Hey Francis, with respect to the ModelAdmin.readonly_fields: no, the vulnerability was introduced in 1.7
with respect to the advisory: yes, all projects that make use the template filters in Python code and rely on Django 1.0 to 1.8b1 (including) are vulnerable. Best, /Markus On Monday, March 9, 2015 at 5:24:57 PM UTC+1, Francis Devereux wrote: > > Hi, > > On 9 Mar 2015, at 16:01, Tim Graham <timog...@gmail.com <javascript:>> > wrote: > > > > Today the Django team issued multiple releases -- Django 1.7.6 and 1.8b2 > -- as part of our security process. These releases address a publicly > reported security issue, and we encourage all users to upgrade as soon as > possible. > > Thanks for these fixes. > > Is Django 1.6.x affected vulnerable to these issues? > > Francis > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/c5ab21cd-81df-425b-8d43-103606f54864%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
