Closed renovate[bot] closed 1 week ago
This PR contains the following updates:
3.14.0
3.15.2
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with tags.
📅 Schedule: Branch creation - "" in timezone US/Eastern, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
3.14.0->3.15.2GitHub Vulnerability Alerts
CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with
tags.
Release Notes
encode/django-rest-framework (djangorestframework)
### [`v3.15.2`](https://togithub.com/encode/django-rest-framework/compare/3.15.1...3.15.2) [Compare Source](https://togithub.com/encode/django-rest-framework/compare/3.15.1...3.15.2) ### [`v3.15.1`](https://togithub.com/encode/django-rest-framework/compare/3.15.0...3.15.1) [Compare Source](https://togithub.com/encode/django-rest-framework/compare/3.15.0...3.15.1) ### [`v3.15.0`](https://togithub.com/encode/django-rest-framework/compare/3.14.0...3.15.0) [Compare Source](https://togithub.com/encode/django-rest-framework/compare/3.14.0...3.15.0)Configuration
📅 Schedule: Branch creation - "" in timezone US/Eastern, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.