Merge pull request #26 from uktrade/dependabot-fixes-0912

adamwozencroft · web-flow · commit 2e9824fb9a62 · 2025-12-09T16:49:43.000Z
Fix critical dependabot django CVE
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Changelog
 
+## [0.9.7] - 2025-09-11
+Upgrade Django to fix critical priority CVE
+
 ## [0.9.6] - 2025-09-11
 Upgrade Django to fix high priority CVE
 
diff --git a/djangosaml2idp/__init__.py b/djangosaml2idp/__init__.py
@@ -1 +1 @@
-__version__ = '0.9.6'
+__version__ = '0.9.7'
diff --git a/example_setup/idp/requirements.txt b/example_setup/idp/requirements.txt
@@ -1,4 +1,4 @@
-django==4.2.24
+django==4.2.27
 pysaml2==7.5.2
 arrow
 pytz
diff --git a/example_setup/sp/requirements.txt b/example_setup/sp/requirements.txt
@@ -1,4 +1,4 @@
-django==4.2.24
+django==4.2.27
 djangosaml2==1.9.1
 pysaml2==7.1.2
 arrow
diff --git a/pyproject.toml b/pyproject.toml
@@ -16,7 +16,7 @@ exclude = '''
 
 [tool.poetry]
 name = "djangosaml2idp2"
-version = "0.9.6"
+version = "0.9.7"
 description = "Forked from the original https://github.com/OTA-Insight/djangosaml2idp to provide bugfixes and upgrades to python and django support."
 authors = ["Department for Business and Trade Platform Team <sre-team@digital.trade.gov.uk>"]
 readme = "README.rst"
@@ -40,7 +40,7 @@ codecov = ">=2.1.13"
 coverage = ">=7.9.1"
 cryptography = ">=43.0.3"
 defusedxml = ">=0.7.1"
-django = ">=4.2.24"
+django = ">=4.2.27"
 distlib = ">=0.3.9"
 elementpath = ">=4.8.0"
 filelock = ">=3.18.0"
@@ -71,7 +71,7 @@ six = ">=1.17.0"
 snowballstemmer = ">=3.0.1"
 toml = ">=0.10.2"
 tox = ">=4.27.0"
-urllib3 = ">=2.4.0"
+urllib3 = ">=2.6.0"
 virtualenv = ">=20.31.2"
 xmlschema = ">=2.5.1"
 
diff --git a/requirements-dev.txt b/requirements-dev.txt
@@ -109,7 +109,7 @@ toml>=0.10.2
     #   tox
 tox>=4.27.0
     # via -r requirements-dev.in
-urllib3>=2.5.0
+urllib3>=2.6.0
     # via requests
 virtualenv>=20.31.2
     # via
diff --git a/setup.py b/setup.py
@@ -17,7 +17,7 @@
         open(os.path.join(os.path.dirname(__file__), 'README.rst')).read(),
     ]),
     install_requires=[
-        'django>=4.2.24',
+        'django>=4.2.27',
         'pysaml2>=7.1.2',
         'pytz',
         'arrow',

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__version__ = '0.9.6'`
	`1`	`+__version__ = '0.9.7'`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-django==4.2.24`
	`1`	`+django==4.2.27`
`2`	`2`	`djangosaml2==1.9.1`
`3`	`3`	`pysaml2==7.1.2`
`4`	`4`	`arrow`