Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update django to 2.0.8 (cookiecutter#1734)
This PR updates [django](https://pypi.org/project/django) from **2.0.7** to **2.0.8**. <details> <summary>Changelog</summary> ### 2.0.8 ``` ========================== *August 1, 2018* Django 2.0.8 fixes a security issue and several bugs in 2.0.7. CVE-2018-14574: Open redirect possibility in ``CommonMiddleware`` ================================================================= If the :class:`~django.middleware.common.CommonMiddleware` and the :setting:`APPEND_SLASH` setting are both enabled, and if the project has a URL pattern that accepts any path ending in a slash (many content management systems have such a pattern), then a request to a maliciously crafted URL of that site could lead to a redirect to another site, enabling phishing and other attacks. ``CommonMiddleware`` now escapes leading slashes to prevent redirects to other domains. Bugfixes ======== * Fixed a regression in Django 2.0.7 that broke the ``regex`` lookup on MariaDB (even though MariaDB isn't officially supported) (:ticket:`29544`). * Fixed a regression where ``django.template.Template`` crashed if the ``template_string`` argument is lazy (:ticket:`29617`). ========================== ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/django - Changelog: https://pyup.io/changelogs/django/ - Homepage: https://www.djangoproject.com/ </details>
- Loading branch information
