From c7e0151fdf33e1b11d488b6f67b94fdf3a30614a Mon Sep 17 00:00:00 2001 From: Nick Pope Date: Wed, 25 Jan 2023 12:21:48 +0100 Subject: [3.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Accept-Language headers are now limited to a maximum length in order to avoid this issue. --- docs/releases/3.2.17.txt | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/releases/3.2.17.txt b/docs/releases/3.2.17.txt index 9eba24d72f..fcc097c5cc 100644 --- a/docs/releases/3.2.17.txt +++ b/docs/releases/3.2.17.txt @@ -6,4 +6,12 @@ Django 3.2.17 release notes Django 3.2.17 fixes a security issue with severity "moderate" in 3.2.16. -... +CVE-2023-23969: Potential denial-of-service via ``Accept-Language`` headers +=========================================================================== + +The parsed values of ``Accept-Language`` headers are cached in order to avoid +repetitive parsing. This leads to a potential denial-of-service vector via +excessive memory usage if large header values are sent. + +In order to avoid this vulnerability, the ``Accept-Language`` header is now +parsed up to a maximum length. -- cgit v1.3