p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added CVE-2023-46695 to security archive.

This commit is contained in:
Mariusz Felisiak 2023-11-01 08:16:14 +01:00
parent 05ba4130ee
commit 7caf262183
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/releases/security.txt
View File

@ -36,8 +36,19 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
November 1, 2023 - :cve:`2023-46695`
------------------------------------
Potential denial of service vulnerability in ``UsernameField`` on Windows.
`Full description
<https://www.djangoproject.com/weblog/2023/nov/01/security-releases/>`__
* Django 4.2 :commit:`(patch) <048a9ebb6ea468426cb4e57c71572cbbd975517f>`
* Django 4.1 :commit:`(patch) <4965bfdde2e5a5c883685019e57d123a3368a75e>`
* Django 3.2 :commit:`(patch) <f9a7fb8466a7ba4857eaf930099b5258f3eafb2b>`
October 4, 2023 - :cve:`2023-43665` October 4, 2023 - :cve:`2023-43665`
------------------------------------- -----------------------------------
Denial-of-service possibility in ``django.utils.text.Truncator``. Denial-of-service possibility in ``django.utils.text.Truncator``.
`Full description `Full description