diff options
Diffstat (limited to 'docs/releases/3.1.13.txt')
| -rw-r--r-- | docs/releases/3.1.13.txt | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/docs/releases/3.1.13.txt b/docs/releases/3.1.13.txt index 9f5b2b38cd..af8ccec535 100644 --- a/docs/releases/3.1.13.txt +++ b/docs/releases/3.1.13.txt @@ -6,4 +6,16 @@ Django 3.1.13 release notes Django 3.1.13 fixes a security issues with severity "high" in 3.1.12. -... +CVE-2021-35042: Potential SQL injection via unsanitized ``QuerySet.order_by()`` input +===================================================================================== + +Unsanitized user input passed to ``QuerySet.order_by()`` could bypass intended +column reference validation in path marked for deprecation resulting in a +potential SQL injection even if a deprecation warning is emitted. + +As a mitigation the strict column reference validation was restored for the +duration of the deprecation period. This regression appeared in 3.1 as a side +effect of fixing :ticket:`31426`. + +The issue is not present in the main branch as the deprecated path has been +removed. |