django/docs/releases/3.2.16.txt

===========================
Django 3.2.16 release notes
===========================

*October 4, 2022*

Django 3.2.16 fixes a security issue with severity "medium" in 3.2.15.

CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs
===================================================================================

Internationalized URLs were subject to potential denial of service attack via
the locale parameter.
Set date and added stub notes for 4.1.2, 4.0.8, and 3.2.16 releases. 2022-09-27 15:44:39 +08:00			`===========================`
			`Django 3.2.16 release notes`
			`===========================`

			`October 4, 2022`

			`Django 3.2.16 fixes a security issue with severity "medium" in 3.2.15.`

Fixed CVE-2022-41323 -- Prevented locales being interpreted as regular expressions. Thanks to Benjamin Balder Bach for the report. 2022-09-02 16:44:05 +08:00			`CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs`
			`===================================================================================`

			`Internationalized URLs were subject to potential denial of service attack via`
			`the locale parameter.`