summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorTim Graham <timograham@gmail.com>2018-02-24 11:30:11 -0500
committerTim Graham <timograham@gmail.com>2018-03-06 08:30:40 -0500
commit8618271caa0b09daba39ff3b46567d33ae1e1d3a (patch)
tree7ab34be3a2f6fc817df21d21daeaff35630767a2 /docs
parent4d2a2c83c7e8171522469908e8be8342ccb02052 (diff)
Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
Thanks Florian Apolloner for assisting with the patch.
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.11.11.txt11
-rw-r--r--docs/releases/1.8.19.txt11
-rw-r--r--docs/releases/2.0.3.txt11
3 files changed, 33 insertions, 0 deletions
diff --git a/docs/releases/1.11.11.txt b/docs/releases/1.11.11.txt
index c344f3e7b5..696465fd47 100644
--- a/docs/releases/1.11.11.txt
+++ b/docs/releases/1.11.11.txt
@@ -5,3 +5,14 @@ Django 1.11.11 release notes
*March 6, 2018*
Django 1.11.11 fixes two security issues in 1.11.10.
+
+CVE-2018-7536: Denial-of-service possibility in ``urlize`` and ``urlizetrunc`` template filters
+===============================================================================================
+
+The ``django.utils.html.urlize()`` function was extremely slow to evaluate
+certain inputs due to catastrophic backtracking vulnerabilities in two regular
+expressions. The ``urlize()`` function is used to implement the ``urlize`` and
+``urlizetrunc`` template filters, which were thus vulnerable.
+
+The problematic regular expressions are replaced with parsing logic that
+behaves similarly.
diff --git a/docs/releases/1.8.19.txt b/docs/releases/1.8.19.txt
index 9709f2622d..ae509f11c4 100644
--- a/docs/releases/1.8.19.txt
+++ b/docs/releases/1.8.19.txt
@@ -5,3 +5,14 @@ Django 1.8.19 release notes
*March 6, 2018*
Django 1.8.19 fixes two security issues in 1.18.18.
+
+CVE-2018-7536: Denial-of-service possibility in ``urlize`` and ``urlizetrunc`` template filters
+===============================================================================================
+
+The ``django.utils.html.urlize()`` function was extremely slow to evaluate
+certain inputs due to a catastrophic backtracking vulnerability in a regular
+expression. The ``urlize()`` function is used to implement the ``urlize`` and
+``urlizetrunc`` template filters, which were thus vulnerable.
+
+The problematic regular expression is replaced with parsing logic that behaves
+similarly.
diff --git a/docs/releases/2.0.3.txt b/docs/releases/2.0.3.txt
index b4d0ed0c23..a4c01302d1 100644
--- a/docs/releases/2.0.3.txt
+++ b/docs/releases/2.0.3.txt
@@ -7,6 +7,17 @@ Django 2.0.3 release notes
Django 2.0.3 fixes two security issues and several bugs in 2.0.2. Also, the
latest string translations from Transifex are incorporated.
+CVE-2018-7536: Denial-of-service possibility in ``urlize`` and ``urlizetrunc`` template filters
+===============================================================================================
+
+The ``django.utils.html.urlize()`` function was extremely slow to evaluate
+certain inputs due to catastrophic backtracking vulnerabilities in two regular
+expressions. The ``urlize()`` function is used to implement the ``urlize`` and
+``urlizetrunc`` template filters, which were thus vulnerable.
+
+The problematic regular expressions are replaced with parsing logic that
+behaves similarly.
+
Bugfixes
========