1
0
mirror of https://github.com/django/django.git synced 2024-12-25 10:35:48 +00:00
Commit Graph

5 Commits

Author SHA1 Message Date
Carlton Gibson
155e06a50b Corrected merge error in release notes. 2022-01-04 10:50:23 +01:00
Florian Apolloner
6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner
761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Florian Apolloner
968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Carlton Gibson
b13d920b7b Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases. 2021-12-28 08:47:33 +01:00