diff options
author | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2022-07-04 10:27:14 +0200 |
---|---|---|
committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2022-07-04 10:34:15 +0200 |
commit | 6a830bf90048ba0f1beefb80d02d8a39d57f392d (patch) | |
tree | 206622492a7e6117d08b0b5c05e2c5c0ad14bba8 | |
parent | 90dc60d1a81c0e39cd851ab3e4cf6e471c501b86 (diff) | |
download | django-6a830bf90048ba0f1beefb80d02d8a39d57f392d.tar.gz |
[4.0.x] Added CVE-2022-34265 to security archive.
Backport of d12d7c4c42814736c24731a6a300a79526fc2ef6 from main
-rw-r--r-- | docs/releases/security.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt index b512cc7a7a..2478287668 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -36,6 +36,16 @@ Issues under Django's security process All security issues have been handled under versions of Django's security process. These are listed below. +July 4, 2022 - :cve:`2022-34265` +-------------------------------- + +Potential SQL injection via ``Trunc(kind)`` and ``Extract(lookup_name)`` +arguments. `Full description +<https://www.djangoproject.com/weblog/2022/jul/04/security-releases/>`__ + +* Django 4.0 :commit:`(patch) <0dc9c016fadb71a067e5a42be30164e3f96c0492>` +* Django 3.2 :commit:`(patch) <a9010fe5555e6086a9d9ae50069579400ef0685e>` + April 11, 2022 - :cve:`2022-28346` ---------------------------------- |