django.git/tests/utils_tests/test_html.py, branch 5.1.14 django http://cgit.adnoto.dev/django.git/atom?h=5.1.14 2025-08-13T20:49:04Z [5.1.x] Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. 2025-08-13T20:49:04Z Natalia 124304+nessita@users.noreply.github.com 2025-07-14T17:45:03Z urn:sha1:09801786df0f413e990a378f4603c8aeb16968cc Python fixed a quadratic complexity processing for HTMLParser in: https://github.com/python/cpython/commit/6eb6c5db. Backport of 2980627502c84a9fd09272e1349dc574a2ff1fb1 from main. [5.1.x] Fixed CVE-2025-32873 -- Mitigated potential DoS in strip_tags(). 2025-05-07T01:31:16Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2025-04-08T14:30:17Z urn:sha1:0b42f6a528df966729b24ecaaed67f85e5edc3dc Thanks to Elias Myllymäki for the report, and Shai Berger and Jake Howard for the reviews. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> Backport of 9f3419b519799d69f2aba70b9d25abe2e70d03e0 from main. [5.1.x] Fixed CVE-2024-53907 -- Mitigated potential DoS in strip_tags(). 2024-12-04T12:47:21Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-11-13T14:06:23Z urn:sha1:bbc74a7f7eb7335e913bdb4787f22e83a9be947e Thanks to jiangniao for the report, and Shai Berger and Natalia Bidart for the reviews. [5.1.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-09-03T12:24:13Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-08-12T13:17:57Z urn:sha1:022ab0a75c76ab2ea31dfcc5f2cf5501e378d397 Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. [5.1.x] Refs #34609 -- Fixed deprecation warning stack level in format_html(). 2024-08-27T18:17:47Z Adam Johnson me@adamj.eu 2024-08-27T18:14:50Z urn:sha1:03e0ab5c64d4bc09c6932268b29efcc789a0f7af Co-authored-by: Simon Charette <charette.s@gmail.com> Backport of 2b71b2c8dcd40f2604310bb3914077320035b399 from main. [5.1.x] Fixed CVE-2024-41991 -- Prevented potential ReDoS in django.utils.html.urlize() and AdminURLFieldWidget. 2024-08-06T06:51:22Z Mariusz Felisiak felisiak.mariusz@gmail.com 2024-07-10T18:30:12Z urn:sha1:bd807c0c25ab69361a4c08edcc1cf04d4652aa0a Thanks Seokchan Yoon for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> [5.1.x] Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-08-06T06:51:22Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2024-07-18T11:19:34Z urn:sha1:0c1a8909164d8f2846322efb1143b72ad1616bd8 Thanks to MProgrammer for the report. [5.1.x] Fixed CVE-2024-38875 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 2024-07-09T12:42:12Z Adam Johnson me@adamj.eu 2024-06-24T13:30:59Z urn:sha1:44aef996c8d723198e89ca834cb1d746e2e72d77 Thank you to Elias Myllymäki for the report. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Fixed #34609 -- Deprecated calling format_html() without arguments. 2023-06-06T12:14:57Z devilsautumn bhuvnesh875@gmail.com 2023-06-06T08:56:53Z urn:sha1:094b0bea2ce76db9d3dc06c384d4ac3b22705810 Fixed #33779 -- Allowed customizing encoder class in django.utils.html.json_script(). 2022-06-28T08:54:38Z Hrushikesh Vaidya hrushikeshrv@gmail.com 2022-06-23T08:50:20Z urn:sha1:72e41a0df6db23410135364223eeda83ac2a8b27