diff options
| author | Jacob Kaplan-Moss <jacob@jacobian.org> | 2009-10-09 20:57:59 +0000 |
|---|---|---|
| committer | Jacob Kaplan-Moss <jacob@jacobian.org> | 2009-10-09 20:57:59 +0000 |
| commit | 9f8287a3f145fe5cbe71ef5573ea8898404727ad (patch) | |
| tree | b082155d47333b8a18f621cafcab7e2be564fb5e /docs | |
| parent | 8aee95ca3ef731672bef7c56a512ca2f35701864 (diff) | |
SECURITY ALERT: Corrected regular expressions for URL and email fields.
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.
This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.
This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
0 files changed, 0 insertions, 0 deletions
