Inicio Explorar Axuda
Iniciar sesión
CityApper
/
django
réplica de https://github.com/django/django
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Árbore: e9ed5da3cb
Ramas Etiquetas
django
/
docs
/
releases
/
3.1.6.txt

3.1.6.txt 688 B
Histórico Raw

123456789101112131415161718192021 
  1. ==========================
    2. 

  2. Django 3.1.6 release notes
    3. 

  3. ==========================
    4. 

  4. 

  5. *February 1, 2021*
    6. 

  6. 

  7. Django 3.1.6 fixes a security issue with severity "low" and a bug in 3.1.5.
    8. 

  8. 

  9. CVE-2021-3281: Potential directory-traversal via ``archive.extract()``
    10. 

  10. ======================================================================
    11. 

  11. 

  12. The ``django.utils.archive.extract()`` function, used by
    13. 

  13. :option:`startapp --template` and :option:`startproject --template`, allowed
    14. 

  14. directory-traversal via an archive with absolute paths or relative paths with
    15. 

  15. dot segments.
    16. 

  16. 

  17. Bugfixes
    18. 

  18. ========
    19. 

  19. 

  20. * Fixed an admin layout issue in Django 3.1 where changelist filter controls
    21. 

  21.   would become squashed (:ticket:`32391`).
    22.