Hey Francis, with respect to the ModelAdmin.readonly_fields: no, the vulnerability was introduced in 1.7
with respect to the advisory: yes, all projects that make use the template filters in Python code and rely on Django 1.0 to 1.8b1 (including) are vulnerable. Best, /Markus On Monday, March 9, 2015 at 5:24:57 PM UTC+1, Francis Devereux wrote: > > Hi, > > On 9 Mar 2015, at 16:01, Tim Graham <[email protected] <javascript:>> > wrote: > > > > Today the Django team issued multiple releases -- Django 1.7.6 and 1.8b2 > -- as part of our security process. These releases address a publicly > reported security issue, and we encourage all users to upgrade as soon as > possible. > > Thanks for these fixes. > > Is Django 1.6.x affected vulnerable to these issues? > > Francis > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/c5ab21cd-81df-425b-8d43-103606f54864%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
