angler-fishThe Vulnerability History Project

[3.0.x] Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter.
by Hunter the Chinook 2019-12-31 17:46:06 UTC
commit 505826b469b16ab36693360da9e11fd13213421b
Django Fix DeLimiting My Access CVE-2020-7471
django/contrib/postgres/aggregates/general.py
+2 -4
django/contrib/postgres/aggregates/mixins.py
+2 -2
docs/releases/1.11.28.txt
-13
docs/releases/2.2.10.txt
-13
docs/releases/3.0.3.txt
+1 -7
docs/releases/index.txt
-2
tests/postgres_tests/test_aggregates.py
-4
expand_less