django.git/tests/utils_tests/test_html.py, branch 4.2.15 django http://cgit.adnoto.dev/django.git/atom?h=4.2.15 2024-07-31T14:12:23Z [4.2.x] Fixed CVE-2024-41991 -- Prevented potential ReDoS in django.utils.html.urlize() and AdminURLFieldWidget. 2024-07-31T14:12:23Z Mariusz Felisiak felisiak.mariusz@gmail.com 2024-07-10T18:30:12Z urn:sha1:efea1ef7e2190e3f77ca0651b5458297bc0f6a9f Thanks Seokchan Yoon for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> [4.2.x] Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-07-31T14:12:11Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-07-18T11:19:34Z urn:sha1:d0a82e26a74940bf0c78204933c3bdd6a283eb88 Thanks to MProgrammer for the report. [4.2.x] Fixed CVE-2024-38875 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-07-09T13:40:37Z Adam Johnson me@adamj.eu 2024-06-24T13:30:59Z urn:sha1:79f368764295df109a37192f6182fb6f361d85b5 Thank you to Elias Myllymäki for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script(). 2022-06-28T08:54:38Z Hrushikesh Vaidya hrushikeshrv@gmail.com 2022-06-23T08:50:20Z urn:sha1:72e41a0df6db23410135364223eeda83ac2a8b27 Rewrote strip_tags test file to lorem ipsum. 2022-03-08T13:50:06Z Adam Johnson me@adamj.eu 2022-03-06T10:08:05Z urn:sha1:a45f28f0ecd830c4e5683d46d6b454861ba912b3 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07T19:37:05Z Mariusz Felisiak felisiak.mariusz@gmail.com 2022-02-04T07:08:27Z urn:sha1:7119f40c9881666b6f9b5cf7df09ee1d21cc8344 Refs #33476 -- Reformatted code with Black. 2022-02-07T19:37:05Z django-bot ops@djangoproject.com 2022-02-03T19:24:19Z urn:sha1:9c19aff7c7561e3a82978a272ecdaad40dda5c00 Fixed #33302 -- Made element_id optional argument for json_script template filter. 2021-11-22T10:52:19Z Baptiste Mispelon bmispelon@gmail.com 2021-11-19T15:52:57Z urn:sha1:e6e664a71130ee74d2c4c6800e4131f132709997 Added versionchanged note in documentation Fixed #32866 -- Fixed trimming trailing punctuation from escaped string in urlize(). 2021-07-07T09:19:33Z Shipeng Feng fsp261@gmail.com 2021-07-07T09:19:33Z urn:sha1:68cc04887b3c5b7ce8f28eaae5de266db99ca9a6 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. 2019-08-01T07:24:54Z Florian Apolloner florian@apolloner.eu 2019-07-15T10:00:06Z urn:sha1:4b78420d250df5e21763633871e486ee76728cc4 Thanks to Guido Vranken for initial report.