[1.6.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths. - django.git

diff options

author	Tim Graham <timograham@gmail.com>	2013-08-27 18:50:11 -0400
committer	Tim Graham <timograham@gmail.com>	2013-09-10 21:03:51 -0400
commit	536cc64240f7f331b805104bfd8cd82c98e44f12 (patch)
tree	e636b91b3c452b2b90a8891753c0ab5dc70d654e /django/__init__.py
parent	ef3604a085ae7b6ce20a84cf27c474b9e316f607 (diff)

[1.6.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.

Thanks Rainer Koirikivi for the report and draft patch. This is a security fix; disclosure to follow shortly. Backport of 7fe5b656c9 from master

Diffstat (limited to 'django/__init__.py')

0 files changed, 0 insertions, 0 deletions