Loading docs/releases/security.txt +12 −0 Original line number Diff line number Diff line Loading @@ -692,3 +692,15 @@ Versions affected * Django 1.8 `(patch) <https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991>`__ * Django 1.7 `(patch) <https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172>`__ February 1, 2016 -- CVE-2016-2048 --------------------------------- `CVE-2016-2048 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2048&cid=2>`_: User with "change" but not "add" permission can create objects for ``ModelAdmin``’s with ``save_as=True``. `Full description <https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/>`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.9 `(patch) <https://github.com/django/django/commit/adbca5e4db42542575734b8e5d26961c8ada7265>`__ Loading
docs/releases/security.txt +12 −0 Original line number Diff line number Diff line Loading @@ -692,3 +692,15 @@ Versions affected * Django 1.8 `(patch) <https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991>`__ * Django 1.7 `(patch) <https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172>`__ February 1, 2016 -- CVE-2016-2048 --------------------------------- `CVE-2016-2048 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2048&cid=2>`_: User with "change" but not "add" permission can create objects for ``ModelAdmin``’s with ``save_as=True``. `Full description <https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/>`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.9 `(patch) <https://github.com/django/django/commit/adbca5e4db42542575734b8e5d26961c8ada7265>`__
