innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

[4.0.x] Added CVE-2022-36359 to security archive. 

Backport of 57c7220280 from main
This commit is contained in:
Carlton Gibson 2022-08-03 09:09:48 +02:00
parent 60e6baebf9
commit 898f0aa44f
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/releases/security.txt
View File

@ -36,6 +36,16 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
August 3, 2022 - :cve:`2022-36359`
----------------------------------
Potential reflected file download vulnerability in FileResponse. `Full
description
<https://www.djangoproject.com/weblog/2022/aug/03/security-releases/>`__
* Django 4.0 :commit:`(patch) <b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3>`
* Django 3.2 :commit:`(patch) <b3e4494d759202a3b6bf247fd34455bf13be5b80>`
July 4, 2022 - :cve:`2022-34265` July 4, 2022 - :cve:`2022-34265`
-------------------------------- --------------------------------