mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed typo in release notes.

Browse Source
This commit is contained in:
David Smith
2022-02-02 06:17:57 +00:00
committed by GitHub
parent ca88caa103
commit 770d3e6a4c
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/releases/2.2.27.txt
View File

@@ -12,7 +12,7 @@ CVE-2022-22818: Possible XSS via ``{% debug %}`` template tag
The ``{% debug %}`` template tag didn't properly encode the current context, The ``{% debug %}`` template tag didn't properly encode the current context,
posing an XSS attack vector. posing an XSS attack vector.
In order to avoid this vulnerability, ``{% debug %}`` no longer outputs an In order to avoid this vulnerability, ``{% debug %}`` no longer outputs
information when the ``DEBUG`` setting is ``False``, and it ensures all context information when the ``DEBUG`` setting is ``False``, and it ensures all context
variables are correctly escaped when the ``DEBUG`` setting is ``True``. variables are correctly escaped when the ``DEBUG`` setting is ``True``.

2
docs/releases/3.2.12.txt
View File

@@ -12,7 +12,7 @@ CVE-2022-22818: Possible XSS via ``{% debug %}`` template tag
The ``{% debug %}`` template tag didn't properly encode the current context, The ``{% debug %}`` template tag didn't properly encode the current context,
posing an XSS attack vector. posing an XSS attack vector.
In order to avoid this vulnerability, ``{% debug %}`` no longer outputs an In order to avoid this vulnerability, ``{% debug %}`` no longer outputs
information when the ``DEBUG`` setting is ``False``, and it ensures all context information when the ``DEBUG`` setting is ``False``, and it ensures all context
variables are correctly escaped when the ``DEBUG`` setting is ``True``. variables are correctly escaped when the ``DEBUG`` setting is ``True``.

2
docs/releases/4.0.2.txt
View File

@@ -14,7 +14,7 @@ CVE-2022-22818: Possible XSS via ``{% debug %}`` template tag
The ``{% debug %}`` template tag didn't properly encode the current context, The ``{% debug %}`` template tag didn't properly encode the current context,
posing an XSS attack vector. posing an XSS attack vector.
In order to avoid this vulnerability, ``{% debug %}`` no longer outputs an In order to avoid this vulnerability, ``{% debug %}`` no longer outputs
information when the ``DEBUG`` setting is ``False``, and it ensures all context information when the ``DEBUG`` setting is ``False``, and it ensures all context
variables are correctly escaped when the ``DEBUG`` setting is ``True``. variables are correctly escaped when the ``DEBUG`` setting is ``True``.