chore(deps): update dependency django to v4.2.10 [security] #193

Merged

renovate[bot] merged 1 commit from renovate/pypi-django-vulnerability into main

2024-02-26 05:53:23 +00:00

renovate[bot] commented

2024-02-07 19:14:45 +00:00

(Migrated from github.com)

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
django (source, changelog)	`==4.2.9` -> `==4.2.10`

GitHub Vulnerability Alerts

CVE-2024-24680

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.

Release Notes

django/django (django)

`v4.2.10`

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [django](https://www.djangoproject.com/) ([source](https://togithub.com/django/django), [changelog](https://togithub.com/django/django/tree/master/docs/releases)) | `==4.2.9` -> `==4.2.10` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/django/4.2.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/django/4.2.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/django/4.2.9/4.2.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/django/4.2.9/4.2.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2024-24680](https://nvd.nist.gov/vuln/detail/CVE-2024-24680) An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. --- ### Release Notes <details> <summary>django/django (django)</summary> ### [`v4.2.10`](https://togithub.com/django/django/compare/4.2.9...4.2.10) [Compare Source](https://togithub.com/django/django/compare/4.2.9...4.2.10) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/mcataford/rotini).

mcataford (Migrated from github.com) approved these changes 2024-02-26 05:50:31 +00:00

This repo is archived. You cannot comment on pull requests.

No reviewers

mcataford