Fix line breaking in quote
This commit is contained in:
parent
ff1f7b46fe
commit
d64fbcb230
GPG key ID:
57AFB45680EDD477
1 changed files with 2 additions and 3 deletions
|
|
@ -99,9 +99,8 @@ Now this isn't a bash on PostgreSQL, what they're doing is definitely correct, a
|
||||||
|
|
||||||
Back on topic, CVE-2019-19844. As I said, the patch to Django was in 2 parts: Fixing unicode comparisons, and fixing user input.
|
Back on topic, CVE-2019-19844. As I said, the patch to Django was in 2 parts: Fixing unicode comparisons, and fixing user input.
|
||||||
|
|
||||||
> 1. After retrieving a list of potentially-matching accounts from the database, Django's password reset functionality now also checks the email address for equivalence in Python, using the recommended identifier-comparison process from
|
> 1. After retrieving a list of potentially-matching accounts from the database, Django's password reset functionality now also checks the email address for equivalence in Python, using the recommended identifier-comparison process from Unicode Technical Report 36, section 2.11.2(B)(2).
|
||||||
> 2. Unicode Technical Report 36, section 2.11.2(B)(2).
|
> 2. When generating password-reset emails, Django now sends to the email address retrieved from the database, rather than the email address submitted in the password-reset request form.
|
||||||
When generating password-reset emails, Django now sends to the email address retrieved from the database, rather than the email address submitted in the password-reset request form.
|
|
||||||
|
|
||||||
The exact patch can be seen [on GitHub](https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70), and the split can be seen quite nicely.
|
The exact patch can be seen [on GitHub](https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70), and the split can be seen quite nicely.
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue