July 13, 2021 Alexey Shabalin 2.2.24-alt1
- new version 2.2.24
- Fixes for the following security vulnerabilities:
+ CVE-2021-28658 Potential directory-traversal via uploaded files
+ CVE-2021-31542 Potential directory-traversal via uploaded files
+ CVE-2021-32052 Header injection possibility since URLValidator accepted newlines in input on Python 3.9.5+
+ CVE-2021-33203 Potential directory traversal via admindocs
+ CVE-2021-33571 Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses