#31895: Decoding an invalid session data crashes.
-------------------------------------+-------------------------------------
Reporter: Matt Hegarty | Owner: felixxm
Type: Bug | Status: closed
Component: contrib.sessions | Version: 3.1
Severity: Release blocker | Resolution: fixed
Keywords: incorrect padding, | Triage Stage: Accepted
badsignature |
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by felixxm):
This can be a duplicate of #31592 (downgrade is not supported).
Moreover, Django 3.0 is in extended support so it doesn't receive bugfixes
anymore (except security fixes). Therefore even if you hit a different
(but similar) issue in Django 3.0 (without any sessions created in Django
3.1+) it will not qualify for a backport based on our
[https://docs.djangoproject.com/en/dev/internals/release-process
/#supported-versions supported versions policy].
--
Ticket URL: <https://code.djangoproject.com/ticket/31895#comment:14>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/072.f10942939826f0e629f992d67e5cf338%40djangoproject.com.
