diff options
author | Tim Graham <timograham@gmail.com> | 2018-02-01 10:14:17 -0500 |
---|---|---|
committer | Tim Graham <timograham@gmail.com> | 2018-03-06 13:09:57 -0500 |
commit | 1bdd9e5f5d991e0ff2baff97f7545d397bc39158 (patch) | |
tree | 9a2b2fa7538bc4bf2809a3ea86dde11aa1f72dcf /docs/releases/security.txt | |
parent | baa1d60eb4522517c1785334c3e0e39507549493 (diff) | |
download | django-1bdd9e5f5d991e0ff2baff97f7545d397bc39158.tar.gz |
[1.8.x] Added CVE-2018-6188 to the security release archive.
Backport of 66119ed64233c3abe586606a9e81a75edc2a6a92 from master
Diffstat (limited to 'docs/releases/security.txt')
-rw-r--r-- | docs/releases/security.txt | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 910e6914c7..357ab39a2f 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -845,3 +845,15 @@ Versions affected * Django 1.11 `(patch) <https://github.com/django/django/commit/e35a0c56086924f331e9422daa266e907a4784cc>`__ * Django 1.10 `(patch) <https://github.com/django/django/commit/58e08e80e362db79eb0fd775dc81faad90dca47a>`__ + +February 1, 2018 - :cve:`2018-6188` +----------------------------------- + +Information leakage in ``AuthenticationForm``. `Full description +<https://www.djangoproject.com/weblog/2018/feb/01/security-releases/>`__ + +Versions affected +~~~~~~~~~~~~~~~~~ + +* Django 2.0 `(patch) <https://github.com/django/django/commit/c37bb28677295f6edda61d8ac461014ef0d3aeb2>`__ +* Django 1.11 `(patch) <https://github.com/django/django/commit/57b95fedad5e0b83fc9c81466b7d1751c6427aae>`__ |