From 0504af64292071e1a9565193ea8265c60600f7d7 Mon Sep 17 00:00:00 2001 From: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:38:34 +0200 Subject: [5.1.x] Fixed CVE-2024-41989 -- Prevented excessive memory consumption in floatformat. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Thanks Elias Myllymäki for the report. Co-authored-by: Shai Berger --- docs/releases/4.2.15.txt | 9 +++++++++ docs/releases/5.0.8.txt | 9 +++++++++ 2 files changed, 18 insertions(+) (limited to 'docs') diff --git a/docs/releases/4.2.15.txt b/docs/releases/4.2.15.txt index d312f8580f..f3fdb0a3cf 100644 --- a/docs/releases/4.2.15.txt +++ b/docs/releases/4.2.15.txt @@ -7,6 +7,15 @@ Django 4.2.15 release notes Django 4.2.15 fixes three security issues with severity "moderate", one security issue with severity "high", and a regression in 4.2.14. +CVE-2024-41989: Memory exhaustion in ``django.utils.numberformat.floatformat()`` +================================================================================ + +If :tfilter:`floatformat` received a string representation of a number in +scientific notation with a large exponent, it could lead to significant memory +consumption. + +To avoid this, decimals with more than 200 digits are now returned as is. + Bugfixes ======== diff --git a/docs/releases/5.0.8.txt b/docs/releases/5.0.8.txt index 704ecf2c61..c371e4af0b 100644 --- a/docs/releases/5.0.8.txt +++ b/docs/releases/5.0.8.txt @@ -7,6 +7,15 @@ Django 5.0.8 release notes Django 5.0.8 fixes three security issues with severity "moderate", one security issue with severity "high", and several bugs in 5.0.7. +CVE-2024-41989: Memory exhaustion in ``django.utils.numberformat.floatformat()`` +================================================================================ + +If :tfilter:`floatformat` received a string representation of a number in +scientific notation with a large exponent, it could lead to significant memory +consumption. + +To avoid this, decimals with more than 200 digits are now returned as is. + Bugfixes ======== -- cgit v1.3