mirror of
				https://github.com/django/django.git
				synced 2025-10-26 07:06:08 +00:00 
			
		
		
		
	[2.2.x] Used extlinks for GitHub commits.
Backport of c34c6d0a2f from master.
			
			
This commit is contained in:
		| @@ -44,6 +44,7 @@ extensions = [ | |||||||
| ] | ] | ||||||
|  |  | ||||||
| extlinks = { | extlinks = { | ||||||
|  |     'commit': ('https://github.com/django/django/commit/%s', ''), | ||||||
|     'cve': ('https://nvd.nist.gov/view/vuln/detail?vulnId=%s', 'CVE-'), |     'cve': ('https://nvd.nist.gov/view/vuln/detail?vulnId=%s', 'CVE-'), | ||||||
|     'ticket': ('https://code.djangoproject.com/ticket/%s', '#'), |     'ticket': ('https://code.djangoproject.com/ticket/%s', '#'), | ||||||
| } | } | ||||||
|   | |||||||
| @@ -179,9 +179,7 @@ OK, this is the fun part, where we actually push out a release! | |||||||
|    checkout security/1.5.x; git rebase stable/1.5.x``) and then switch back and |    checkout security/1.5.x; git rebase stable/1.5.x``) and then switch back and | ||||||
|    do the merge. Make sure the commit message for each security fix explains |    do the merge. Make sure the commit message for each security fix explains | ||||||
|    that the commit is a security fix and that an announcement will follow |    that the commit is a security fix and that an announcement will follow | ||||||
|    (`example security commit`__). |    (:commit:`example security commit <bf39978a53f117ca02e9a0c78b76664a41a54745>`). | ||||||
|  |  | ||||||
|    __ https://github.com/django/django/commit/3ef4bbf495cc6c061789132e3d50a8231a89406b |  | ||||||
|  |  | ||||||
| #. For a feature release, remove the ``UNDER DEVELOPMENT`` header at the | #. For a feature release, remove the ``UNDER DEVELOPMENT`` header at the | ||||||
|    top of the release notes and add the release date on the next line. For a |    top of the release notes and add the release date on the next line. For a | ||||||
|   | |||||||
| @@ -46,9 +46,9 @@ Filename validation issue in translation framework. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 0.90 `(patch) <https://github.com/django/django/commit/518d406e53>`__ | * Django 0.90 :commit:`(patch) <518d406e53>` | ||||||
| * Django 0.91 `(patch) <https://github.com/django/django/commit/518d406e53>`__ | * Django 0.91 :commit:`(patch) <518d406e53>` | ||||||
| * Django 0.95 `(patch) <https://github.com/django/django/commit/a132d411c6>`__ (released January 21 2007) | * Django 0.95 :commit:`(patch) <a132d411c6>` (released January 21 2007) | ||||||
|  |  | ||||||
| January 21, 2007 - :cve:`2007-0405` | January 21, 2007 - :cve:`2007-0405` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -59,7 +59,7 @@ Apparent "caching" of authenticated user. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 0.95 `(patch) <https://github.com/django/django/commit/e89f0a6558>`__ | * Django 0.95 :commit:`(patch) <e89f0a6558>` | ||||||
|  |  | ||||||
| Issues under Django's security process | Issues under Django's security process | ||||||
| ====================================== | ====================================== | ||||||
| @@ -76,9 +76,9 @@ description <https://www.djangoproject.com/weblog/2007/oct/26/security-fix/>`__ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 0.91 `(patch) <https://github.com/django/django/commit/8bc36e726c9e8c75c681d3ad232df8e882aaac81>`__ | * Django 0.91 :commit:`(patch) <8bc36e726c9e8c75c681d3ad232df8e882aaac81>` | ||||||
| * Django 0.95 `(patch) <https://github.com/django/django/commit/412ed22502e11c50dbfee854627594f0e7e2c234>`__ | * Django 0.95 :commit:`(patch) <412ed22502e11c50dbfee854627594f0e7e2c234>` | ||||||
| * Django 0.96 `(patch) <https://github.com/django/django/commit/7dd2dd08a79e388732ce00e2b5514f15bd6d0f6f>`__ | * Django 0.96 :commit:`(patch) <7dd2dd08a79e388732ce00e2b5514f15bd6d0f6f>` | ||||||
|  |  | ||||||
| May 14, 2008 - :cve:`2008-2302` | May 14, 2008 - :cve:`2008-2302` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -89,9 +89,9 @@ XSS via admin login redirect. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 0.91 `(patch) <https://github.com/django/django/commit/50ce7fb57d>`__ | * Django 0.91 :commit:`(patch) <50ce7fb57d>` | ||||||
| * Django 0.95 `(patch) <https://github.com/django/django/commit/50ce7fb57d>`__ | * Django 0.95 :commit:`(patch) <50ce7fb57d>` | ||||||
| * Django 0.96 `(patch) <https://github.com/django/django/commit/7791e5c050>`__ | * Django 0.96 :commit:`(patch) <7791e5c050>` | ||||||
|  |  | ||||||
| September 2, 2008 - :cve:`2008-3909` | September 2, 2008 - :cve:`2008-3909` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -102,9 +102,9 @@ CSRF via preservation of POST data during admin login. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 0.91 `(patch) <https://github.com/django/django/commit/44debfeaa4473bd28872c735dd3d9afde6886752>`__ | * Django 0.91 :commit:`(patch) <44debfeaa4473bd28872c735dd3d9afde6886752>` | ||||||
| * Django 0.95 `(patch) <https://github.com/django/django/commit/aee48854a164382c655acb9f18b3c06c3d238e81>`__ | * Django 0.95 :commit:`(patch) <aee48854a164382c655acb9f18b3c06c3d238e81>` | ||||||
| * Django 0.96 `(patch) <https://github.com/django/django/commit/7e0972bded362bc4b851c109df2c8a6548481a8e>`__ | * Django 0.96 :commit:`(patch) <7e0972bded362bc4b851c109df2c8a6548481a8e>` | ||||||
|  |  | ||||||
| July 28, 2009 - :cve:`2009-2659` | July 28, 2009 - :cve:`2009-2659` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -115,8 +115,8 @@ Directory-traversal in development server media handler. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 0.96 `(patch) <https://github.com/django/django/commit/da85d76fd6>`__ | * Django 0.96 :commit:`(patch) <da85d76fd6>` | ||||||
| * Django 1.0 `(patch) <https://github.com/django/django/commit/df7f917b7f>`__ | * Django 1.0 :commit:`(patch) <df7f917b7f>` | ||||||
|  |  | ||||||
| October 9, 2009 - :cve:`2009-3965` | October 9, 2009 - :cve:`2009-3965` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -127,8 +127,8 @@ description <https://www.djangoproject.com/weblog/2009/oct/09/security/>`__ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.0 `(patch) <https://github.com/django/django/commit/594a28a904>`__ | * Django 1.0 :commit:`(patch) <594a28a904>` | ||||||
| * Django 1.1 `(patch) <https://github.com/django/django/commit/e3e992e18b>`__ | * Django 1.1 :commit:`(patch) <e3e992e18b>` | ||||||
|  |  | ||||||
| September 8, 2010 - :cve:`2010-3082` | September 8, 2010 - :cve:`2010-3082` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -139,7 +139,7 @@ XSS via trusting unsafe cookie value. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/7f84657b6b>`__ | * Django 1.2 :commit:`(patch) <7f84657b6b>` | ||||||
|  |  | ||||||
| December 22, 2010 - :cve:`2010-4534` | December 22, 2010 - :cve:`2010-4534` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -150,8 +150,8 @@ Information leakage in administrative interface. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.1 `(patch) <https://github.com/django/django/commit/17084839fd>`__ | * Django 1.1 :commit:`(patch) <17084839fd>` | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/85207a245b>`__ | * Django 1.2 :commit:`(patch) <85207a245b>` | ||||||
|  |  | ||||||
| December 22, 2010 - :cve:`2010-4535` | December 22, 2010 - :cve:`2010-4535` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -162,8 +162,8 @@ Denial-of-service in password-reset mechanism. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.1 `(patch) <https://github.com/django/django/commit/7f8dd9cbac>`__ | * Django 1.1 :commit:`(patch) <7f8dd9cbac>` | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/d5d8942a16>`__ | * Django 1.2 :commit:`(patch) <d5d8942a16>` | ||||||
|  |  | ||||||
| February 8, 2011 - :cve:`2011-0696` | February 8, 2011 - :cve:`2011-0696` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -174,8 +174,8 @@ CSRF via forged HTTP headers. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.1 `(patch) <https://github.com/django/django/commit/408c5c873c>`__ | * Django 1.1 :commit:`(patch) <408c5c873c>` | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/818e70344e>`__ | * Django 1.2 :commit:`(patch) <818e70344e>` | ||||||
|  |  | ||||||
| February 8, 2011 - :cve:`2011-0697` | February 8, 2011 - :cve:`2011-0697` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -186,8 +186,8 @@ XSS via unsanitized names of uploaded files. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.1 `(patch) <https://github.com/django/django/commit/1966786d2d>`__ | * Django 1.1 :commit:`(patch) <1966786d2d>` | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/1f814a9547>`__ | * Django 1.2 :commit:`(patch) <1f814a9547>` | ||||||
|  |  | ||||||
| February 8, 2011 - :cve:`2011-0698` | February 8, 2011 - :cve:`2011-0698` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -198,8 +198,8 @@ description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.1 `(patch) <https://github.com/django/django/commit/570a32a047>`__ | * Django 1.1 :commit:`(patch) <570a32a047>` | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/194566480b>`__ | * Django 1.2 :commit:`(patch) <194566480b>` | ||||||
|  |  | ||||||
| September 9, 2011 - :cve:`2011-4136` | September 9, 2011 - :cve:`2011-4136` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -210,8 +210,8 @@ Session manipulation when using memory-cache-backed session. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/ac7c3a110f>`__ | * Django 1.2 :commit:`(patch) <ac7c3a110f>` | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/fbe2eead2f>`__ | * Django 1.3 :commit:`(patch) <fbe2eead2f>` | ||||||
|  |  | ||||||
| September 9, 2011 - :cve:`2011-4137` | September 9, 2011 - :cve:`2011-4137` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -222,8 +222,8 @@ Denial-of-service via ``URLField.verify_exists``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/7268f8af86>`__ | * Django 1.2 :commit:`(patch) <7268f8af86>` | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/1a76dbefdf>`__ | * Django 1.3 :commit:`(patch) <1a76dbefdf>` | ||||||
|  |  | ||||||
| September 9, 2011 - :cve:`2011-4138` | September 9, 2011 - :cve:`2011-4138` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -235,8 +235,8 @@ Information leakage/arbitrary request issuance via ``URLField.verify_exists``. | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.2: `(patch) <https://github.com/django/django/commit/7268f8af86>`__ | * Django 1.2: :commit:`(patch) <7268f8af86>` | ||||||
| * Django 1.3: `(patch) <https://github.com/django/django/commit/1a76dbefdf>`__ | * Django 1.3: :commit:`(patch) <1a76dbefdf>` | ||||||
|  |  | ||||||
| September 9, 2011 - :cve:`2011-4139` | September 9, 2011 - :cve:`2011-4139` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -247,8 +247,8 @@ September 9, 2011 - :cve:`2011-4139` | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.2 `(patch) <https://github.com/django/django/commit/c613af4d64>`__ | * Django 1.2 :commit:`(patch) <c613af4d64>` | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/2f7fadc38e>`__ | * Django 1.3 :commit:`(patch) <2f7fadc38e>` | ||||||
|  |  | ||||||
| September 9, 2011 - :cve:`2011-4140` | September 9, 2011 - :cve:`2011-4140` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -273,8 +273,8 @@ XSS via failure to validate redirect scheme. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3: `(patch) <https://github.com/django/django/commit/4dea4883e6c50d75f215a6b9bcbd95273f57c72d>`__ | * Django 1.3: :commit:`(patch) <4dea4883e6c50d75f215a6b9bcbd95273f57c72d>` | ||||||
| * Django 1.4: `(patch) <https://github.com/django/django/commit/e34685034b60be1112160e76091e5aee60149fa1>`__ | * Django 1.4: :commit:`(patch) <e34685034b60be1112160e76091e5aee60149fa1>` | ||||||
