django.git/tests/utils_tests/test_text.py, branch stable/3.2.x django http://cgit.adnoto.dev/django.git/atom?h=stable%2F3.2.x 2024-03-04T07:37:38Z [3.2.x] Fixed CVE-2024-27351 -- Prevented potential ReDoS in Truncator.words(). 2024-03-04T07:37:38Z Shai Berger shai@platonix.com 2024-02-19T12:56:37Z urn:sha1:072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521 Thanks Seokchan Yoon for the report. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> [3.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 2023-10-04T12:41:12Z Natalia 124304+nessita@users.noreply.github.com 2023-09-19T12:51:48Z urn:sha1:ccdade1a0262537868d7ca64374de3d957ca50c5 Thanks Wenchao Li of Alibaba Group for the report. [3.2.x] Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04T06:43:52Z Florian Apolloner florian@apolloner.eu 2021-04-14T16:23:44Z urn:sha1:c98f446c188596d4ba6de71d1b77b4a6c5c2a007 Refs #27804 -- Used subTest() in tests.utils_tests.test_text. 2020-06-04T09:16:21Z Jon Dufresne jon.dufresne@gmail.com 2020-06-04T09:16:21Z urn:sha1:f47d5aac622c334ebeba06b7460204aeb98661e2 Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores. 2020-05-29T04:47:51Z David Smith smithdc@gmail.com 2020-05-26T21:56:41Z urn:sha1:0382ecfe020b4c51b4c01e4e9a21892771e66941 Added more tests for slugify(). 2020-05-29T04:28:57Z David Smith smithdc@gmail.com 2020-05-26T21:39:03Z urn:sha1:dde05e192c15158cd2ea918ce2ee7a2b9b6ceba6 Capitalized Unicode in docs, strings, and comments. 2020-04-20T10:10:33Z Jon Dufresne jon.dufresne@gmail.com 2020-04-18T14:46:05Z urn:sha1:505fec6badba0622bbf97bb659188c3d62a9bc58 Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ". 2019-12-30T19:47:22Z Sjbrgsn chsnot@gmail.com 2019-12-21T10:45:54Z urn:sha1:b2bd08bb7a912a1504f5fb5018f5317e6b5423cd Thanks Luis Nell for the implementation idea and very detailed report. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> Used more specific unittest assertions in tests. 2019-10-29T11:37:30Z Nick Pope nick.pope@flightdataservices.com 2019-10-21T08:55:05Z urn:sha1:7552de7866dcd270a0f353b007b4aceaa7f3ff3e * assertIsNone()/assertIsNotNone() instead of comparing to None. * assertLess() for < comparisons. * assertIs() for 'is' expressions. * assertIsInstance() for isinstance() expressions. * rounding of assertAlmostEqual() for round() expressions. * assertIs(..., True/False) instead of comparing to True/False. * assertIs()/assertIsNot() for ==/!= comparisons. * assertNotEqual() for == comparisons. * assertTrue()/assertFalse() instead of comparing to True/False. Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. 2019-08-01T07:24:54Z Florian Apolloner florian@apolloner.eu 2019-07-15T09:46:09Z urn:sha1:7f65974f8219729c047fbbf8cd5cc9d80faefe77 Thanks to Guido Vranken for initial report.