summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorSarah Boyce <42296566+sarahboyce@users.noreply.github.com>2025-09-03 15:26:45 +0200
committerSarah Boyce <42296566+sarahboyce@users.noreply.github.com>2025-09-03 15:26:45 +0200
commitf0c05a40d27d69ef3a7b4e5e0199b5dba5b11feb (patch)
tree5029e8a3e06cba94f569b69bb7b23524c79998b3 /docs
parentab7c7dd99b3ddc489d9f007b273d891973212aa3 (diff)
Added CVE-2025-57833 to security archive.
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/security.txt11
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 46c5dbc49d..b25e2a2135 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security
process. These are listed below.
+September 3, 2025 - :cve:`2025-57833`
+-------------------------------------
+
+Potential SQL injection in FilteredRelation column aliases.
+`Full description
+<https://www.djangoproject.com/weblog/2025/sep/03/security-releases/>`__
+
+* Django 5.2 :commit:`(patch) <4c044fcc866ec226f612c475950b690b0139d243>`
+* Django 5.1 :commit:`(patch) <102965ea93072fe3c39a30be437c683ec1106ef5>`
+* Django 4.2 :commit:`(patch) <31334e6965ad136a5e369993b01721499c5d1a92>`
+
June 4, 2025 - :cve:`2025-48432`
--------------------------------