compare/3.2.12...3.2.13) ### [`v3.2.12`](https://redirect.github.com/django/django/compare/3.2.11...3.2.12) [Compare Source](https://redirect.github.com/django/django/compare/3.2.11...3.2.12) ### [`v3.2.11`](https://redirect.github.com/django/django/compare/3.2.10...3.2.11) [Compare Source](https://redirect.github.com/django/django/compare/3.2.10...3.2.11) ### [`v3.2.10`](https://redirect.github.com/django/django/compare/3.2.9...3.2.10) [Compare Source](https://redirect.github.com/django/django/compare/3.2.9...3.2.10) ### [`v3.2.9`](https://redirect.github.com/django/django/compare/3.2.8...3.2.9) [Compare Source](https://redirect.github.com/django/django/compare/3.2.8...3.2.9) ### [`v3.2.8`](https://redirect.github.com/django/django/compare/3.2.7...3.2.8) [Compare Source](https://redirect.github.com/django/django/compare/3.2.7...3.2.8) ### [`v3.2.7`](https://redirect.github.com/django/django/compare/3.2.6...3.2.7) [Compare Source](https://redirect.github.com/django/django/compare/3.2.6...3.2.7) ### [`v3.2.6`](https://redirect.github.com/django/django/compare/3.2.5...3.2.6) [Compare Source](https://redirect.github.com/django/django/compare/3.2.5...3.2.6) ### [`v3.2.5`](https://redirect.github.com/django/django/compare/3.2.4...3.2.5) [Compare Source](https://redirect.github.com/django/django/compare/3.2.4...3.2.5) ### [`v3.2.4`](https://redirect.github.com/django/django/compare/3.2.3...3.2.4) [Compare Source](https://redirect.github.com/django/django/compare/3.2.3...3.2.4) ### [`v3.2.3`](https://redirect.github.com/django/django/compare/3.2.2...3.2.3) [Compare Source](https://redirect.github.com/django/django/compare/3.2.2...3.2.3) ### [`v3.2.2`](https://redirect.github.com/django/django/compare/3.2.1...3.2.2) [Compare Source](https://redirect.github.com/django/django/compare/3.2.1...3.2.2) ### [`v3.2.1`](https://redirect.github.com/django/django/compare/3.2...3.2.1) [Compare Source](https://redirect.github.com/django/django/compare/3.2...3.2.1) ### [`v3.2`](https://redirect.github.com/django/django/compare/3.1.14...3.2) [Compare Source](https://redirect.github.com/django/django/compare/3.1.14...3.2)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.