From 8827e0994473225bbb1a8c6c26a07d06bbc94305 Mon Sep 17 00:00:00 2001 From: Nick Pope Date: Mon, 3 Jun 2019 20:15:59 +0100 Subject: [PATCH] [2.1.x] Added CVE-2019-11358 to the security release archive. Backport of 8fb0ea55830321852a4a051a478f78e24d4f6889 from master --- docs/releases/security.txt | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/releases/security.txt b/docs/releases/security.txt index cce666ce99a..e318c62bf79 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -936,3 +936,15 @@ Versions affected * Django 2.0 :commit:`(patch <1f42f82566c9d2d73aff1c42790d6b1b243f7676>` and :commit:`correction) <392e040647403fc8007708d52ce01d915b014849>` * Django 1.11 :commit:`(patch) <0bbb560183fabf0533289700845dafa94951f227>` + +June 3, 2019 - :cve:`2019-11358` +-------------------------------- + +Prototype pollution in bundled jQuery. `Full description +`__ + +Versions affected +~~~~~~~~~~~~~~~~~ + +* Django 2.2 :commit:`(patch) ` +* Django 2.1 :commit:`(patch) <95649bc08547a878cebfa1d019edec8cb1b80829>`