1
0
mirror of https://github.com/django/django.git synced 2025-10-26 07:06:08 +00:00

[5.0.x] Added CVE-2023-46695 to security archive.

Backport of 7caf262183 from main
This commit is contained in:
Mariusz Felisiak
2023-11-01 08:16:14 +01:00
parent bb71d34551
commit 2d929dd2cc

View File

@@ -36,8 +36,19 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
November 1, 2023 - :cve:`2023-46695`
------------------------------------
Potential denial of service vulnerability in ``UsernameField`` on Windows.
`Full description
<https://www.djangoproject.com/weblog/2023/nov/01/security-releases/>`__
* Django 4.2 :commit:`(patch) <048a9ebb6ea468426cb4e57c71572cbbd975517f>`
* Django 4.1 :commit:`(patch) <4965bfdde2e5a5c883685019e57d123a3368a75e>`
* Django 3.2 :commit:`(patch) <f9a7fb8466a7ba4857eaf930099b5258f3eafb2b>`
October 4, 2023 - :cve:`2023-43665` October 4, 2023 - :cve:`2023-43665`
------------------------------------- -----------------------------------
Denial-of-service possibility in ``django.utils.text.Truncator``. Denial-of-service possibility in ``django.utils.text.Truncator``.
`Full description `Full description