summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSarah Boyce <42296566+sarahboyce@users.noreply.github.com>2025-06-10 12:37:46 +0200
committerSarah Boyce <42296566+sarahboyce@users.noreply.github.com>2025-06-10 15:15:14 +0200
commit97c753741a1d2fba55ad83ad208df55f05d20952 (patch)
tree969cc34f9b6e854ee4add5ff3ef2530bf7265ad8
parent353a6af6d971821e6cf27a19fb034d50177b846c (diff)
[5.1.x] Added follow-up to CVE-2025-48432 to security archive.
Backport of 2714bc3f2c8675d32caae764c874ac381c836c7f from main.
-rw-r--r--docs/releases/security.txt8
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index e676a965bd..353f1a9b96 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -47,6 +47,14 @@ Potential log injection via unescaped request path.
* Django 5.1 :commit:`(patch) <596542ddb46cdabe011322917e1655f0d24eece2>`
* Django 4.2 :commit:`(patch) <ac03c5e7df8680c61cdb0d3bdb8be9095dba841e>`
+There was an additional hardening with new patch releases published on June 10,
+2025. `Full description
+<https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/>`__
+
+* Django 5.2.3 :commit:`(patch) <8fcc83953c350e158a484bf1da0aa1b79b69bb07>`
+* Django 5.1.11 :commit:`(patch) <31f4bd31fa16f7f5302f65b9b8b7a49b69a7c4a6>`
+* Django 4.2.23 :commit:`(patch) <b597d46bb19c8567615e62029210dab16c70db7d>`
+
May 7, 2025 - :cve:`2025-32873`
-------------------------------