Bump django from 3.1.7 to 3.1.13#27
Closed
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)
Bumps [django](https://github.com/django/django) from 3.1.7 to 3.1.13. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/43873b9c92cfe68a082c7feda86f6fb95a3e902c"><code>43873b9</code></a> [3.1.x] Bumped version for 3.1.13 release.</li> <li><a href="https://github.com/django/django/commit/0bd57a879a0d54920bb9038a732645fb917040e9"><code>0bd57a8</code></a> [3.1.x] Fixed CVE-2021-35042 -- Prevented SQL injection in QuerySet.order_by().</li> <li><a href="https://github.com/django/django/commit/8dc1cc0b306168eb1c0a0fc5457b6f1156fcbcff"><code>8dc1cc0</code></a> [3.1.x] Added stub release notes for 3.1.13.</li> <li><a href="https://github.com/django/django/commit/1471ec4e1b282ccb93a6c99b75aeb2853b69fa23"><code>1471ec4</code></a> [3.1.x] Fixed docs header underlines in security archive.</li> <li><a href="https://github.com/django/django/commit/6022181d85783fbee8906af356c65449082b0a1c"><code>6022181</code></a> [3.1.x] Added CVE-2021-33203 and CVE-2021-33571 to security archive.</li> <li><a href="https://github.com/django/django/commit/064c0c55af7e0287bbeff8303ca9ef1c7cfd3fb8"><code>064c0c5</code></a> [3.1.x] Post-release version bump.</li> <li><a href="https://github.com/django/django/commit/625d3c1c643b0eb5c84339415ca0ba9f1728efa2"><code>625d3c1</code></a> [3.1.x] Bumped version for 3.1.12 release.</li> <li><a href="https://github.com/django/django/commit/203d4ab9ebcd72fc4d6eb7398e66ed9e474e118e"><code>203d4ab</code></a> [3.1.x] Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.</li> <li><a href="https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f"><code>20c67a0</code></a> [3.1.x] Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs'...</li> <li><a href="https://github.com/django/django/commit/aa8781c0a671610d5327d0a14d45df3b1f29640d"><code>aa8781c</code></a> [3.1.x] Confirmed release date for Django 3.1.12, and 2.2.24.</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/3.1.7...3.1.13">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/crgwbr/asymmetric-jwt-auth/network/alerts). </details>
AI Analysis
This issue appears to be discussing a feature request or bug report related to the repository. Based on the content, it seems to be resolved. The issue was opened by dependabot[bot] and has received 1 comments.
Add a comment
Comment form would go here