---
- branch: MAIN
  date: Mon Mar  4 15:47:29 UTC 2024
  files:
  - new: '1.38'
    old: '1.37'
    path: pkgsrc/www/py-django3/Makefile
    pathrev: pkgsrc/www/py-django3/Makefile@1.38
    type: modified
  - new: '1.37'
    old: '1.36'
    path: pkgsrc/www/py-django3/distinfo
    pathrev: pkgsrc/www/py-django3/distinfo@1.37
    type: modified
  id: 20240304T154729Z.13a3d78aca3444209c55c9662753967d7bf74aa8
  log: |
    py-django3: updated to 3.2.25

    Django 3.2.25 fixes a security issue with severity ���moderate��� and a regression in 3.2.24.

    CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

    django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a suitably crafted string (follow up to CVE-2019-14232 and CVE-2023-43665).

    Bugfixes

    Fixed a regression in Django 3.2.24 where intcomma template filter could return a leading comma for string representation of floats.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/py-django3'
  unixtime: '1709567249'
  user: adam