From bcd18e161cdbd6f97bd8258f8606dd47a5739c89 Mon Sep 17 00:00:00 2001
From: Jake Jackson <jljacks93@gmail.com>
Date: Mon, 16 Sep 2024 16:04:11 -0400
Subject: [PATCH] fix CVE-2024-21520 (#6687)

---
 requirements/requirements.in  | 2 +-
 requirements/requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/requirements.in b/requirements/requirements.in
index 995fa35f48..a05d547b85 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -24,7 +24,7 @@ django-pglocks
 django-radius
 django-solo
 django-split-settings==1.0.0    # We hit a strange issue where the release process errored when upgrading past 1.0.0 see UPGRADE BLOCKERS
-djangorestframework>=3.15.0
+djangorestframework>=3.15.2
 djangorestframework-yaml
 filelock
 GitPython>=3.1.37  # CVE-2023-41040
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index 627fdc7834..f53039bb32 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -166,7 +166,7 @@ django-split-settings==1.0.0
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   django-ansible-base
-djangorestframework==3.15.1
+djangorestframework==3.15.2
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   django-ansible-base