p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[2.0.x] Added CVE-2018-16984 to the security release archive. 

Backport of 0b3b7c4b0a
and 92ccc39170 from master
This commit is contained in:
Carlton Gibson 2018-10-01 11:54:31 +02:00
parent 09acabc648
commit 66ac7a129a
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/releases/security.txt
View File

@ -898,3 +898,14 @@ Versions affected
* Django 2.1 `(patch) <https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c>`__
* Django 2.0 `(patch) <https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525>`__
* Django 1.11 `(patch) <https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff>`__
October 1, 2018 - :cve:`2018-16984`
-----------------------------------
Password hash disclosure to "view only" admin users. `Full description
<https://www.djangoproject.com/weblog/2018/oct/01/security-release/>`__
Versions affected
~~~~~~~~~~~~~~~~~
* Django 2.1 `(patch) <https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851>`__