mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-03 11:29:12 +00:00
a627e747a7
Upstream has switched from setuptools3 build backend to setuptools_build_meta, however their setuptools requirements are higher than what's available in oe-core. As a workaround, add a patch that lowers the requirements. This change has been tested by successfully executing the django test suite in qemu (without Selenium tests). Changes: 4.2.27: https://docs.djangoproject.com/en/6.0/releases/4.2.27/ - Fix CVE-2025-13372 - Fix CVE-2025-64460 - Fixed a regression in Django 4.2.26 where DisallowedRedirect was raised by HttpResponseRedirect and HttpResponsePermanentRedirect for URLs longer than 2048 characters. The limit is now 16384 characters 4.2.26: https://docs.djangoproject.com/en/6.0/releases/4.2.26/ - Fix CVE-2025-64458 - Fix CVE-2025-64459 4.2.25: https://docs.djangoproject.com/en/6.0/releases/4.2.25/ - Fix CVE-2025-59681 - Fix CVE-2025-59682 4.2.24: https://docs.djangoproject.com/en/6.0/releases/4.2.24/ - Fix CVE-2025-57833 4.2.23: https://docs.djangoproject.com/en/6.0/releases/4.2.23/ - Fix CVE-2025-48432 4.2.22: https://docs.djangoproject.com/en/6.0/releases/4.2.22/ - Fix CVE-2025-48432 4.2.21: https://docs.djangoproject.com/en/6.0/releases/4.2.21/ - Change build backend - Fix CVE-2025-32873 - Fixed a data corruption possibility in file_move_safe() when allow_overwrite=True, where leftover content from a previously larger file could remain after overwriting with a smaller one due to lack of truncation - Fixed a regression in Django 4.2.20, introduced when fixing CVE 2025-26699, where the wordwrap template filter did not preserve empty lines between paragraphs after wrapping text Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>