diff options
| author | Adam Johnson <me@adamj.eu> | 2024-01-22 13:21:13 +0000 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2024-02-06 09:13:21 -0300 |
| commit | 16a8fe18a3b81250f4fa57e3f93f0599dc4895bc (patch) | |
| tree | e44193d8d7e7d1e64414f39bbe46de315c88c14c /docs | |
| parent | 2cfa3fba0c8c5f3cf5daf23fd5333902a34fea86 (diff) | |
[5.0.x] Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.
Thanks Seokchan Yoon for the report.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Shai Berger <shai@platonix.com>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/3.2.24.txt | 6 | ||||
| -rw-r--r-- | docs/releases/4.2.10.txt | 6 | ||||
| -rw-r--r-- | docs/releases/5.0.2.txt | 6 |
3 files changed, 16 insertions, 2 deletions
diff --git a/docs/releases/3.2.24.txt b/docs/releases/3.2.24.txt index 1ab7024f73..67be0f65d1 100644 --- a/docs/releases/3.2.24.txt +++ b/docs/releases/3.2.24.txt @@ -6,4 +6,8 @@ Django 3.2.24 release notes Django 3.2.24 fixes a security issue with severity "moderate" in 3.2.23. -... +CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter +=========================================================================== + +The ``intcomma`` template filter was subject to a potential denial-of-service +attack when used with very long strings. diff --git a/docs/releases/4.2.10.txt b/docs/releases/4.2.10.txt index c039f6840f..7cdfa69814 100644 --- a/docs/releases/4.2.10.txt +++ b/docs/releases/4.2.10.txt @@ -6,4 +6,8 @@ Django 4.2.10 release notes Django 4.2.10 fixes a security issue with severity "moderate" in 4.2.9. -... +CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter +=========================================================================== + +The ``intcomma`` template filter was subject to a potential denial-of-service +attack when used with very long strings. diff --git a/docs/releases/5.0.2.txt b/docs/releases/5.0.2.txt index 6312dee312..1da6dc02d9 100644 --- a/docs/releases/5.0.2.txt +++ b/docs/releases/5.0.2.txt @@ -7,6 +7,12 @@ Django 5.0.2 release notes Django 5.0.2 fixes a security issue with severity "moderate" and several bugs in 5.0.1. Also, the latest string translations from Transifex are incorporated. +CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter +=========================================================================== + +The ``intcomma`` template filter was subject to a potential denial-of-service +attack when used with very long strings. + Bugfixes ======== |
