mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-30 17:16:10 +00:00
Code Issues 32 Releases Wiki Activity

Refs #32718 -- Corrected CVE-2021-31542 release notes.

Browse Source
This commit is contained in:
Mariusz Felisiak
2021-05-12 10:42:01 +02:00
committed by GitHub
parent e6406853c3
commit d1f1417cae
3 changed files with 3 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/releases/2.2.21.txt
View File

@@ -13,5 +13,4 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.

3
docs/releases/3.1.9.txt
View File

@@ -13,5 +13,4 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.

3
docs/releases/3.2.1.txt
View File

@@ -13,8 +13,7 @@ CVE-2021-31542: Potential directory-traversal via uploaded files
directory-traversal via uploaded files with suitably crafted file names.
In order to mitigate this risk, stricter basename and path sanitation is now
applied. Specifically, empty file names and paths with dot segments will be
rejected.
applied.
Bugfixes
========