April 12, 2020 Alexey Shabalin 2.2.12-alt1
- 2.2.12
- Fixes for the following security vulnerabilities:
+ CVE-2019-19118 Privilege escalation in the Django admin.
+ CVE-2019-19844 Potential account hijack via password reset form
+ CVE-2020-7471 Potential SQL injection via StringAgg(delimiter)
+ CVE-2020-9402 Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle