[6.0.x] Fixed CVE-2026-1207 -- Prevented SQL injections in RasterField lookups via band index. - django.git

diff options

author	Jacob Walls <jacobtylerwalls@gmail.com>	2026-01-19 15:42:33 -0500
committer	Jacob Walls <jacobtylerwalls@gmail.com>	2026-02-03 08:01:15 -0500
commit	8f77e7301174834573614ae90e1826fdf27f8a24 (patch)
tree	3db431f61e0b3a6c9f86df5836073b37a0d4f210 /django/db/models/sql/compiler.py
parent	972dbdd4f7f69e9c405e6fe12a1b90e4713c1611 (diff)

[6.0.x] Fixed CVE-2026-1207 -- Prevented SQL injections in RasterField lookups via band index.

Thanks Tarek Nakkouch for the report, and Simon Charette for the initial triage and review. Backport of 81aa5292967cd09319c45fe2c1a525ce7b6684d8 from main.

Diffstat (limited to 'django/db/models/sql/compiler.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: