Hi Chris,
On Tue, Dec 03, 2019 at 09:25:42PM +0100, Chris Lamb wrote:
> Dear Salvatore,
>
> > > Security team, would you like an upload for stable?
> >
> > As far I can see this issue has been introduced around 2.1 where the
> > search support for view permissions and a read-only admin support
Dear Salvatore,
> > Security team, would you like an upload for stable?
>
> As far I can see this issue has been introduced around 2.1 where the
> search support for view permissions and a read-only admin support was
> added. […]
Upon further inspection that is my reading too. I was being
Hi Chris,
On Mon, Dec 02, 2019 at 09:30:49PM +0100, Chris Lamb wrote:
> Chris Lamb wrote:
>
> > Package: python-django
> > Version: 1.7.11-1+deb8u7
> […]
> > CVE-2019-19118[0]:
> > | Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model
> > | editing. A Django model admin
Chris Lamb wrote:
> Package: python-django
> Version: 1.7.11-1+deb8u7
[…]
> CVE-2019-19118[0]:
> | Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model
> | editing. A Django model admin displaying inline related models, where
> | the user has view-only permissions to a parent
Package: python-django
Version: 1.7.11-1+deb8u7
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for python-django.
CVE-2019-19118[0]:
| Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model
| editing. A Django
5 matches
Mail list logo
