From 26d14457ec113ca6e368cade480c89ea970a6e7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Behmo?= <regis@behmo.com>
Date: Thu, 6 May 2021 14:27:02 +0200
Subject: [PATCH] security: upgrade Django to 2.2.23

Also, fix video unit completion in LMS.
---
 CHANGELOG.md                             | 3 +++
 tutor/templates/build/openedx/Dockerfile | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2eb9e42..22c8b75 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,9 @@ Note: Breaking changes between versions are indicated by "💥".
 
 ## Unreleased
 
+- [Security] Apply Django security patches by upgrading from 2.2.20 to 2.2.23.
+- [Bugfix] Fix video unit completion (see [pull request](https://github.com/edx/edx-platform/pull/27230)).
+
 ## v11.2.9 (2021-05-12)
 
 - [Bugfix] Fix crashing installation because of a major release of all Pallets projects.
diff --git a/tutor/templates/build/openedx/Dockerfile b/tutor/templates/build/openedx/Dockerfile
index 1dd9d57..63eb428 100644
--- a/tutor/templates/build/openedx/Dockerfile
+++ b/tutor/templates/build/openedx/Dockerfile
@@ -43,6 +43,10 @@ WORKDIR /openedx/edx-platform
 # Security patches
 # https://github.com/edx/edx-platform/pull/27394
 RUN curl https://github.com/overhangio/edx-platform/commit/a0fdc97f1704659d26e167de3fbf2ab8c371d67b.patch | git apply -
+# Django security releases
+RUN curl https://github.com/overhangio/edx-platform/commit/67973f2445f667af23f779d5551070835de03efe.patch | git apply -
+# Fix video unit completion
+RUN curl https://github.com/overhangio/edx-platform/commit/3d489952f7cfd83fed47c700c7cd0b477b68351e.patch | git apply -
 # Make it possible to disable learner records globally
 # https://github.com/edx/edx-platform/pull/25182
 # https://github.com/overhangio/edx-platform/tree/overhangio/disable-learner-records-from-settings