|  |  | ||||||
| July 30, 2012 - :cve:`2012-3443` | July 30, 2012 - :cve:`2012-3443` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -285,8 +285,8 @@ Denial-of-service via compressed image files. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3: `(patch) <https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446>`__ | * Django 1.3: :commit:`(patch) <b2eb4787a0fff9c9993b78be5c698e85108f3446>` | ||||||
| * Django 1.4: `(patch) <https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141>`__ | * Django 1.4: :commit:`(patch) <c14f325c4eef628bc7bfd8873c3a72aeb0219141>` | ||||||
|  |  | ||||||
| July 30, 2012 - :cve:`2012-3444` | July 30, 2012 - :cve:`2012-3444` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -297,8 +297,8 @@ Denial-of-service via large image files. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155>`__ | * Django 1.3 :commit:`(patch) <9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6>`__ | * Django 1.4 :commit:`(patch) <da33d67181b53fe6cc737ac1220153814a1509f6>` | ||||||
|  |  | ||||||
| October 17, 2012 - :cve:`2012-4520` | October 17, 2012 - :cve:`2012-4520` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -309,8 +309,8 @@ October 17, 2012 - :cve:`2012-4520` | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/b45c377f8f488955e0c7069cad3f3dd21910b071>`__ | * Django 1.3 :commit:`(patch) <b45c377f8f488955e0c7069cad3f3dd21910b071>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/92d3430f12171f16f566c9050c40feefb830a4a3>`__ | * Django 1.4 :commit:`(patch) <92d3430f12171f16f566c9050c40feefb830a4a3>` | ||||||
|  |  | ||||||
| December 10, 2012 - No CVE 1 | December 10, 2012 - No CVE 1 | ||||||
| ---------------------------- | ---------------------------- | ||||||
| @@ -321,8 +321,8 @@ Additional hardening of ``Host`` header handling. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/2da4ace0bc1bc1d79bf43b368cb857f6f0cd6b1b>`__ | * Django 1.3 :commit:`(patch) <2da4ace0bc1bc1d79bf43b368cb857f6f0cd6b1b>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/319627c184e71ae267d6b7f000e293168c7b6e09>`__ | * Django 1.4 :commit:`(patch) <319627c184e71ae267d6b7f000e293168c7b6e09>` | ||||||
|  |  | ||||||
| December 10, 2012 - No CVE 2 | December 10, 2012 - No CVE 2 | ||||||
| ---------------------------- | ---------------------------- | ||||||
| @@ -333,8 +333,8 @@ Additional hardening of redirect validation. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3: `(patch) <https://github.com/django/django/commit/1515eb46daa0897ba5ad5f0a2db8969255f1b343>`__ | * Django 1.3: :commit:`(patch) <1515eb46daa0897ba5ad5f0a2db8969255f1b343>` | ||||||
| * Django 1.4: `(patch) <https://github.com/django/django/commit/b2ae0a63aeec741f1e51bac9a95a27fd635f9652>`__ | * Django 1.4: :commit:`(patch) <b2ae0a63aeec741f1e51bac9a95a27fd635f9652>` | ||||||
|  |  | ||||||
| February 19, 2013 - No CVE | February 19, 2013 - No CVE | ||||||
| -------------------------- | -------------------------- | ||||||
| @@ -345,8 +345,8 @@ Additional hardening of ``Host`` header handling. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/27cd872e6e36a81d0bb6f5b8765a1705fecfc253>`__ | * Django 1.3 :commit:`(patch) <27cd872e6e36a81d0bb6f5b8765a1705fecfc253>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/9936fdb11d0bbf0bd242f259bfb97bbf849d16f8>`__ | * Django 1.4 :commit:`(patch) <9936fdb11d0bbf0bd242f259bfb97bbf849d16f8>` | ||||||
|  |  | ||||||
| February 19, 2013 - :cve:`2013-1664` / :cve:`2013-1665` | February 19, 2013 - :cve:`2013-1664` / :cve:`2013-1665` | ||||||
| ------------------------------------------------------- | ------------------------------------------------------- | ||||||
| @@ -357,8 +357,8 @@ Entity-based attacks against Python XML libraries. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/d19a27066b2247102e65412aa66917aff0091112>`__ | * Django 1.3 :commit:`(patch) <d19a27066b2247102e65412aa66917aff0091112>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/1c60d07ba23e0350351c278ad28d0bd5aa410b40>`__ | * Django 1.4 :commit:`(patch) <1c60d07ba23e0350351c278ad28d0bd5aa410b40>` | ||||||
|  |  | ||||||
| February 19, 2013 - :cve:`2013-0305` | February 19, 2013 - :cve:`2013-0305` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -369,8 +369,8 @@ Information leakage via admin history log. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/d3a45e10c8ac8268899999129daa27652ec0da35>`__ | * Django 1.3 :commit:`(patch) <d3a45e10c8ac8268899999129daa27652ec0da35>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/0e7861aec73702f7933ce2a93056f7983939f0d6>`__ | * Django 1.4 :commit:`(patch) <0e7861aec73702f7933ce2a93056f7983939f0d6>` | ||||||
|  |  | ||||||
| February 19, 2013 - :cve:`2013-0306` | February 19, 2013 - :cve:`2013-0306` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -381,8 +381,8 @@ Denial-of-service via formset ``max_num`` bypass. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.3 `(patch) <https://github.com/django/django/commit/d7094bbce8cb838f3b40f504f198c098ff1cf727>`__ | * Django 1.3 :commit:`(patch) <d7094bbce8cb838f3b40f504f198c098ff1cf727>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/0cc350a896f70ace18280410eb616a9197d862b0>`__ | * Django 1.4 :commit:`(patch) <0cc350a896f70ace18280410eb616a9197d862b0>` | ||||||
|  |  | ||||||
| August 13, 2013 - :cve:`2013-4249` | August 13, 2013 - :cve:`2013-4249` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -393,7 +393,7 @@ XSS via admin trusting ``URLField`` values. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/90363e388c61874add3f3557ee654a996ec75d78>`__ | * Django 1.5 :commit:`(patch) <90363e388c61874add3f3557ee654a996ec75d78>` | ||||||
|  |  | ||||||
