Upgrade Django to fix CVES

CVE-2024-42005 CVE-2024-39329 CVE-2024-38875 CVE-2024-39330 CVE-2024-39614 CVE-2024-27351
ctrliq · Sep 5, 2024 · 2d4f8d6 · 2d4f8d6
1 parent ec7cac9
commit 2d4f8d6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/requirements/requirements.in b/requirements/requirements.in
@@ -12,7 +12,7 @@ cryptography>=41.0.6  # CVE-2023-49083
 Cython<3 # this is needed as a build dependency, one day we may have separated build deps
 daphne
 distro
-django==4.2.10  # CVE-2024-24680
+django==4.2.15 # CVE-2024-42005
 django-auth-ldap
 django-cors-headers
 django-crum

diff --git a/requirements/requirements.txt b/requirements/requirements.txt
@@ -100,7 +100,7 @@ deprecated==1.2.13
     # via jwcrypto
 distro==1.8.0
     # via -r /awx_devel/requirements/requirements.in
-django==4.2.10
+django==4.2.15
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   channels