innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Refs #32718 -- Corrected CVE-2021-31542 release notes.

This commit is contained in:
Mariusz Felisiak 2021-05-12 10:42:01 +02:00 committed by GitHub
parent e6406853c3
commit d1f1417cae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/releases/2.2.21.txt
View File

@ -13,5 +13,4 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.

3
docs/releases/3.1.9.txt
View File

@ -13,5 +13,4 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.

3
docs/releases/3.2.1.txt
View File

@ -13,8 +13,7 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.
Bugfixes
========