| August 13, 2013 - :cve:`2013-6044` | August 13, 2013 - :cve:`2013-6044` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -404,8 +404,8 @@ Possible XSS via unvalidated URL redirect schemes. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/ec67af0bd609c412b76eaa4cc89968a2a8e5ad6a>`__ | * Django 1.4 :commit:`(patch) <ec67af0bd609c412b76eaa4cc89968a2a8e5ad6a>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/1a274ccd6bc1afbdac80344c9b6e5810c1162b5f>`__ | * Django 1.5 :commit:`(patch) <1a274ccd6bc1afbdac80344c9b6e5810c1162b5f>` | ||||||
|  |  | ||||||
| September 10, 2013 - :cve:`2013-4315` | September 10, 2013 - :cve:`2013-4315` | ||||||
| ------------------------------------- | ------------------------------------- | ||||||
| @@ -416,8 +416,8 @@ Directory-traversal via ``ssi`` template tag. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/87d2750b39f6f2d54b7047225521a44dcd37e896>`__ | * Django 1.4 :commit:`(patch) <87d2750b39f6f2d54b7047225521a44dcd37e896>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/988b61c550d798f9a66d17ee0511fb7a9a7f33ca>`__ | * Django 1.5 :commit:`(patch) <988b61c550d798f9a66d17ee0511fb7a9a7f33ca>` | ||||||
|  |  | ||||||
| September 14, 2013 - :cve:`2013-1443` | September 14, 2013 - :cve:`2013-1443` | ||||||
| ------------------------------------- | ------------------------------------- | ||||||
| @@ -428,8 +428,8 @@ Denial-of-service via large passwords. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch <https://github.com/django/django/commit/3f3d887a6844ec2db743fee64c9e53e04d39a368>`__ and `Python compatibility fix) <https://github.com/django/django/commit/6903d1690a92aa040adfb0c8eb37cf62e4206714>`__ | * Django 1.4 :commit:`(patch <3f3d887a6844ec2db743fee64c9e53e04d39a368>` and :commit:`Python compatibility fix) <6903d1690a92aa040adfb0c8eb37cf62e4206714>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/22b74fa09d7ccbc8c52270d648a0da7f3f0fa2bc>`__ | * Django 1.5 :commit:`(patch) <22b74fa09d7ccbc8c52270d648a0da7f3f0fa2bc>` | ||||||
|  |  | ||||||
| April 21, 2014 - :cve:`2014-0472` | April 21, 2014 - :cve:`2014-0472` | ||||||
| --------------------------------- | --------------------------------- | ||||||
| @@ -440,10 +440,10 @@ Unexpected code execution using ``reverse()``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/c1a8c420fe4b27fb2caf5e46d23b5712fc0ac535>`__ | * Django 1.4 :commit:`(patch) <c1a8c420fe4b27fb2caf5e46d23b5712fc0ac535>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/2a5bcb69f42b84464b24b5c835dca6467b6aa7f1>`__ | * Django 1.5 :commit:`(patch) <2a5bcb69f42b84464b24b5c835dca6467b6aa7f1>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/4352a50871e239ebcdf64eee6f0b88e714015c1b>`__ | * Django 1.6 :commit:`(patch) <4352a50871e239ebcdf64eee6f0b88e714015c1b>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/546740544d7f69254a67b06a3fc7fa0c43512958>`__ | * Django 1.7 :commit:`(patch) <546740544d7f69254a67b06a3fc7fa0c43512958>` | ||||||
|  |  | ||||||
| April 21, 2014 - :cve:`2014-0473` | April 21, 2014 - :cve:`2014-0473` | ||||||
| --------------------------------- | --------------------------------- | ||||||
| @@ -454,10 +454,10 @@ Caching of anonymous pages could reveal CSRF token. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/1170f285ddd6a94a65f911a27788ba49ca08c0b0>`__ | * Django 1.4 :commit:`(patch) <1170f285ddd6a94a65f911a27788ba49ca08c0b0>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/6872f42757d7ef6a97e0b6ec5db4d2615d8a2bd8>`__ | * Django 1.5 :commit:`(patch) <6872f42757d7ef6a97e0b6ec5db4d2615d8a2bd8>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/d63e20942f3024f24cb8cd85a49461ba8a9b6736>`__ | * Django 1.6 :commit:`(patch) <d63e20942f3024f24cb8cd85a49461ba8a9b6736>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/380545bf85cbf17fc698d136815b7691f8d023ca>`__ | * Django 1.7 :commit:`(patch) <380545bf85cbf17fc698d136815b7691f8d023ca>` | ||||||
|  |  | ||||||
| April 21, 2014 - :cve:`2014-0474` | April 21, 2014 - :cve:`2014-0474` | ||||||
| --------------------------------- | --------------------------------- | ||||||
| @@ -468,10 +468,10 @@ MySQL typecasting causes unexpected query results. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/aa80f498de6d687e613860933ac58433ab71ea4b>`__ | * Django 1.4 :commit:`(patch) <aa80f498de6d687e613860933ac58433ab71ea4b>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/985434fb1d6bf2335bf96c6ebf91c3674f1f399f>`__ | * Django 1.5 :commit:`(patch) <985434fb1d6bf2335bf96c6ebf91c3674f1f399f>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/5f0829a27e85d89ad8c433f5c6a7a7d17c9e9292>`__ | * Django 1.6 :commit:`(patch) <5f0829a27e85d89ad8c433f5c6a7a7d17c9e9292>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/34526c2f56b863c2103655a0893ac801667e86ea>`__ | * Django 1.7 :commit:`(patch) <34526c2f56b863c2103655a0893ac801667e86ea>` | ||||||
|  |  | ||||||
| May 18, 2014 - :cve:`2014-1418` | May 18, 2014 - :cve:`2014-1418` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -482,10 +482,10 @@ Caches may be allowed to store and serve private data. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/28e23306aa53bbbb8fb87db85f99d970b051026c>`__ | * Django 1.4 :commit:`(patch) <28e23306aa53bbbb8fb87db85f99d970b051026c>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/4001ec8698f577b973c5a540801d8a0bbea1205b>`__ | * Django 1.5 :commit:`(patch) <4001ec8698f577b973c5a540801d8a0bbea1205b>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/1abcf3a808b35abae5d425ed4d44cb6e886dc769>`__ | * Django 1.6 :commit:`(patch) <1abcf3a808b35abae5d425ed4d44cb6e886dc769>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/7fef18ba9e5a8b47bc24b5bb259c8bf3d3879f2a>`__ | * Django 1.7 :commit:`(patch) <7fef18ba9e5a8b47bc24b5bb259c8bf3d3879f2a>` | ||||||
|  |  | ||||||
