mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-04-08 23:46:43 +00:00
Code Issues 32 Releases Wiki Activity

[4.1.x] Added CVE-2022-36359 to security archive.

Browse Source 
Backport of 57c7220280db19dc9dda0910b90cf1ceac50c66f from main
This commit is contained in:
Carlton Gibson 2022-08-03 09:09:48 +02:00
parent 46916665f9
commit c721b569a2
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/releases/security.txt
View File

@ -36,6 +36,16 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security
process. These are listed below.
August 3, 2022 - :cve:`2022-36359`
----------------------------------
Potential reflected file download vulnerability in FileResponse. `Full
description
<https://www.djangoproject.com/weblog/2022/aug/03/security-releases/>`__
* Django 4.0 :commit:`(patch) <b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3>`
* Django 3.2 :commit:`(patch) <b3e4494d759202a3b6bf247fd34455bf13be5b80>`
July 4, 2022 - :cve:`2022-34265`
--------------------------------