mirror of
https://github.com/django/django.git
synced 2024-12-22 09:05:43 +00:00
Forwardported release notes for CVE-2021-35042.
This commit is contained in:
parent
62988afbea
commit
dae83a2451
@ -6,4 +6,16 @@ Django 3.1.13 release notes
|
||||
|
||||
Django 3.1.13 fixes a security issues with severity "high" in 3.1.12.
|
||||
|
||||
...
|
||||
CVE-2021-35042: Potential SQL injection via unsanitized ``QuerySet.order_by()`` input
|
||||
=====================================================================================
|
||||
|
||||
Unsanitized user input passed to ``QuerySet.order_by()`` could bypass intended
|
||||
column reference validation in path marked for deprecation resulting in a
|
||||
potential SQL injection even if a deprecation warning is emitted.
|
||||
|
||||
As a mitigation the strict column reference validation was restored for the
|
||||
duration of the deprecation period. This regression appeared in 3.1 as a side
|
||||
effect of fixing :ticket:`31426`.
|
||||
|
||||
The issue is not present in the main branch as the deprecated path has been
|
||||
removed.
|
||||
|
@ -4,8 +4,22 @@ Django 3.2.5 release notes
|
||||
|
||||
*July 1, 2021*
|
||||
|
||||
Django 3.2.5 fixes several bugs in 3.2.4. Also, the latest string translations
|
||||
from Transifex are incorporated.
|
||||
Django 3.2.5 fixes a security issue with severity "high" and several bugs in
|
||||
3.2.4. Also, the latest string translations from Transifex are incorporated.
|
||||
|
||||
CVE-2021-35042: Potential SQL injection via unsanitized ``QuerySet.order_by()`` input
|
||||
=====================================================================================
|
||||
|
||||
Unsanitized user input passed to ``QuerySet.order_by()`` could bypass intended
|
||||
column reference validation in path marked for deprecation resulting in a
|
||||
potential SQL injection even if a deprecation warning is emitted.
|
||||
|
||||
As a mitigation the strict column reference validation was restored for the
|
||||
duration of the deprecation period. This regression appeared in 3.1 as a side
|
||||
effect of fixing :ticket:`31426`.
|
||||
|
||||
The issue is not present in the main branch as the deprecated path has been
|
||||
removed.
|
||||
|
||||
Bugfixes
|
||||
========
|
||||
|
Loading…
Reference in New Issue
Block a user