p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[1.10.x] Added 2017-12794 to the security release archive. 

Backport of 79ae5811c7 from master
This commit is contained in:
Tim Graham 2017-09-05 12:09:44 -04:00
parent 0d7f0c00af
commit 79a9afe5b3
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/releases/security.txt
View File

@ -833,3 +833,15 @@ Versions affected
* Django 1.10 `(patch) <https://github.com/django/django/commit/2a9f6ef71b8e23fd267ee2be1be26dde8ab67037>`__
* Django 1.9 `(patch) <https://github.com/django/django/commit/5f1ffb07afc1e59729ce2b283124116d6c0659e4>`__
* Django 1.8 `(patch) <https://github.com/django/django/commit/4a6b945dffe8d10e7cec107d93e6efaebfbded29>`__
September 5, 2017 - :cve:`2017-12794`
-------------------------------------
Possible XSS in traceback section of technical 500 debug page. `Full
description <https://www.djangoproject.com/weblog/2017/sep/05/security-releases/>`__
Versions affected
~~~~~~~~~~~~~~~~~
* Django 1.11 `(patch) <https://github.com/django/django/commit/e35a0c56086924f331e9422daa266e907a4784cc>`__
* Django 1.10 `(patch) <https://github.com/django/django/commit/58e08e80e362db79eb0fd775dc81faad90dca47a>`__