From bcfb47780ce7caecb409a9e9c1c314266e41d392 Mon Sep 17 00:00:00 2001 From: Tim Graham Date: Thu, 11 Dec 2014 08:31:03 -0500 Subject: [1.7.x] Fixed DoS possibility in ModelMultipleChoiceField. This is a security fix. Disclosure following shortly. Thanks Keryn Knight for the report and initial patch. --- docs/releases/1.6.10.txt | 9 +++++++++ docs/releases/1.7.3.txt | 9 +++++++++ docs/spelling_wordlist | 1 + 3 files changed, 19 insertions(+) (limited to 'docs') diff --git a/docs/releases/1.6.10.txt b/docs/releases/1.6.10.txt index 20aa595b77..5b8f0cdec3 100644 --- a/docs/releases/1.6.10.txt +++ b/docs/releases/1.6.10.txt @@ -58,3 +58,12 @@ Note, however, that this view has always carried a warning that it is not hardened for production use and should be used only as a development aid. Now may be a good time to audit your project and serve your files in production using a real front-end web server if you are not doing so. + +Database denial-of-service with ``ModelMultipleChoiceField`` +============================================================ + +Given a form that uses ``ModelMultipleChoiceField`` and +``show_hidden_initial=True`` (not a documented API), it was possible for a user +to cause an unreasonable number of SQL queries by submitting duplicate values +for the field's data. The validation logic in ``ModelMultipleChoiceField`` now +deduplicates submitted values to address this issue. diff --git a/docs/releases/1.7.3.txt b/docs/releases/1.7.3.txt index 2da43658f8..234099590b 100644 --- a/docs/releases/1.7.3.txt +++ b/docs/releases/1.7.3.txt @@ -59,6 +59,15 @@ hardened for production use and should be used only as a development aid. Now may be a good time to audit your project and serve your files in production using a real front-end web server if you are not doing so. +Database denial-of-service with ``ModelMultipleChoiceField`` +============================================================ + +Given a form that uses ``ModelMultipleChoiceField`` and +``show_hidden_initial=True`` (not a documented API), it was possible for a user +to cause an unreasonable number of SQL queries by submitting duplicate values +for the field's data. The validation logic in ``ModelMultipleChoiceField`` now +deduplicates submitted values to address this issue. + Bugfixes ======== diff --git a/docs/spelling_wordlist b/docs/spelling_wordlist index 23465d2f4e..da7ce09d29 100644 --- a/docs/spelling_wordlist +++ b/docs/spelling_wordlist @@ -134,6 +134,7 @@ dbshell de deconstruct deconstructing +deduplicates deepcopy deserialization deserialize -- cgit v1.3