innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Added CVE-2021-44420 to security archive.

This commit is contained in:
Mariusz Felisiak 2021-12-07 08:51:26 +01:00
parent d4dcd5b9dd
commit 8747052411
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/releases/security.txt
View File

@ -36,6 +36,20 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
December 7, 2021 - :cve:`2021-44420`
------------------------------------
Potential bypass of an upstream access control based on URL paths. `Full
description
<https://www.djangoproject.com/weblog/2021/dec/07/security-releases/>`__
Versions affected
~~~~~~~~~~~~~~~~~
* Django 3.2 :commit:`(patch) <333c65603032c377e682cdbd7388657a5463a05a>`
* Django 3.1 :commit:`(patch) <22bd17488159601bf0741b70ae7932bffea8eced>`
* Django 2.2 :commit:`(patch) <7cf7d74e8a754446eeb85cacf2fef1247e0cb6d7>`
July 1, 2021 - :cve:`2021-35042` July 1, 2021 - :cve:`2021-35042`
-------------------------------- --------------------------------