django.git/tests/utils_tests/test_html.py, branch 4.2.28 django http://cgit.adnoto.dev/django.git/atom?h=4.2.28 2026-01-29T12:24:41Z [4.2.x] Refs #36499 -- Adjusted test_strip_tags to run on Python 3.8. 2026-01-29T12:24:41Z Jacob Walls jacobtylerwalls@gmail.com 2026-01-28T21:36:20Z urn:sha1:a28c3c739564ccc2aabc7b20211f54d838c7b582 [4.2.x] Refs #36499 -- Adjusted test_strip_tags following Python behavior change for incomplete entities. 2026-01-22T18:43:19Z Jacob Walls jacobtylerwalls@gmail.com 2025-12-11T13:44:19Z urn:sha1:7b3e75f73186381a9ec1e7de64e8389aae2e3435 Backport of 7b80b2186300620931009fd62c2969f108fe7a62 from main. [4.2.x] Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. 2025-08-13T20:49:51Z Natalia 124304+nessita@users.noreply.github.com 2025-07-14T17:45:03Z urn:sha1:c3f98718976820da5123169027612324d09a89d6 Python fixed a quadratic complexity processing for HTMLParser in: https://github.com/python/cpython/commit/6eb6c5db. Backport of 2980627502c84a9fd09272e1349dc574a2ff1fb1 from main. [4.2.x] Fixed CVE-2025-32873 -- Mitigated potential DoS in strip_tags(). 2025-05-07T01:36:15Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2025-04-08T14:30:17Z urn:sha1:9cd8028f3e38dca8e51c1388f474eecbe7d6ca3c Thanks to Elias Myllymäki for the report, and Shai Berger and Jake Howard for the reviews. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> Backport of 9f3419b519799d69f2aba70b9d25abe2e70d03e0 from main. [4.2.x] Fixed CVE-2024-53907 -- Mitigated potential DoS in strip_tags(). 2024-12-04T13:32:08Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-11-13T14:06:23Z urn:sha1:790eb058b0716c536a2f2e8d1c6d5079d776c22b Thanks to jiangniao for the report, and Shai Berger and Natalia Bidart for the reviews. [4.2.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-09-03T12:42:15Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-08-12T13:17:57Z urn:sha1:d147a8ebbdf28c17cafbbe2884f0bc57e2bf82e2 Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. [4.2.x] Fixed CVE-2024-41991 -- Prevented potential ReDoS in django.utils.html.urlize() and AdminURLFieldWidget. 2024-07-31T14:12:23Z Mariusz Felisiak felisiak.mariusz@gmail.com 2024-07-10T18:30:12Z urn:sha1:efea1ef7e2190e3f77ca0651b5458297bc0f6a9f Thanks Seokchan Yoon for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> [4.2.x] Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-07-31T14:12:11Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-07-18T11:19:34Z urn:sha1:d0a82e26a74940bf0c78204933c3bdd6a283eb88 Thanks to MProgrammer for the report. [4.2.x] Fixed CVE-2024-38875 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-07-09T13:40:37Z Adam Johnson me@adamj.eu 2024-06-24T13:30:59Z urn:sha1:79f368764295df109a37192f6182fb6f361d85b5 Thank you to Elias Myllymäki for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script(). 2022-06-28T08:54:38Z Hrushikesh Vaidya hrushikeshrv@gmail.com 2022-06-23T08:50:20Z urn:sha1:72e41a0df6db23410135364223eeda83ac2a8b27