Skip to content

Bump django from 3.1.14 to 3.2.12

HIFIS Bot requested to merge dependabot-pip-django-3.2.12 into master

Bumps django from 3.1.14 to 3.2.12.

Commits
  • fdf209e [3.2.x] Bumped version for 3.2.12 release.
  • d161335 [3.2.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
  • 1a1e827 [3.2.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
  • a7e89fe [3.2.x] Added stub release notes for 3.2.12 and 2.2.27.
  • 027f4c4 [3.2.x] Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security ...
  • 0a9a46a [3.2.x] Post-release version bump.
  • 6e499a2 [3.2.x] Bumped version for 3.2.11 release.
  • 8d2f7cf [3.2.x] Fixed CVE-2021-45452 -- Fixed potential path traversal in storage sub...
  • c7fe895 [3.2.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in dic...
  • a8b32fe [3.2.x] Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilari...
  • Additional commits viewable in compare view

Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • $dependabot rebase will rebase this MR
  • $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports

A HIFIS Service | Privacy | Imprint | Support | Documentation | Changelog | Status