diff options
| author | Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> | 2025-09-03 15:26:45 +0200 |
|---|---|---|
| committer | Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> | 2025-09-03 15:29:23 +0200 |
| commit | 26fc64332c362dd4632a49eef6672b71dfa7a813 (patch) | |
| tree | 63152c8d94026400003a9d9c15fb29264014ebe6 | |
| parent | dc002e5d2dba8611554984c989186a1905a172ce (diff) | |
[5.1.x] Added CVE-2025-57833 to security archive.
Backport of f0c05a40d27d69ef3a7b4e5e0199b5dba5b11feb from main.
| -rw-r--r-- | docs/releases/security.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 353f1a9b96..8e1ab8c58b 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -36,6 +36,17 @@ Issues under Django's security process All security issues have been handled under versions of Django's security process. These are listed below. +September 3, 2025 - :cve:`2025-57833` +------------------------------------- + +Potential SQL injection in FilteredRelation column aliases. +`Full description +<https://www.djangoproject.com/weblog/2025/sep/03/security-releases/>`__ + +* Django 5.2 :commit:`(patch) <4c044fcc866ec226f612c475950b690b0139d243>` +* Django 5.1 :commit:`(patch) <102965ea93072fe3c39a30be437c683ec1106ef5>` +* Django 4.2 :commit:`(patch) <31334e6965ad136a5e369993b01721499c5d1a92>` + June 4, 2025 - :cve:`2025-48432` -------------------------------- |
