Apply Django Security Patch v4.2.20 for Sumac

[magajh]

Apply latest Django security patch in Sumac https://docs.djangoproject.com/en/5.1/releases/4.2.20/

March 6, 2025

Django 4.2.20 fixes a security issue with severity “moderate” in 4.2.19.
CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.text.wrap()¶

The wrap() and wordwrap template filter were subject to a potential denial-of-service attack when used with very long strings.

Open edX services to upgrade

(from https://openedx.atlassian.net/wiki/spaces/COMM/pages/4558782480/Sumac.master)

• course-discovery
• credentials
• edx-notes-api
• edx-platform
• enterprise-access
• enterprise-catalog
• event-bus-redis
• license-manager
• platform-plugin-aspects
• xqueue

[magajh]

@mariajgrimaldi @farhaanbukhsh Since some PRs in the previous patch issue couldn’t be closed because we weren’t able to verify that everything was working smoothly after applying the patch (like Enterprise and License Manager), who do you think we should tag to help test those repos and approve the PRs?
I’d like to make sure that all tagged repos with Django as a dependency get updated with the latest security patch

[farhaanbukhsh]

@magajh We need to tag the maintainers for those repos possibly @mphilbrick211 and @itsjeyd can help us to find out who are they.

[itsjeyd]

@farhaanbukhsh @magajh Maintainers should be listed in catalog-info.yaml files of these repos (under owners). If that's not the case for a repo, it is unmaintained.

For unmaintained repos you can check if they have one or more CCs by looking for a committers-<repo name> team here.

If a repo is unmaintained and doesn't have any CCs, you can fall back on pinging the axim-engineering team for help.

CC @mphilbrick211