| May 18, 2014 - :cve:`2014-3730` | May 18, 2014 - :cve:`2014-3730` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -496,10 +496,10 @@ Malformed URLs from user input incorrectly validated. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/7feb54bbae3f637ab3c4dd4831d4385964f574df>`__ | * Django 1.4 :commit:`(patch) <7feb54bbae3f637ab3c4dd4831d4385964f574df>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/ad32c218850ad40972dcef57beb460f8c979dd6d>`__ | * Django 1.5 :commit:`(patch) <ad32c218850ad40972dcef57beb460f8c979dd6d>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/601107524523bca02376a0ddc1a06c6fdb8f22f3>`__ | * Django 1.6 :commit:`(patch) <601107524523bca02376a0ddc1a06c6fdb8f22f3>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/e7b0cace455c2da24492660636bfd48c45a19cdf>`__ | * Django 1.7 :commit:`(patch) <e7b0cace455c2da24492660636bfd48c45a19cdf>` | ||||||
|  |  | ||||||
| August 20, 2014 - :cve:`2014-0480` | August 20, 2014 - :cve:`2014-0480` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -510,10 +510,10 @@ August 20, 2014 - :cve:`2014-0480` | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e>`__ | * Django 1.4 :commit:`(patch) <c2fe73133b62a1d9e8f7a6b43966570b14618d7e>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd>`__ | * Django 1.5 :commit:`(patch) <45ac9d4fb087d21902469fc22643f5201d41a0cd>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5>`__ | * Django 1.6 :commit:`(patch) <da051da8df5e69944745072611351d4cfc6435d5>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/bf650a2ee78c6d1f4544a875dcc777cf27fe93e9>`__ | * Django 1.7 :commit:`(patch) <bf650a2ee78c6d1f4544a875dcc777cf27fe93e9>` | ||||||
|  |  | ||||||
| August 20, 2014 - :cve:`2014-0481` | August 20, 2014 - :cve:`2014-0481` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -524,10 +524,10 @@ File upload denial of service. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/30042d475bf084c6723c6217a21598d9247a9c41>`__ | * Django 1.4 :commit:`(patch) <30042d475bf084c6723c6217a21598d9247a9c41>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/26cd48e166ac4d84317c8ee6d63ac52a87e8da99>`__ | * Django 1.5 :commit:`(patch) <26cd48e166ac4d84317c8ee6d63ac52a87e8da99>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/dd0c3f4ee1a30c1a1e6055061c6ba6e58c6b54d1>`__ | * Django 1.6 :commit:`(patch) <dd0c3f4ee1a30c1a1e6055061c6ba6e58c6b54d1>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/3123f8452cf49071be9110e277eea60ba0032216>`__ | * Django 1.7 :commit:`(patch) <3123f8452cf49071be9110e277eea60ba0032216>` | ||||||
|  |  | ||||||
| August 20, 2014 - :cve:`2014-0482` | August 20, 2014 - :cve:`2014-0482` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -538,10 +538,10 @@ August 20, 2014 - :cve:`2014-0482` | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/c9e3b9949cd55f090591fbdc4a114fcb8368b6d9>`__ | * Django 1.4 :commit:`(patch) <c9e3b9949cd55f090591fbdc4a114fcb8368b6d9>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/dd68f319b365f6cb38c5a6c106faf4f6142d7d88>`__ | * Django 1.5 :commit:`(patch) <dd68f319b365f6cb38c5a6c106faf4f6142d7d88>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/0268b855f9eab3377f2821164ef3e66037789e09>`__ | * Django 1.6 :commit:`(patch) <0268b855f9eab3377f2821164ef3e66037789e09>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/1a45d059c70385fcd6f4a3955f3b4e4cc96d0150>`__ | * Django 1.7 :commit:`(patch) <1a45d059c70385fcd6f4a3955f3b4e4cc96d0150>` | ||||||
|  |  | ||||||
| August 20, 2014 - :cve:`2014-0483` | August 20, 2014 - :cve:`2014-0483` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -552,10 +552,10 @@ Data leakage via querystring manipulation in admin. | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/027bd348642007617518379f8b02546abacaa6e0>`__ | * Django 1.4 :commit:`(patch) <027bd348642007617518379f8b02546abacaa6e0>` | ||||||
| * Django 1.5 `(patch) <https://github.com/django/django/commit/2a446c896e7c814661fb9c4f212b071b2a7fa446>`__ | * Django 1.5 :commit:`(patch) <2a446c896e7c814661fb9c4f212b071b2a7fa446>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/f7c494f2506250b8cb5923714360a3642ed63e0f>`__ | * Django 1.6 :commit:`(patch) <f7c494f2506250b8cb5923714360a3642ed63e0f>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/2b31342cdf14fc20e07c43d258f1e7334ad664a6>`__ | * Django 1.7 :commit:`(patch) <2b31342cdf14fc20e07c43d258f1e7334ad664a6>` | ||||||
|  |  | ||||||
| January 13, 2015 - :cve:`2015-0219` | January 13, 2015 - :cve:`2015-0219` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -566,9 +566,9 @@ WSGI header spoofing via underscore/dash conflation. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/4f6fffc1dc429f1ad428ecf8e6620739e8837450>`__ | * Django 1.4 :commit:`(patch) <4f6fffc1dc429f1ad428ecf8e6620739e8837450>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/d7597b31d5c03106eeba4be14a33b32a5e25f4ee>`__ | * Django 1.6 :commit:`(patch) <d7597b31d5c03106eeba4be14a33b32a5e25f4ee>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/41b4bc73ee0da7b2e09f4af47fc1fd21144c710f>`__ | * Django 1.7 :commit:`(patch) <41b4bc73ee0da7b2e09f4af47fc1fd21144c710f>` | ||||||
|  |  | ||||||
| January 13, 2015 - :cve:`2015-0220` | January 13, 2015 - :cve:`2015-0220` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -579,9 +579,9 @@ description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/4c241f1b710da6419d9dca160e80b23b82db7758>`__ | * Django 1.4 :commit:`(patch) <4c241f1b710da6419d9dca160e80b23b82db7758>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/72e0b033662faa11bb7f516f18a132728aa0ae28>`__ | * Django 1.6 :commit:`(patch) <72e0b033662faa11bb7f516f18a132728aa0ae28>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/de67dedc771ad2edec15c1d00c083a1a084e1e89>`__ | * Django 1.7 :commit:`(patch) <de67dedc771ad2edec15c1d00c083a1a084e1e89>` | ||||||
|  |  | ||||||
