summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorNatalia <124304+nessita@users.noreply.github.com>2025-06-04 10:57:51 -0300
committerNatalia <124304+nessita@users.noreply.github.com>2025-06-04 10:58:57 -0300
commitb07f886af713c7d87f1a954560c6b2ff843f379c (patch)
treeae282125e3472070a07c8e89f2188f7fb03c0d1f /docs
parent8d87045d8f312c5d8d9779b54831fabc320a27a3 (diff)
[4.2.x] Added CVE-2025-48432 to security archive.
Backport of 51923c576a596ad00214e44028f9dee9748bce95 from main.
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/security.txt11
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index ddf3d6224a..de8fc96d6b 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security
process. These are listed below.
+June 4, 2025 - :cve:`2025-48432`
+--------------------------------
+
+Potential log injection via unescaped request path.
+`Full description
+<https://www.djangoproject.com/weblog/2025/jun/04/security-releases/>`__
+
+* Django 5.2 :commit:`(patch) <7456aa23dafa149e65e62f95a6550cdb241d55ad>`
+* Django 5.1 :commit:`(patch) <596542ddb46cdabe011322917e1655f0d24eece2>`
+* Django 4.2 :commit:`(patch) <ac03c5e7df8680c61cdb0d3bdb8be9095dba841e>`
+
May 7, 2025 - :cve:`2025-32873`
-------------------------------
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 20:25:00 +0000