mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-26 07:06:08 +00:00
Code Issues 32 Releases Wiki Activity

[3.2.x] Added CVE-2021-31542 to security archive.

Browse Source 
Backport of 607ebbfba9 and
62b2e8b37e from main
This commit is contained in:
Carlton Gibson
2021-05-04 11:06:07 +02:00
parent 04d8ed3660
commit df801dde33
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/releases/security.txt
View File

@@ -36,6 +36,19 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security
process. These are listed below.
May 4, 2021 - :cve:`2021-31542`
-------------------------------
Potential directory-traversal via uploaded files. `Full description
<https://www.djangoproject.com/weblog/2021/may/04/security-releases/>`__
Versions affected
~~~~~~~~~~~~~~~~~
* Django 3.2 :commit:`(patch) <c98f446c188596d4ba6de71d1b77b4a6c5c2a007>`
* Django 3.1 :commit:`(patch) <25d84d64122c15050a0ee739e859f22ddab5ac48>`
* Django 2.2 :commit:`(patch) <04ac1624bdc2fa737188401757cf95ced122d26d>`
April 6, 2021 - :cve:`2021-28658`
---------------------------------