From 4523b24a08b51ffb20b631a0f21605d48df7002b Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 3 Sep 2025 23:01:42 +0200 Subject: [PATCH] python3Packages.django_4: 4.2.23 -> 4.2.24 https://docs.djangoproject.com/en/4.2/releases/4.2.24/ https://www.djangoproject.com/weblog/2025/sep/03/security-releases/ Fixes: CVE-2025-57833 --- .../django/3.13.6-html-parser.patch | 58 ------------------- pkgs/development/python-modules/django/4.nix | 9 +-- 2 files changed, 2 insertions(+), 65 deletions(-) delete mode 100644 pkgs/development/python-modules/django/3.13.6-html-parser.patch diff --git a/pkgs/development/python-modules/django/3.13.6-html-parser.patch b/pkgs/development/python-modules/django/3.13.6-html-parser.patch deleted file mode 100644 index 6d986be38478..000000000000 --- a/pkgs/development/python-modules/django/3.13.6-html-parser.patch +++ /dev/null @@ -1,58 +0,0 @@ -From e0a1e8d549e7be25960b8ad060c63def3dc35d1d Mon Sep 17 00:00:00 2001 -From: Natalia <124304+nessita@users.noreply.github.com> -Date: Mon, 21 Jul 2025 15:23:32 -0300 -Subject: [PATCH 1/2] Fixed test_utils.tests.HTMLEqualTests.test_parsing_errors - following Python's HTMLParser fixed parsing. - -Further details about Python changes can be found in: -https://github.com/python/cpython/commit/0243f97cbadec8d985e63b1daec5d1cbc850cae3. - -Thank you Clifford Gama for the thorough review! ---- - tests/test_utils/tests.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/test_utils/tests.py b/tests/test_utils/tests.py -index 37e87aa1022c..9c22b61b4ff2 100644 ---- a/tests/test_utils/tests.py -+++ b/tests/test_utils/tests.py -@@ -962,7 +962,7 @@ def test_parsing_errors(self): - "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" - ) - with self.assertRaisesMessage(AssertionError, error_msg): -- self.assertHTMLEqual("< div>", "
") -+ self.assertHTMLEqual("< div>", "
") - with self.assertRaises(HTMLParseError): - parse_html("

") - - -From e8afcf0e644553bcba3e5f931266963bffc46748 Mon Sep 17 00:00:00 2001 -From: Natalia <124304+nessita@users.noreply.github.com> -Date: Mon, 14 Jul 2025 14:45:03 -0300 -Subject: [PATCH 2/2] Fixed #36499 -- Adjusted - utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's - HTMLParser new behavior. - -Python fixed a quadratic complexity processing for HTMLParser in: -https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41. ---- - tests/utils_tests/test_html.py | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py -index 284f33aedcfb..51573b81eb9d 100644 ---- a/tests/utils_tests/test_html.py -+++ b/tests/utils_tests/test_html.py -@@ -142,10 +142,10 @@ def test_strip_tags(self): - ("&gotcha&#;<>", "&gotcha&#;<>"), - ("ript>test</script>", "ript>test"), - ("&h", "alert()h"), -- (">"), - ("X<<<
br>br>br>X", "XX"), - ("<" * 50 + "a>" * 50, ""), -- (">" + "" + "" + ""), - ("