summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorSarah Boyce <42296566+sarahboyce@users.noreply.github.com>2025-09-03 15:26:45 +0200
committerSarah Boyce <42296566+sarahboyce@users.noreply.github.com>2025-09-03 15:30:45 +0200
commit07e5fb9f56ccfc6d315dfeff20bf5ca699ded8db (patch)
treed6a15335a908c9c7d8a4705829ce222f867871c5 /docs
parent5636e82896fa40c1226eb4e18050daf8b777ec8c (diff)
[4.2.x] Added CVE-2025-57833 to security archive.
Backport of f0c05a40d27d69ef3a7b4e5e0199b5dba5b11feb from main.
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/security.txt11
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index e581f1e536..5db902724e 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security
process. These are listed below.
+September 3, 2025 - :cve:`2025-57833`
+-------------------------------------
+
+Potential SQL injection in FilteredRelation column aliases.
+`Full description
+<https://www.djangoproject.com/weblog/2025/sep/03/security-releases/>`__
+
+* Django 5.2 :commit:`(patch) <4c044fcc866ec226f612c475950b690b0139d243>`
+* Django 5.1 :commit:`(patch) <102965ea93072fe3c39a30be437c683ec1106ef5>`
+* Django 4.2 :commit:`(patch) <31334e6965ad136a5e369993b01721499c5d1a92>`
+
June 4, 2025 - :cve:`2025-48432`
--------------------------------
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 20:26:34 +0000