Fix CVE 2025-26699 (#15924)

fix CVE 2025-26699
2026-01-09 15:02:07 -03:30 · 2025-04-08 12:07:22 -04:00 · 2025-04-08 12:07:22 -04:00 · 51f9160654
commit 51f9160654
parent ac3123a2ac
2 changed files with 5 additions and 3 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@ -14,7 +14,7 @@ cryptography<42.0.0  # investigation is needed for 42+ to work with OpenSSL v3.0
 Cython
 daphne
 distro
-django==4.2.16  # CVE-2024-24680
+django==4.2.20  # CVE-2025-26699
 django-cors-headers
 django-crum
 django-extensions
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@ -122,7 +122,7 @@ deprecated==1.2.15
    #   pygithub
 distro==1.9.0
    # via -r /awx_devel/requirements/requirements.in
-django==4.2.16
+django==4.2.20
    # via
    #   -r /awx_devel/requirements/requirements.in
    #   channels
@ -167,7 +167,9 @@ djangorestframework-yaml==2.0.0
 durationpy==0.9
    # via kubernetes
 dynaconf==3.2.10
-    # via -r /awx_devel/requirements/requirements.in
+    # via
+    #   -r /awx_devel/requirements/requirements.in
+    #   django-ansible-base
 enum-compat==0.0.3
    # via asn1
 filelock==3.16.1