Added 2017-12794 to the security release archive.

author: Tim Graham <timograham@gmail.com> 2017-09-05 12:09:44 -0400
committer: Tim Graham <timograham@gmail.com> 2017-09-05 12:09:44 -0400
commit: 79ae5811c7b06b6462f9411b6665241a4e98bedb (patch)
tree: 816459e5bf8af19e07e9377328244f881ad22632 /docs/releases/security.txt
parent: 46e2b9e059e617afe6fe56da9f132568a7e6b198 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 0e92d6a185..910e6914c7 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -833,3 +833,15 @@ Versions affected
 * Django 1.10 `(patch) <https://github.com/django/django/commit/2a9f6ef71b8e23fd267ee2be1be26dde8ab67037>`__
 * Django 1.9 `(patch) <https://github.com/django/django/commit/5f1ffb07afc1e59729ce2b283124116d6c0659e4>`__
 * Django 1.8 `(patch) <https://github.com/django/django/commit/4a6b945dffe8d10e7cec107d93e6efaebfbded29>`__
+
+September 5, 2017 - :cve:`2017-12794`
+-------------------------------------
+
+Possible XSS in traceback section of technical 500 debug page. `Full
+description <https://www.djangoproject.com/weblog/2017/sep/05/security-releases/>`__
+
+Versions affected
+~~~~~~~~~~~~~~~~~
+
+* Django 1.11 `(patch) <https://github.com/django/django/commit/e35a0c56086924f331e9422daa266e907a4784cc>`__
+* Django 1.10 `(patch) <https://github.com/django/django/commit/58e08e80e362db79eb0fd775dc81faad90dca47a>`__
author	Tim Graham <timograham@gmail.com>	2017-09-05 12:09:44 -0400
committer	Tim Graham <timograham@gmail.com>	2017-09-05 12:09:44 -0400
commit	79ae5811c7b06b6462f9411b6665241a4e98bedb (patch)
tree	816459e5bf8af19e07e9377328244f881ad22632 /docs/releases/security.txt
parent	46e2b9e059e617afe6fe56da9f132568a7e6b198 (diff)