diff --git a/config/requirements.txt b/config/requirements.txt
index b72ad35..36bc901 100644
--- a/config/requirements.txt
+++ b/config/requirements.txt
@@ -1,19 +1,16 @@
 certg==4.2
-django-configurations==2.0
-django-crispy-forms==1.7.2
-django-extensions==2.0.7
-django-reversion-compare==0.8.6
-django-reversion==3.0.3
-django-storages[azure]==1.8
-django==2.0.12
+django-configurations==2.2
+django-crispy-forms==1.9.0
+django-extensions==2.2.8
+django-reversion-compare==0.12.0
+django-storages[azure]==1.9.1
+django==2.2.11
 google-api-python-client-py3==1.2
-gunicorn==19.8.0
-httplib2==0.12.3
-mercadopago==0.3.4
+gunicorn==20.0.4
+mercadopago==1.1.1
 oauth2client==4.1.3
-Pillow==6.2.0
-psycopg2_binary==2.7.4
-python-stdnum==1.12
-python-dateutil==2.7.2
-rapidtables==0.1.7
-sentry-sdk==0.8.0
+Pillow==7.0.0
+psycopg2_binary==2.8.4
+python-stdnum==1.13
+rapidtables==0.1.11
+sentry-sdk==0.14.2
diff --git a/website/events/helpers/tests.py b/website/events/helpers/tests.py
index b6be69f..eb2691f 100644
--- a/website/events/helpers/tests.py
+++ b/website/events/helpers/tests.py
@@ -307,3 +307,6 @@ def assertContainsMessage(self, response, message_text):
         compare_messages = ((message == message_text) for message in messages)
         self.assertTrue(any(compare_messages),
                         _(f"Mensaje: '{message_text}' no encontrado en la lista de mensajes."))
+
+    def assertForbidden(self, response):
+        self.assertEqual(response.status_code, 403)
diff --git a/website/events/models.py b/website/events/models.py
index 0e8f839..8632c79 100644
--- a/website/events/models.py
+++ b/website/events/models.py
@@ -2,7 +2,7 @@
 import stdnum
 import reversion
 
-from stdnum.exceptions import InvalidChecksum, InvalidLength, InvalidFormat
+from stdnum.exceptions import InvalidChecksum, InvalidLength, InvalidFormat, InvalidComponent
 from django.contrib.auth import get_user_model
 from django.core.exceptions import ValidationError
 from django.core.validators import MaxValueValidator, MinValueValidator
@@ -43,7 +43,7 @@ def validate_cuit(cuit_to_validate):
     try:
         validator = stdnum.get_cc_module('ar', 'cuit')
         return validator.validate(cuit_to_validate)
-    except (InvalidChecksum, InvalidFormat):
+    except (InvalidChecksum, InvalidFormat, InvalidComponent):
         raise ValidationError(
             _('El CUIT ingresado no es correcto')
         )
diff --git a/website/events/tests.py b/website/events/tests.py
index 05c9988..f077604 100644
--- a/website/events/tests.py
+++ b/website/events/tests.py
@@ -524,8 +524,7 @@ def test_organizer_cant_set_sponsors_enabled(self):
         url = reverse('sponsor_set_enabled', kwargs={'pk': sponsor.pk})
         self.client.login(username='organizer01', password='organizer01')
         response = self.client.post(url)
-        redirect_to_login_url = reverse('login') + '?next=' + url
-        self.assertRedirects(response, redirect_to_login_url)
+        self.assertForbidden(response)
 
     def test_can_set_sponsors_enabled_with_perms(self):
         sponsor = Sponsor.objects.create(**sponsor_data)
@@ -646,8 +645,7 @@ def test_organizer_cant_close_sponsoring(self):
         url = reverse('sponsoring_set_close', kwargs={'pk': sponsoring.pk})
         self.client.login(username='organizer01', password='organizer01')
         response = self.client.post(url)
-        redirect_to_login_url = reverse('login') + '?next=' + url
-        self.assertRedirects(response, redirect_to_login_url)
+        self.assertForbidden(response)
 
     def test_super_organizer_can_close_sponsoring(self):
         # Test 'close' state from 'unbilled'.
@@ -671,8 +669,7 @@ def test_organizer_cant_set_complete_payment(self):
         url = reverse('invoice_set_complete_payment', kwargs={'pk': invoice.pk})
         self.client.login(username='organizer01', password='organizer01')
         response = self.client.post(url)
-        redirect_to_login_url = reverse('login') + '?next=' + url
-        self.assertRedirects(response, redirect_to_login_url)
+        self.assertForbidden(response)
 
     def test_super_organizer_can_set_complete_payment(self):
         invoice = create_sponsoring_invoice(auto_create_sponsoring_and_sponsor=True)
@@ -695,8 +692,7 @@ def test_organizer_cant_set_partial_payment(self):
         url = reverse('invoice_set_partial_payment', kwargs={'pk': invoice.pk})
         self.client.login(username='organizer01', password='organizer01')
         response = self.client.post(url)
-        redirect_to_login_url = reverse('login') + '?next=' + url
-        self.assertRedirects(response, redirect_to_login_url)
+        self.assertForbidden(response)
 
     def test_super_organizer_can_set_partial_payment(self):
         invoice = create_sponsoring_invoice(auto_create_sponsoring_and_sponsor=True)
@@ -734,8 +730,7 @@ def test_organizer_cant_add_invoice(self):
             'document': StringIO('test'),
         }
         response = self.client.post(url, data)
-        redirect_to_login_url = reverse('login') + '?next=' + url
-        self.assertRedirects(response, redirect_to_login_url)
+        self.assertForbidden(response)
 
     @patch('django.core.files.storage.FileSystemStorage.save')
     def test_super_user_can_add_invoice(self, mock_save):
@@ -917,7 +912,7 @@ def test_can_create_provider_with_perms(self):
         self.assertEqual(Provider.objects.all().count(), providers_count + 1)
         self.assertEqual(response.status_code, 302)
 
-    def test_create_provider_redirects_without_perms(self):
+    def test_create_provider_forbidden_without_perms(self):
         url = reverse('provider_create')
         perm = Permission.objects.get(
             content_type__app_label='events',
@@ -926,13 +921,7 @@ def test_create_provider_redirects_without_perms(self):
         user.user_permissions.remove(perm)
         self.client.login(username='organizer01', password='organizer01')
         response = self.client.post(url, data=provider_data)
-
-        # View redirect.
-        self.assertEqual(response.status_code, 302)
-
-        # And redirect to login.
-        redirect_to_login_url = reverse('login') + '?next=' + reverse('provider_create')
-        self.assertEqual(response.url, redirect_to_login_url)
+        self.assertForbidden(response)
 
 
 class ProviderExpenseViewsTest(TestCase, CustomAssertMethods):
@@ -973,7 +962,7 @@ def test_can_create_provider_expense_with_perms(self, mock_save):
         self.assertEqual(ProviderExpense.objects.all().count(), provider_expense_count + 1)
         self.assertEqual(response.status_code, 302)
 
-    def test_create_provider_expense_redirects_without_perms(self):
+    def test_create_provider_expense_forbidden_without_perms(self):
         url = reverse(
             'provider_expense_create',
             kwargs={'event_pk': Event.objects.filter(name='MyTest01').first().pk}
@@ -994,13 +983,7 @@ def test_create_provider_expense_redirects_without_perms(self):
         user.user_permissions.remove(perm)
         self.client.login(username='organizer01', password='organizer01')
         response = self.client.post(url, data=provider_expense_data)
-
-        # View redirect.
-        self.assertEqual(response.status_code, 302)
-
-        # And redirect to login.
-        redirect_to_login_url = reverse('login') + '?next=' + url
-        self.assertEqual(response.url, redirect_to_login_url)
+        self.assertForbidden(response)
 
 
 class ProviderExpenseSwitchStateTest(TestCase, CustomAssertMethods):