1
0
mirror of https://github.com/django/django.git synced 2024-12-22 09:05:43 +00:00

Refs #32718 -- Corrected CVE-2021-31542 release notes.

This commit is contained in:
Mariusz Felisiak 2021-05-12 10:42:01 +02:00 committed by GitHub
parent e6406853c3
commit d1f1417cae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 6 deletions

View File

@ -13,5 +13,4 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.

View File

@ -13,5 +13,4 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.

View File

@ -13,8 +13,7 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.
Bugfixes
========