diff options
| author | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2025-09-10 09:53:52 +0200 |
|---|---|---|
| committer | Jacob Walls <jacobtylerwalls@gmail.com> | 2025-10-01 08:53:17 -0400 |
| commit | 01d2d770e22bffe53c7f1e611e2bbca94cb8a2e7 (patch) | |
| tree | 739813527954c8026c845abdee4d851fba01ae6b /docs | |
| parent | cbe5042d85fc3f7ab704bb8ff1ff0f55ba1be0eb (diff) | |
[5.1.x] Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB.
Thanks sw0rd1ight for the report.
Follow up to 93cae5cb2f9a4ef1514cf1a41f714fef08005200.
Backport of 41b43c74bda19753c757036673ea9db74acf494a from main.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/4.2.25.txt | 9 | ||||
| -rw-r--r-- | docs/releases/5.1.13.txt | 9 |
2 files changed, 16 insertions, 2 deletions
diff --git a/docs/releases/4.2.25.txt b/docs/releases/4.2.25.txt index 69f238c3c1..5412777055 100644 --- a/docs/releases/4.2.25.txt +++ b/docs/releases/4.2.25.txt @@ -7,4 +7,11 @@ Django 4.2.25 release notes Django 4.2.25 fixes one security issue with severity "high" and one security issue with severity "low" in 4.2.24. -... +CVE-2025-59681: Potential SQL injection in ``QuerySet.annotate()``, ``alias()``, ``aggregate()``, and ``extra()`` on MySQL and MariaDB +====================================================================================================================================== + +:meth:`.QuerySet.annotate`, :meth:`~.QuerySet.alias`, +:meth:`~.QuerySet.aggregate`, and :meth:`~.QuerySet.extra` methods were subject +to SQL injection in column aliases, using a suitably crafted dictionary, with +dictionary expansion, as the ``**kwargs`` passed to these methods (follow up to +:cve:`2022-28346`). diff --git a/docs/releases/5.1.13.txt b/docs/releases/5.1.13.txt index a181694be2..96b81c0102 100644 --- a/docs/releases/5.1.13.txt +++ b/docs/releases/5.1.13.txt @@ -7,4 +7,11 @@ Django 5.1.13 release notes Django 5.1.13 fixes one security issue with severity "high" and one security issue with severity "low" in 5.1.12. -... +CVE-2025-59681: Potential SQL injection in ``QuerySet.annotate()``, ``alias()``, ``aggregate()``, and ``extra()`` on MySQL and MariaDB +====================================================================================================================================== + +:meth:`.QuerySet.annotate`, :meth:`~.QuerySet.alias`, +:meth:`~.QuerySet.aggregate`, and :meth:`~.QuerySet.extra` methods were subject +to SQL injection in column aliases, using a suitably crafted dictionary, with +dictionary expansion, as the ``**kwargs`` passed to these methods (follow up to +:cve:`2022-28346`). |