Django 1.11.5 ºÍ 1.10.8 ÒÑ·¢²¼£¬ÕâÁ½¸ö°æ±¾Ö÷Òª½â¾öÁËһЩ°²È«ÐÔ·½ÃæµÄÎÊÌ⣬¾ßÌåÈçÏ£º
CVE-2017-12794£ºÔÚ 500 µ÷ÊÔÒ³ÃæµÄ×·Ëݲ¿·ÖÖпÉÄܻᵼÖ XSS ¹¥»÷
Ôھɰ汾ÖУ¬500 µ÷ÊÔÒ³ÃæµÄÄ£°å²¿·ÖÖнûÓÃÁË HTML ×Ô¶¯×ª»»¡£ÔÚºÏÊʵÄÇé¿öÏ£¬ÕâÑù»áµ¼Ö¿çÕ¾½Å±¾¹¥»÷¡£Õâ¸ö©¶´Ó¦¸Ã²»»áÓ°Ïì´ó¶àÊýÍøÕ¾£¬ÒòΪÄã²»»áÔÚÉú²ú»·¾³ÖÐÉèÖÃÖÐ DEBUG = True£¬ÕâʹµÃ´ËÒ³Ãæ¿ÉÒÔ·ÃÎÊ¡£
ÊÜÓ°ÏìµÄ°æ±¾£º
Django master development branch
Django 1.11
Django 1.10
¸ù¾Ý¹Ù·½µÄ°æ±¾Ö§³Ö·½°¸£¬ÏÖÔÚÒѲ»ÔÙÖ§³Ö Django 1.9£¬Django 1.8 ²»ÊÜÓ°Ïì¡£
Èí¼þÏêÇ飺https://www.djangoproject.com/weblog/2017/sep/05/security-releases/
ÏÂÔصØÖ·£ºhttps://www.djangoproject.com/download/
À´×Ô:¿ªÔ´ÖйúÉçÇø
