[Security] Bump django from 4.2.9 to 4.2.10
Bumps django from 4.2.9 to 4.2.10. This update includes a security fix.
Vulnerabilities fixed
Django denial-of-service attack in the intcomma template filter An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
Patched versions: 4.2.10 Affected versions: >= 4.2, < 4.2.10
Commits
-
a684d73
[4.2.x] Bumped version for 4.2.10 release. -
572ea07
[4.2.x] Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template ... -
9fe7411
[4.2.x] Pinned black == 23.12.1 for blacken-docs checks. -
71dd587
[4.2.x] Pinned black == 23.12.1 in GitHub actions, pre-commit and test requir... -
74582b8
[4.2.x] Added stub release notes for 4.2.10 and 3.2.24. -
4198a5c
[4.2.x] Post-release version bump. - See full diff in compare view