Commit Graph

5 Commits

Author SHA1 Message Date
Mariusz Felisiak cdb367c92a [3.0.x] Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+.
Backport of f56b57976133129b0b351a38bba4ac882badabf0 from master.
2020-08-25 10:45:33 +02:00
Mariusz Felisiak 08892bffd2 [3.0.x] Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
Thanks WhiteSage for the report.

Backport of ea0febbba531a3ecc8c77b570efbfb68ca7155db from master.
2020-08-25 10:43:50 +02:00
Mariusz Felisiak ab5491c7cc [3.0.x] Refs #31863 -- Added release notes for 94ea79be13.
Backport of 21768a99f4 from master
2020-08-13 16:31:27 +02:00
Daniel Hillier 784ed4ada1 [3.0.x] Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()).
Backport of 60626162f7 from master
2020-08-11 12:31:50 +02:00
Mariusz Felisiak 9f74a24803 [3.0.x] Added stub release notes for 2.2.16 and 3.0.10.
Backport of 8a5683b6b2 from master
2020-08-11 11:13:20 +02:00