search

just-work / django-testing-utils

MIT License
1 stars 3 forks source link

Update django to 3.2.2 #32

Closed pyup-bot closed 3 years ago

pyup-bot commented 3 years ago

This PR updates Django from 3.2.1 to 3.2.2.

Changelog ### 3.2.2 ``` ========================== *May 6, 2021* Django 3.2.2 fixes a security issue and a bug in 3.2.1. CVE-2021-32052: Header injection possibility since ``URLValidator`` accepted newlines in input on Python 3.9.5+ =============================================================================================================== On Python 3.9.5+, :class:`~django.core.validators.URLValidator` didn't prohibit newlines and tabs. If you used values with newlines in HTTP response, you could suffer from header injection attacks. Django itself wasn't vulnerable because :class:`~django.http.HttpResponse` prohibits newlines in HTTP headers. Moreover, the ``URLField`` form field which uses ``URLValidator`` silently removes newlines and tabs on Python 3.9.5+, so the possibility of newlines entering your data only existed if you are using this validator outside of the form fields. This issue was introduced by the :bpo:`43882` fix. Bugfixes ======== * Prevented, following a regression in Django 3.2.1, :djadmin:`makemigrations` from generating infinite migrations for a model with ``Meta.ordering`` contained ``OrderBy`` expressions (:ticket:`32714`). ========================== ```
Links - PyPI: https://pypi.org/project/django - Changelog: https://pyup.io/changelogs/django/ - Homepage: https://www.djangoproject.com/
codecov-commenter commented 3 years ago

Codecov Report

Merging #32 (3ff057e) into master (523ae52) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master      #32   +/-   ##
=======================================
  Coverage   98.61%   98.61%           
=======================================
  Files          10       10           
  Lines         289      289           
=======================================
  Hits          285      285           
  Misses          4        4
Flag Coverage Δ
unittests 98.61% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 523ae52...3ff057e. Read the comment docs.