| January 13, 2015 - :cve:`2015-0221` | January 13, 2015 - :cve:`2015-0221` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -592,9 +592,9 @@ description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/d020da6646c5142bc092247d218a3d1ce3e993f7>`__ | * Django 1.4 :commit:`(patch) <d020da6646c5142bc092247d218a3d1ce3e993f7>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/553779c4055e8742cc832ed525b9ee34b174934f>`__ | * Django 1.6 :commit:`(patch) <553779c4055e8742cc832ed525b9ee34b174934f>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/818e59a3f0fbadf6c447754d202d88df025f8f2a>`__ | * Django 1.7 :commit:`(patch) <818e59a3f0fbadf6c447754d202d88df025f8f2a>` | ||||||
|  |  | ||||||
| January 13, 2015 - :cve:`2015-0222` | January 13, 2015 - :cve:`2015-0222` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -605,8 +605,8 @@ Database denial-of-service with ``ModelMultipleChoiceField``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/d7a06ee7e571b6dad07c0f5b519b1db02e2a476c>`__ | * Django 1.6 :commit:`(patch) <d7a06ee7e571b6dad07c0f5b519b1db02e2a476c>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/bcfb47780ce7caecb409a9e9c1c314266e41d392>`__ | * Django 1.7 :commit:`(patch) <bcfb47780ce7caecb409a9e9c1c314266e41d392>` | ||||||
|  |  | ||||||
| March 9, 2015 - :cve:`2015-2241` | March 9, 2015 - :cve:`2015-2241` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -617,8 +617,8 @@ XSS attack via properties in ``ModelAdmin.readonly_fields``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/d16e4e1d6f95e6f46bff53cc4fd0ab398b8e5059>`__ | * Django 1.7 :commit:`(patch) <d16e4e1d6f95e6f46bff53cc4fd0ab398b8e5059>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/2654e1b93923bac55f12b4e66c5e39b16695ace5>`_ | * Django 1.8 :commit:`(patch) <2654e1b93923bac55f12b4e66c5e39b16695ace5>` | ||||||
|  |  | ||||||
| March 18, 2015 - :cve:`2015-2316` | March 18, 2015 - :cve:`2015-2316` | ||||||
| --------------------------------- | --------------------------------- | ||||||
| @@ -629,9 +629,9 @@ Denial-of-service possibility with ``strip_tags()``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/b6b3cb9899214a23ebb0f4ebf0e0b300b0ee524f>`__ | * Django 1.6 :commit:`(patch) <b6b3cb9899214a23ebb0f4ebf0e0b300b0ee524f>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/e63363f8e075fa8d66326ad6a1cc3391cc95cd97>`__ | * Django 1.7 :commit:`(patch) <e63363f8e075fa8d66326ad6a1cc3391cc95cd97>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/5447709a571cd5d95971f1d5d21d4a7edcf85bbd>`__ | * Django 1.8 :commit:`(patch) <5447709a571cd5d95971f1d5d21d4a7edcf85bbd>` | ||||||
|  |  | ||||||
| March 18, 2015 - :cve:`2015-2317` | March 18, 2015 - :cve:`2015-2317` | ||||||
| --------------------------------- | --------------------------------- | ||||||
| @@ -642,10 +642,10 @@ description <https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b>`__ | * Django 1.4 :commit:`(patch) <2342693b31f740a422abf7267c53b4e7bc487c1b>` | ||||||
| * Django 1.6 `(patch) <https://github.com/django/django/commit/5510f070711540aaa8d3707776cd77494e688ef9>`__ | * Django 1.6 :commit:`(patch) <5510f070711540aaa8d3707776cd77494e688ef9>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1>`__ | * Django 1.7 :commit:`(patch) <2a4113dbd532ce952308992633d802dc169a75f1>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/770427c2896a078925abfca2317486b284d22f04>`__ | * Django 1.8 :commit:`(patch) <770427c2896a078925abfca2317486b284d22f04>` | ||||||
|  |  | ||||||
| May 20, 2015 - :cve:`2015-3982` | May 20, 2015 - :cve:`2015-3982` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -656,7 +656,7 @@ Fixed session flushing in the cached_db backend. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/31cb25adecba930bdeee4556709f5a1c42d88fd6>`__ | * Django 1.8 :commit:`(patch) <31cb25adecba930bdeee4556709f5a1c42d88fd6>` | ||||||
|  |  | ||||||
| July 8, 2015 - :cve:`2015-5143` | July 8, 2015 - :cve:`2015-5143` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -667,9 +667,9 @@ description <https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16>`__ | * Django 1.8 :commit:`(patch) <66d12d1ababa8f062857ee5eb43276493720bf16>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663>`__ | * Django 1.7 :commit:`(patch) <1828f4341ec53a8684112d24031b767eba557663>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9>`__ | * Django 1.4 :commit:`(patch) <2e47f3e401c29bc2ba5ab794d483cb0820855fb9>` | ||||||
|  |  | ||||||
| July 8, 2015 - :cve:`2015-5144` | July 8, 2015 - :cve:`2015-5144` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -680,9 +680,9 @@ description <https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0>`__ | * Django 1.8 :commit:`(patch) <574dd5e0b0fbb877ae5827b1603d298edc9bb2a0>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649>`__ | * Django 1.7 :commit:`(patch) <ae49b4d994656bc037513dcd064cb9ce5bb85649>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a>`__ | * Django 1.4 :commit:`(patch) <1ba1cdce7d58e6740fe51955d945b56ae51d072a>` | ||||||
|  |  | ||||||
| July 8, 2015 - :cve:`2015-5145` | July 8, 2015 - :cve:`2015-5145` | ||||||
| ------------------------------- | ------------------------------- | ||||||
| @@ -693,7 +693,7 @@ Denial-of-service possibility in URL validation. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c>`__ | * Django 1.8 :commit:`(patch) <8f9a4d3a2bc42f14bb437defd30c7315adbff22c>` | ||||||
|  |  | ||||||
| August 18, 2015 - :cve:`2015-5963` / :cve:`2015-5964` | August 18, 2015 - :cve:`2015-5963` / :cve:`2015-5964` | ||||||
| ----------------------------------------------------- | ----------------------------------------------------- | ||||||
| @@ -704,9 +704,9 @@ Denial-of-service possibility in ``logout()`` view by filling session store. | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/2eb86b01d7b59be06076f6179a454d0fd0afaff6>`__ | * Django 1.8 :commit:`(patch) <2eb86b01d7b59be06076f6179a454d0fd0afaff6>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7>`__ | * Django 1.7 :commit:`(patch) <2f5485346ee6f84b4e52068c04e043092daf55f7>` | ||||||
