Skip to content
This repository has been archived by the owner on Apr 3, 2024. It is now read-only.

Commit

Permalink
Merge pull request #80 from uktrade/security/update-django-2210-cve-2…
Browse files Browse the repository at this point in the history 
…020-7471

CVE-2020-5236 & CVE-2020-7471 fixes
  • Loading branch information
@agiamas
agiamas authored Feb 4, 2020
2 parents 868a6c3 + fcae49d commit 8f16049
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 6 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
# Changelog

## Hotfix
- No ticket - CVE-2020-5236 & CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)

## Pre-release

## [2019.11.25](https://github.com/uktrade/invest-pir-api/releases/tag/2019.11.25)
Expand Down
4 changes: 2 additions & 2 deletions requirements.in
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
boto3
botocore==1.8.24
dj-database-url==0.4.2
django==1.11.23
django==1.11.28
django-amazon-ses==2.0.0
django-clear-cache==0.3
django-crispy-forms==1.7.1
Expand All @@ -11,7 +11,7 @@ django-storages==1.6.5
django-modeltranslation==0.12.2
dj-database-url==0.4.2
gunicorn==19.7.1
waitress==1.4.2
waitress==1.4.3
psycopg2==2.7.3.2
pytz==2017.2
raven==6.5.0
Expand Down
4 changes: 2 additions & 2 deletions requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ django-redis==4.8.0
django-storages==1.6.5
django-taggit==0.22.2
django-treebeard==4.2.0
django==1.11.23
django==1.11.28
django_recaptcha==1.2.0
djangorestframework==3.9.1
docopt==0.6.2 # via notifications-python-client
Expand Down Expand Up @@ -80,7 +80,7 @@ sorl-thumbnail==12.4.1
tinycss2==0.6.1 # via cairosvg, cssselect2
urllib3==1.24.3
vine==1.1.4 # via amqp
waitress==1.4.2
waitress==1.4.3
webencodings==0.5.1 # via html5lib, tinycss2
whitenoise==3.3.1
zenpy==1.1.10
Expand Down
4 changes: 2 additions & 2 deletions requirements_test.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ django-redis==4.8.0
django-storages==1.6.5
django-taggit==0.22.2
django-treebeard==4.2.0
django==1.11.23
django==1.11.28
django_recaptcha==1.2.0
djangorestframework==3.9.1
docker-pycreds==0.3.0 # via docker
Expand Down Expand Up @@ -107,7 +107,7 @@ termcolor==1.1.0 # via pytest-sugar
tinycss2==0.6.1 # via cairosvg, cssselect2
urllib3==1.24.3
vine==1.1.4 # via amqp
waitress==1.4.2
waitress==1.4.3
webencodings==0.5.1 # via html5lib, tinycss2
websocket-client==0.48.0 # via docker
werkzeug==0.14.1 # via moto
Expand Down

0 comments on commit 8f16049

Please sign in to comment.