From ecf1f8fb900f94de08c945164633e9a28a2edadb Mon Sep 17 00:00:00 2001 From: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> Date: Thu, 18 Jul 2024 13:19:34 +0200 Subject: Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc template filters. Thanks to MProgrammer for the report. --- tests/utils_tests/test_html.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'tests') diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py index 9fe782ed2f..6050ed62b0 100644 --- a/tests/utils_tests/test_html.py +++ b/tests/utils_tests/test_html.py @@ -359,6 +359,8 @@ class TestUtilsHtml(SimpleTestCase): "[(" * 100_000 + ":" + ")]" * 100_000, "([[" * 100_000 + ":" + "]])" * 100_000, "&:" + ";" * 100_000, + "&.;" * 100_000, + ".;" * 100_000, ) for value in tests: with self.subTest(value=value): -- cgit v1.3