mirror of
				https://github.com/django/django.git
				synced 2025-10-24 22:26:08 +00:00 
			
		
		
		
	Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
This commit is contained in:
		| @@ -5,3 +5,14 @@ Django 3.2.14 release notes | ||||
| *July 4, 2022* | ||||
|  | ||||
| Django 3.2.14 fixes a security issue with severity "high" in 3.2.13. | ||||
|  | ||||
| CVE-2022-34265: Potential SQL injection via ``Trunc(kind)`` and ``Extract(lookup_name)`` arguments | ||||
| ================================================================================================== | ||||
|  | ||||
| :class:`Trunc() <django.db.models.functions.Trunc>` and | ||||
| :class:`Extract() <django.db.models.functions.Extract>` database functions were | ||||
| subject to SQL injection if untrusted data was used as a | ||||
| ``kind``/``lookup_name`` value. | ||||
|  | ||||
| Applications that constrain the lookup name and kind choice to a known safe | ||||
| list are unaffected. | ||||
|   | ||||
| @@ -6,7 +6,13 @@ Django 4.0.6 release notes | ||||
|  | ||||
| Django 4.0.6 fixes a security issue with severity "high" in 4.0.5. | ||||
|  | ||||
| Bugfixes | ||||
| ======== | ||||
| CVE-2022-34265: Potential SQL injection via ``Trunc(kind)`` and ``Extract(lookup_name)`` arguments | ||||
| ================================================================================================== | ||||
|  | ||||
| * ... | ||||
| :class:`Trunc() <django.db.models.functions.Trunc>` and | ||||
| :class:`Extract() <django.db.models.functions.Extract>` database functions were | ||||
| subject to SQL injection if untrusted data was used as a | ||||
| ``kind``/``lookup_name`` value. | ||||
|  | ||||
| Applications that constrain the lookup name and kind choice to a known safe | ||||
| list are unaffected. | ||||
|   | ||||
		Reference in New Issue
	
	Block a user