Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resolver vulnerabilidades reportadas por GH #446

Closed
cmdelatorre opened this issue Mar 28, 2019 · 5 comments
Closed

Resolver vulnerabilidades reportadas por GH #446

cmdelatorre opened this issue Mar 28, 2019 · 5 comments

Comments

@cmdelatorre
Copy link
Contributor

cmdelatorre commented Mar 28, 2019

https://github.com/PyAr/pyarweb/network/alert/requirements.txt/django/open

@diegoduncan21
Copy link
Member

me da 404 esa url.

@cmdelatorre
Copy link
Contributor Author

Screen Shot 2019-03-28 at 18 15 18

@FedericoJurio
Copy link
Contributor

No soy un experto en django pero teniendo en cuenta que cada salto de versión puede impactar por incompatibilidades respecto a la versión anterior y en librerías third-party, quizas tiene sentido encarar upgrades graduales en vez de hacer el salto de 1.8 a 1.11

@JigyasuRajput
Copy link
Contributor

Hi, @cmdelatorre
I checked the mentioned vulnerabilities (CVE-2019-6975 and CVE-2019-3498) and confirmed that they are already patched in the current Django==3.2.19 version specified in requirements.txt.

These issues were fixed in much older versions of Django, so the current setup is secure.
If there’s any follow-up work or improvements needed, I’d be happy to contribute!

@facundobatista
Copy link
Member

Awesome, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants