Update Info

openSUSE-2024-17


Security update for python-django-grappelli


Type: security
Severity: moderate
Issued: 2024-01-11
Description:
This update for python-django-grappelli fixes the following issues:

Update to 2.14.4:

- CVE-2021-46898: Fixed views/switch.py vulnerable to protocol-relative URL attacks (boo#1216481)
- Fixed: Redirect with switch user.
- Improved: Remove extra filtering in AutocompleteLookup.
- Improved: Added import statement with URLs for quickstart docs.
- Improved: Added additional blocks with inlines to allow override.
- Fixed: Compatibility with Django 3.1.
- Fixed: Docs about adding Grappelli documentation URLS.


              

Packages


  • python-django-grappelli-2.14.4-bp155.3.3.1