JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

python.pkgs.django_1_8: mark as insecure (#54937)

Browse Source 
Since CVE-2018-14574 and CVE-2019-3498 affect 1.11, it is very likely
they also apply to 1.8. However, Django 1.8 has reached EOL in April
2018 and the patches were not backported.
This commit is contained in:
Robert Schütz 2019-01-30 23:57:50 +01:00 committed by GitHub
parent 30c312341f
commit c6e08579c5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkgs/development/python-modules/django/1_8.nix
View File

@ -25,6 +25,11 @@ buildPythonPackage rec {
description = "A high-level Python Web framework";
homepage = https://www.djangoproject.com/;
license = licenses.bsd0;
knownVulnerabilities = [
# The patches were not backported due to Django 1.8 having reached EOL
https://www.djangoproject.com/weblog/2018/aug/01/security-releases/
https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
];
};
}