| * Django 1.4 `(patch) <https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012>`__ | * Django 1.4 :commit:`(patch) <575f59f9bc7c59a5e41a081d1f5f55fc859c5012>` | ||||||
|  |  | ||||||
| November 24, 2015 - :cve:`2015-8213` | November 24, 2015 - :cve:`2015-8213` | ||||||
| ------------------------------------ | ------------------------------------ | ||||||
| @@ -717,8 +717,8 @@ Settings leak possibility in ``date`` template filter. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991>`__ | * Django 1.8 :commit:`(patch) <9f83fc2f66f5a0bac7c291aec55df66050bb6991>` | ||||||
| * Django 1.7 `(patch) <https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172>`__ | * Django 1.7 :commit:`(patch) <8a01c6b53169ee079cb21ac5919fdafcc8c5e172>` | ||||||
|  |  | ||||||
| February 1, 2016 - :cve:`2016-2048` | February 1, 2016 - :cve:`2016-2048` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -730,7 +730,7 @@ User with "change" but not "add" permission can create objects for | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/adbca5e4db42542575734b8e5d26961c8ada7265>`__ | * Django 1.9 :commit:`(patch) <adbca5e4db42542575734b8e5d26961c8ada7265>` | ||||||
|  |  | ||||||
| March 1, 2016 - :cve:`2016-2512` | March 1, 2016 - :cve:`2016-2512` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -742,8 +742,8 @@ containing basic auth. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380>`__ | * Django 1.9 :commit:`(patch) <fc6d147a63f89795dbcdecb0559256470fff4380>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350>`__ | * Django 1.8 :commit:`(patch) <382ab137312961ad62feb8109d70a5a581fe8350>` | ||||||
|  |  | ||||||
| March 1, 2016 - :cve:`2016-2513` | March 1, 2016 - :cve:`2016-2513` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -755,8 +755,8 @@ upgrade. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e>`__ | * Django 1.9 :commit:`(patch) <af7d09b0c5c6ab68e629fd9baf736f9dd203b18e>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6>`__ | * Django 1.8 :commit:`(patch) <f4e6e02f7713a6924d16540be279909ff4091eb6>` | ||||||
|  |  | ||||||
| July 18, 2016 - :cve:`2016-6186` | July 18, 2016 - :cve:`2016-6186` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -767,8 +767,8 @@ XSS in admin's add/change related popup. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158>`__ | * Django 1.9 :commit:`(patch) <d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d>`__ | * Django 1.8 :commit:`(patch) <f68e5a99164867ab0e071a936470958ed867479d>` | ||||||
|  |  | ||||||
| September 26, 2016 - :cve:`2016-7401` | September 26, 2016 - :cve:`2016-7401` | ||||||
| ------------------------------------- | ------------------------------------- | ||||||
| @@ -779,8 +779,8 @@ CSRF protection bypass on a site with Google Analytics. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a>`__ | * Django 1.9 :commit:`(patch) <d1bc980db1c0fffd6d60677e62f70beadb9fe64a>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a>`__ | * Django 1.8 :commit:`(patch) <6118ab7d0676f0d622278e5be215f14fb5410b6a>` | ||||||
|  |  | ||||||
| November 1, 2016 - :cve:`2016-9013` | November 1, 2016 - :cve:`2016-9013` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -791,9 +791,9 @@ description <https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.10 `(patch) <https://github.com/django/django/commit/34e10720d81b8d407aa14d763b6a7fe8f13b4f2e>`__ | * Django 1.10 :commit:`(patch) <34e10720d81b8d407aa14d763b6a7fe8f13b4f2e>` | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/4844d86c7728c1a5a3bbce4ad336a8d32304072b>`__ | * Django 1.9 :commit:`(patch) <4844d86c7728c1a5a3bbce4ad336a8d32304072b>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/70f99952965a430daf69eeb9947079aae535d2d0>`__ | * Django 1.8 :commit:`(patch) <70f99952965a430daf69eeb9947079aae535d2d0>` | ||||||
|  |  | ||||||
| November 1, 2016 - :cve:`2016-9014` | November 1, 2016 - :cve:`2016-9014` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -804,9 +804,9 @@ DNS rebinding vulnerability when ``DEBUG=True``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.10 `(patch) <https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472>`__ | * Django 1.10 :commit:`(patch) <884e113838e5a72b4b0ec9e5e87aa480f6aa4472>` | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19>`__ | * Django 1.9 :commit:`(patch) <45acd6d836895a4c36575f48b3fb36a3dae98d19>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587>`__ | * Django 1.8 :commit:`(patch) <c401ae9a7dfb1a94a8a61927ed541d6f93089587>` | ||||||
|  |  | ||||||
| April 4, 2017 - :cve:`2017-7233` | April 4, 2017 - :cve:`2017-7233` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -817,9 +817,9 @@ Open redirect and possible XSS attack via user-supplied numeric redirect URLs. | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.10 `(patch) <https://github.com/django/django/commit/f824655bc2c50b19d2f202d7640785caabc82787>`__ | * Django 1.10 :commit:`(patch) <f824655bc2c50b19d2f202d7640785caabc82787>` | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/254326cb3682389f55f886804d2c43f7b9f23e4f>`__ | * Django 1.9 :commit:`(patch) <254326cb3682389f55f886804d2c43f7b9f23e4f>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/8339277518c7d8ec280070a780915304654e3b66>`__ | * Django 1.8 :commit:`(patch) <8339277518c7d8ec280070a780915304654e3b66>` | ||||||
|  |  | ||||||
| April 4, 2017 - :cve:`2017-7234` | April 4, 2017 - :cve:`2017-7234` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -830,9 +830,9 @@ description <https://www.djangoproject.com/weblog/2017/apr/04/security-releases/ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.10 `(patch) <https://github.com/django/django/commit/2a9f6ef71b8e23fd267ee2be1be26dde8ab67037>`__ | * Django 1.10 :commit:`(patch) <2a9f6ef71b8e23fd267ee2be1be26dde8ab67037>` | ||||||
