[2.2.x] Applied jQuery patch for CVE-2019-11358.
Backport of 34ec52269a
from master.
This commit is contained in:
parent
afddabf842
commit
baaf187a4e
|
@ -261,8 +261,9 @@ jQuery.extend = jQuery.fn.extend = function() {
|
||||||
src = target[ name ];
|
src = target[ name ];
|
||||||
copy = options[ name ];
|
copy = options[ name ];
|
||||||
|
|
||||||
|
// Prevent Object.prototype pollution
|
||||||
// Prevent never-ending loop
|
// Prevent never-ending loop
|
||||||
if ( target === copy ) {
|
if ( name === "__proto__" || target === copy ) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -19,3 +19,14 @@ payload, could result in an clickable JavaScript link.
|
||||||
link. You may customise the validator by passing a ``validator_class`` kwarg to
|
link. You may customise the validator by passing a ``validator_class`` kwarg to
|
||||||
``AdminURLFieldWidget.__init__()``, e.g. when using
|
``AdminURLFieldWidget.__init__()``, e.g. when using
|
||||||
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.
|
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.
|
||||||
|
|
||||||
|
Patched bundled jQuery for CVE-2019-11358: Prototype pollution
|
||||||
|
--------------------------------------------------------------
|
||||||
|
|
||||||
|
jQuery before 3.4.0, mishandles ``jQuery.extend(true, {}, ...)`` because of
|
||||||
|
``Object.prototype`` pollution. If an unsanitized source object contained an
|
||||||
|
enumerable ``__proto__`` property, it could extend the native
|
||||||
|
``Object.prototype``.
|
||||||
|
|
||||||
|
The bundled version of jQuery used by the Django admin has been patched to
|
||||||
|
allow for the ``select2`` library's use of ``jQuery.extend()``.
|
||||||
|
|
|
@ -20,6 +20,17 @@ link. You may customise the validator by passing a ``validator_class`` kwarg to
|
||||||
``AdminURLFieldWidget.__init__()``, e.g. when using
|
``AdminURLFieldWidget.__init__()``, e.g. when using
|
||||||
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.
|
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.
|
||||||
|
|
||||||
|
Patched bundled jQuery for CVE-2019-11358: Prototype pollution
|
||||||
|
--------------------------------------------------------------
|
||||||
|
|
||||||
|
jQuery before 3.4.0, mishandles ``jQuery.extend(true, {}, ...)`` because of
|
||||||
|
``Object.prototype`` pollution. If an unsanitized source object contained an
|
||||||
|
enumerable ``__proto__`` property, it could extend the native
|
||||||
|
``Object.prototype``.
|
||||||
|
|
||||||
|
The bundled version of jQuery used by the Django admin has been patched to
|
||||||
|
allow for the ``select2`` library's use of ``jQuery.extend()``.
|
||||||
|
|
||||||
Bugfixes
|
Bugfixes
|
||||||
========
|
========
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue