mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-07 07:15:35 +00:00
Code Issues 32 Releases Wiki Activity
33,996 Commits 30 Branches 463 Tags
348ca845385beaddc7c862ff8ec369f041a5088d
Commit Graph

3 Commits

Author SHA1 Message Date
Sarah Boyce
924a0c092e Fixed CVE-2025-59682 -- Fixed potential partial directory-traversal via archive.extract(). 
Thanks stackered for the report.

Follow up to 05413afa8c.
 2025-10-01 08:12:07 -04:00
Mariusz Felisiak
41b43c74bd Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB. 
Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f.
 2025-10-01 08:11:45 -04:00
Mariusz Felisiak
00174507f8 Added stub release notes and release date for 5.2.7, 5.1.13, and 4.2.25. 2025-09-24 11:39:07 -04:00