| * Django 1.9 `(patch) <https://github.com/django/django/commit/5f1ffb07afc1e59729ce2b283124116d6c0659e4>`__ | * Django 1.9 :commit:`(patch) <5f1ffb07afc1e59729ce2b283124116d6c0659e4>` | ||||||
| * Django 1.8 `(patch) <https://github.com/django/django/commit/4a6b945dffe8d10e7cec107d93e6efaebfbded29>`__ | * Django 1.8 :commit:`(patch) <4a6b945dffe8d10e7cec107d93e6efaebfbded29>` | ||||||
|  |  | ||||||
| September 5, 2017 - :cve:`2017-12794` | September 5, 2017 - :cve:`2017-12794` | ||||||
| ------------------------------------- | ------------------------------------- | ||||||
| @@ -843,8 +843,8 @@ description <https://www.djangoproject.com/weblog/2017/sep/05/security-releases/ | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 1.11 `(patch) <https://github.com/django/django/commit/e35a0c56086924f331e9422daa266e907a4784cc>`__ | * Django 1.11 :commit:`(patch) <e35a0c56086924f331e9422daa266e907a4784cc>` | ||||||
| * Django 1.10 `(patch) <https://github.com/django/django/commit/58e08e80e362db79eb0fd775dc81faad90dca47a>`__ | * Django 1.10 :commit:`(patch) <58e08e80e362db79eb0fd775dc81faad90dca47a>` | ||||||
|  |  | ||||||
| February 1, 2018 - :cve:`2018-6188` | February 1, 2018 - :cve:`2018-6188` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -855,8 +855,8 @@ Information leakage in ``AuthenticationForm``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 2.0 `(patch) <https://github.com/django/django/commit/c37bb28677295f6edda61d8ac461014ef0d3aeb2>`__ | * Django 2.0 :commit:`(patch) <c37bb28677295f6edda61d8ac461014ef0d3aeb2>` | ||||||
| * Django 1.11 `(patch) <https://github.com/django/django/commit/57b95fedad5e0b83fc9c81466b7d1751c6427aae>`__ | * Django 1.11 :commit:`(patch) <57b95fedad5e0b83fc9c81466b7d1751c6427aae>` | ||||||
|  |  | ||||||
| March 6, 2018 - :cve:`2018-7536` | March 6, 2018 - :cve:`2018-7536` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -868,9 +868,9 @@ filters. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 2.0 `(patch) <https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8>`__ | * Django 2.0 :commit:`(patch) <e157315da3ae7005fa0683ffc9751dbeca7306c8>` | ||||||
| * Django 1.11 `(patch) <https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16>`__ | * Django 1.11 :commit:`(patch) <abf89d729f210c692a50e0ad3f75fb6bec6fae16>` | ||||||
| * Django 1.8  `(patch) <https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2>`__ | * Django 1.8  :commit:`(patch) <1ca63a66ef3163149ad822701273e8a1844192c2>` | ||||||
|  |  | ||||||
| March 6, 2018 - :cve:`2018-7537` | March 6, 2018 - :cve:`2018-7537` | ||||||
| -------------------------------- | -------------------------------- | ||||||
| @@ -882,9 +882,9 @@ Denial-of-service possibility in ``truncatechars_html`` and | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 2.0 `(patch) <https://github.com/django/django/commit/94c5da1d17a6b0d378866c66b605102c19f7988c>`__ | * Django 2.0 :commit:`(patch) <94c5da1d17a6b0d378866c66b605102c19f7988c>` | ||||||
| * Django 1.11 `(patch) <https://github.com/django/django/commit/a91436360b79a6ff995c3e5018bcc666dfaf1539>`__ | * Django 1.11 :commit:`(patch) <a91436360b79a6ff995c3e5018bcc666dfaf1539>` | ||||||
| * Django 1.8  `(patch) <https://github.com/django/django/commit/d17974a287a6ea2e361daff88fcc004cbd6835fa>`__ | * Django 1.8  :commit:`(patch) <d17974a287a6ea2e361daff88fcc004cbd6835fa>` | ||||||
|  |  | ||||||
| August 1, 2018 - :cve:`2018-14574` | August 1, 2018 - :cve:`2018-14574` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -895,9 +895,9 @@ Open redirect possibility in ``CommonMiddleware``. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 2.1 `(patch) <https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c>`__ | * Django 2.1 :commit:`(patch) <c4e5ff7fdb5fce447675e90291fd33fddd052b3c>` | ||||||
| * Django 2.0 `(patch) <https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525>`__ | * Django 2.0 :commit:`(patch) <6fffc3c6d420e44f4029d5643f38d00a39b08525>` | ||||||
| * Django 1.11 `(patch) <https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff>`__ | * Django 1.11 :commit:`(patch) <d6eaee092709aad477a9894598496c6deec532ff>` | ||||||
|  |  | ||||||
| October 1, 2018 - :cve:`2018-16984` | October 1, 2018 - :cve:`2018-16984` | ||||||
| ----------------------------------- | ----------------------------------- | ||||||
| @@ -908,7 +908,7 @@ Password hash disclosure to "view only" admin users. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 2.1 `(patch) <https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851>`__ | * Django 2.1 :commit:`(patch) <c4bd5b597e0aa2432e4c867b86650f18af117851>` | ||||||
|  |  | ||||||
| January 4, 2019 - :cve:`2019-3498` | January 4, 2019 - :cve:`2019-3498` | ||||||
| ---------------------------------- | ---------------------------------- | ||||||
| @@ -919,6 +919,6 @@ Content spoofing possibility in the default 404 page. `Full description | |||||||
| Versions affected | Versions affected | ||||||
| ~~~~~~~~~~~~~~~~~ | ~~~~~~~~~~~~~~~~~ | ||||||
|  |  | ||||||
| * Django 2.1 `(patch) <https://github.com/django/django/commit/64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b>`__ | * Django 2.1 :commit:`(patch) <64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b>` | ||||||
| * Django 2.0 `(patch) <https://github.com/django/django/commit/9f4ed7c94c62e21644ef5115e393ac426b886f2e>`__ | * Django 2.0 :commit:`(patch) <9f4ed7c94c62e21644ef5115e393ac426b886f2e>` | ||||||
| * Django 1.11 `(patch) <https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a>`__ | * Django 1.11 :commit:`(patch) <1cd00fcf52d089ef0fe03beabd05d59df8ea052a>` | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user