Update django version to address CVE-2023-41164 (#14460)

2026-05-15 21:37:42 -02:30 · 2023-09-27 09:36:02 -04:00
parent a0d4515ba4
commit a88e47930c
2 changed files with 2 additions and 2 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -12,7 +12,7 @@ cryptography>=41.0.2  # CVE-2023-38325
 Cython<3 # Since the bump to PyYAML 5.4.1 this is now a mandatory dep
 daphne
 distro
-django==4.2.3  # see UPGRADE BLOCKERs CVEs were identified in 4.2, pinning to .3
+django==4.2.5  # see UPGRADE BLOCKERs, CVE-2023-41164
 django-auth-ldap
 django-cors-headers
 django-crum