Today the Django team issued 2.1.5, 2.0.10, and 1.11.18 as part of our security process. These releases address a security issue, and we encourage all users to upgrade as soon as possible:
https://www.djangoproject.com/weblog/2019/jan/04/security-releases/ The issue was publicly reported through a GitHub pull request, therefore we fixed the issue as soon as possible without the usual prenotification process ( https://docs.djangoproject.com/en/dev/internals/security/#how-django-discloses-security-issues ). As a reminder, we ask that potential security issues be reported via private email to secur...@djangoproject.com and not via Django's Trac instance, Django's GitHub repositories, or the django-developers list. Please see https://www.djangoproject.com/security for further information. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAD-rxRBEb3zdu_43VEHyy7ntz-Sy4tvUCQzVOGivycMyc%2B2JVg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.