mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-02 13:04:24 +00:00
Code Issues32 Releases Wiki Activity

Added CVE-2021-35042 to security archive.

Browse Source
This commit is contained in:
Mariusz Felisiak 2021-07-01 09:57:08 +02:00
parent bcea1a3193
commit 8feb2a49fa
1 changed files with 13 additions and 0 deletions

13
docs/releases/security.txt

@ -36,6 +36,19 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
July 1, 2021 - :cve:`2021-35042`
--------------------------------
Potential SQL injection via unsanitized ``QuerySet.order_by()`` input. `Full
description
<https://www.djangoproject.com/weblog/2021/jul/01/security-releases/>`__
Versions affected
~~~~~~~~~~~~~~~~~
* Django 3.2 :commit:`(patch) <a34a5f724c5d5adb2109374ba3989ebb7b11f81f>`
* Django 3.1 :commit:`(patch) <0bd57a879a0d54920bb9038a732645fb917040e9>`
June 2, 2021 - :cve:`2021-33203` June 2, 2021 - :cve:`2021-33203`
-------------------------------- --------------------------------