mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-06-05 03:29:12 +00:00
Code Issues 32 Releases Wiki Activity

[3.2.x] Added CVE-2021-32052 to security archive.

Browse Source 
Backport of efebcc429f048493d6bc710399e65d98081eafd5 from main
This commit is contained in:
Mariusz Felisiak 2021-05-06 09:58:24 +02:00
parent 40ad501425
commit 0262579f2e
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/releases/security.txt
View File

@ -36,6 +36,20 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
May 6, 2021 - :cve:`2021-32052`
-------------------------------
Header injection possibility since ``URLValidator`` accepted newlines in input
on Python 3.9.5+. `Full description
<https://www.djangoproject.com/weblog/2021/may/06/security-releases/>`__
Versions affected
~~~~~~~~~~~~~~~~~
* Django 3.2 :commit:`(patch) <2d2c1d0c97832860fbd6597977e2aae17dd7e5b2>`
* Django 3.1 :commit:`(patch) <afb23f5929944a407e4990edef1c7806a94c9879>`
* Django 2.2 :commit:`(patch) <d9594c4ea57b6309d93879805302cec9ae9f23ff>`
May 4, 2021 - :cve:`2021-31542` May 4, 2021 - :cve:`2021-31542`
------------------------------- -------------------------------