Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply Django security patches before Redwood release cut #343

Closed
9 tasks done
magajh opened this issue May 8, 2024 · 4 comments
Closed
9 tasks done

Apply Django security patches before Redwood release cut #343

magajh opened this issue May 8, 2024 · 4 comments
Assignees
@magajh
Labels
security Relates to improving to the security posture of the platform

Comments

@magajh
Copy link

magajh commented May 8, 2024
edited by cmltaWt0
Loading

Apply latest Django security releases (5.0.3, 4.2.11, and 3.2.25): https://www.djangoproject.com/weblog/2024/mar/04/security-releases/

Open edX services to upgrade

  • course-discovery
  • credentials
  • edx-notes-api
  • edx-platform
  • enterprise-access
  • enterprise-catalog
  • license-manager
  • xqueue
  • xblock-skill-tagging
@magajh magajh added the security Relates to improving to the security posture of the platform label May 8, 2024
This was referenced May 8, 2024
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Closed
Merged
Merged
@magajh
Copy link
Author

magajh commented May 8, 2024
edited
Loading

@cmltaWt0: edx-platform is the only repo still missing the security patch, but I'm updating all the repos with the latest patch to keep everything up to date

@magajh magajh self-assigned this May 8, 2024
@magajh
Copy link
Author

magajh commented May 8, 2024

I wasn't sure if we should include xblock-skill-tagging in this update. If it's not necessary, we can just take it off the task list

@cmltaWt0
Copy link

cmltaWt0 commented May 8, 2024

I wasn't sure if we should include xblock-skill-tagging in this update. If it's not necessary, we can just take it off the task list

Since it is installed as a part of edx-platform - I think it's unnecessary.

@cmltaWt0
Copy link

cmltaWt0 commented May 9, 2024

All patches have been merged.
Thanks @magajh !

@cmltaWt0 cmltaWt0 closed this as completed May 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@magajh magajh

Labels
security Relates to improving to the security posture of the platform
Projects
Build-Test-Release Working Group
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cmltaWt0 @magajh