diff options
author | Carlton Gibson <carlton.gibson@noumenal.es> | 2018-10-01 11:54:31 +0200 |
---|---|---|
committer | Carlton Gibson <carlton.gibson@noumenal.es> | 2018-10-01 15:08:18 +0200 |
commit | bd197d3f927f6d17fc4738366126e06c6a95f366 (patch) | |
tree | 65eb9e0b18c01badca7485cccbf1bb1d90885527 | |
parent | 21ea15d1206425c8735460c9225d5f5855eea4ba (diff) | |
download | django-bd197d3f927f6d17fc4738366126e06c6a95f366.tar.gz |
[1.11.x] Added CVE-2018-16984 to the security release archive.
Backport of 0b3b7c4b0ab2567cfe5df3ac19563d4a59276cb1
and 92ccc3917058b1025b2d657ffdf3c21eb8009f7b from master
-rw-r--r-- | docs/releases/security.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt index f74ec87c7e..9ddef50547 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -898,3 +898,14 @@ Versions affected * Django 2.1 `(patch) <https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c>`__ * Django 2.0 `(patch) <https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525>`__ * Django 1.11 `(patch) <https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff>`__ + +October 1, 2018 - :cve:`2018-16984` +----------------------------------- + +Password hash disclosure to "view only" admin users. `Full description +<https://www.djangoproject.com/weblog/2018/oct/01/security-release/>`__ + +Versions affected +~~~~~~~~~~~~~~~~~ + +* Django 2.1 `(patch) <https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851>`__ |