External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-23 22:16:00 -03:30
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2023-43665 (#14561)

Browse Source
This commit is contained in:
Hao Liu
2023-10-12 14:00:32 -04:00
committed by GitHub
parent 56878b4910
commit e9bd99c1ff
3 changed files with 2 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
requirements/README.md
View File

@@ -49,19 +49,6 @@ Make sure to delete the old tarball if it is an upgrade.
Anything pinned in `*.in` files involves additional manual work in
order to upgrade. Some information related to that work is outlined here.
### Django
For any upgrade of Django, it must be confirmed that
we don't regress on FIPS support before merging.
See internal integration test knowledge base article `how_to_test_FIPS`
for instructions.
If operating in a FIPS environment, `hashlib.md5()` will raise a `ValueError`,
but will support the `usedforsecurity` keyword on RHEL and Centos systems.
This used to be a problem with `names_digest` function in Django, but
was fixed upstream in Django 4.1.
### django-split-settings
When we attemed to upgrade past 1.0.0 the build process in GitHub failed on the docker build step with the following error: