summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorTim Graham <timograham@gmail.com>2018-02-24 16:22:43 -0500
committerTim Graham <timograham@gmail.com>2018-02-27 13:56:26 -0500
commita91436360b79a6ff995c3e5018bcc666dfaf1539 (patch)
tree2581958aedc8649eb5b1f91fde6cc9c651ed2c23 /docs
parentabf89d729f210c692a50e0ad3f75fb6bec6fae16 (diff)
[1.11.x] Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
Thanks James Davis for suggesting the fix.
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.11.11.txt12
-rw-r--r--docs/releases/1.8.19.txt12
2 files changed, 24 insertions, 0 deletions
diff --git a/docs/releases/1.11.11.txt b/docs/releases/1.11.11.txt
index 696465fd47..314338a541 100644
--- a/docs/releases/1.11.11.txt
+++ b/docs/releases/1.11.11.txt
@@ -16,3 +16,15 @@ expressions. The ``urlize()`` function is used to implement the ``urlize`` and
The problematic regular expressions are replaced with parsing logic that
behaves similarly.
+
+CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html`` and ``truncatewords_html`` template filters
+==================================================================================================================
+
+If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were
+passed the ``html=True`` argument, they were extremely slow to evaluate certain
+inputs due to a catastrophic backtracking vulnerability in a regular
+expression. The ``chars()`` and ``words()`` methods are used to implement the
+``truncatechars_html`` and ``truncatewords_html`` template filters, which were
+thus vulnerable.
+
+The backtracking problem in the regular expression is fixed.
diff --git a/docs/releases/1.8.19.txt b/docs/releases/1.8.19.txt
index ae509f11c4..96410a331c 100644
--- a/docs/releases/1.8.19.txt
+++ b/docs/releases/1.8.19.txt
@@ -16,3 +16,15 @@ expression. The ``urlize()`` function is used to implement the ``urlize`` and
The problematic regular expression is replaced with parsing logic that behaves
similarly.
+
+CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html`` and ``truncatewords_html`` template filters
+==================================================================================================================
+
+If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were
+passed the ``html=True`` argument, they were extremely slow to evaluate certain
+inputs due to a catastrophic backtracking vulnerability in a regular
+expression. The ``chars()`` and ``words()`` methods are used to implement the
+``truncatechars_html`` and ``truncatewords_html`` template filters, which were
+thus vulnerable.
+
+The backtracking problem in the regular expression is fixed.