mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-07 11:19:12 +00:00
Code Issues 32 Releases Wiki Activity

[4.0.x] Added CVE-2022-34265 to security archive.

Browse Source 
Backport of d12d7c4c42814736c24731a6a300a79526fc2ef6 from main
This commit is contained in:
Mariusz Felisiak 2022-07-04 10:27:14 +02:00
parent 90dc60d1a8
commit 6a830bf900
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/releases/security.txt
View File

@ -36,6 +36,16 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
July 4, 2022 - :cve:`2022-34265`
--------------------------------
Potential SQL injection via ``Trunc(kind)`` and ``Extract(lookup_name)``
arguments. `Full description
<https://www.djangoproject.com/weblog/2022/jul/04/security-releases/>`__
* Django 4.0 :commit:`(patch) <0dc9c016fadb71a067e5a42be30164e3f96c0492>`
* Django 3.2 :commit:`(patch) <a9010fe5555e6086a9d9ae50069579400ef0685e>`
April 11, 2022 - :cve:`2022-28346` April 11, 2022 - :cve:`2022-28346`
---------------------------------- ----------------------------------