diff options
author | Tim Graham <timograham@gmail.com> | 2019-01-04 09:24:47 -0500 |
---|---|---|
committer | Tim Graham <timograham@gmail.com> | 2019-01-04 09:25:51 -0500 |
commit | 71e8cdb3a4bfd9edd6b2e098591e042ecd875a9a (patch) | |
tree | 096048626cb7671692e161567f553ea1bf6e0001 /docs | |
parent | b4937b70f7edc1dd951cd3d9e75cee04f70665c4 (diff) | |
download | django-71e8cdb3a4bfd9edd6b2e098591e042ecd875a9a.tar.gz |
[1.11.x] Added CVE-2019-3498 to the security release archive.
Backport of 162ae9c9143aa85eb27ea69b446a28973eea4854 from master.
Diffstat (limited to 'docs')
-rw-r--r-- | docs/releases/security.txt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 9ddef50547..6c34c2f1dd 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -909,3 +909,16 @@ Versions affected ~~~~~~~~~~~~~~~~~ * Django 2.1 `(patch) <https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851>`__ + +January 4, 2019 - :cve:`2019-3498` +---------------------------------- + +Content spoofing possibility in the default 404 page. `Full description +<https://www.djangoproject.com/weblog/2019/jan/04/security-releases/>`__ + +Versions affected +~~~~~~~~~~~~~~~~~ + +* Django 2.1 `(patch) <https://github.com/django/django/commit/64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b>`__ +* Django 2.0 `(patch) <https://github.com/django/django/commit/9f4ed7c94c62e21644ef5115e393ac426b886f2e>`__ +* Django 1.11 `(patch) <https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a>`__ |