[4.1.x] Added CVE-2023-31047 to security archive.

Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-05-03 15:20:31 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-05-03 15:22:12 +0200
commit: 66e1e9b006618ba00e804d18bd90d3a9e94801b3 (patch)
tree: 0905b0636123b6696a8d1105a22e3ec4bae7ea88
parent: d1385cc51b142b05b21b721d9d68fc461bc7241f (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 0a82738709..c90d732397 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+May 3, 2023 - :cve:`2023-31047`
+-------------------------------
+
+Potential bypass of validation when uploading multiple files using one form
+field. `Full description
+<https://www.djangoproject.com/weblog/2023/may/03/security-releases/>`__
+
+* Django 4.2 :commit:`(patch) <21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd>`
+* Django 4.1 :commit:`(patch) <e7c3a2ccc3a562328600be05068ed9149e12ce64>`
+* Django 3.2 :commit:`(patch) <eed53d0011622e70b936e203005f0e6f4ac48965>`
+
 February 14, 2023 - :cve:`2023-24580`
 -------------------------------------
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-05-03 15:20:31 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-05-03 15:22:12 +0200
commit	66e1e9b006618ba00e804d18bd90d3a9e94801b3 (patch)
tree	0905b0636123b6696a8d1105a22e3ec4bae7ea88
parent	d1385cc51b142b05b21b721d9d68fc461bc7241f (diff)