From 6a10e0ea5c2a870c9958de1de7ecd140cfc6c506 Mon Sep 17 00:00:00 2001
From: Alan Rominger <arominge@redhat.com>
Date: Wed, 16 Apr 2025 14:41:05 -0400
Subject: [PATCH] AAP-41139 [4.6][dependencies] Bump Django 2 minor versions
 (#6892)

* Initial requirement bump for Django CVE

* Run updater script
---
 requirements/requirements.in  | 2 +-
 requirements/requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/requirements.in b/requirements/requirements.in
index 92a2b91e39..b3d8032445 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -14,7 +14,7 @@ cryptography>=41.0.7  # CVE-2023-49083
 Cython<3 # due to https://github.com/yaml/pyyaml/pull/702
 daphne
 distro
-django==4.2.18  # CVE-2024-56374
+django==4.2.20  # CVE-2025-26699
 django-auth-ldap
 django-cors-headers
 django-crum
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index a464efaee6..ffc9194469 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -138,7 +138,7 @@ deprecated==1.2.14
     #   pygithub
 distro==1.9.0
     # via -r /awx_devel/requirements/requirements.in
-django==4.2.18
+django==4.2.20
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   channels