Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.

Thanks James Davis for suggesting the fix.
author: Tim Graham <timograham@gmail.com> 2018-02-24 16:22:43 -0500
committer: Tim Graham <timograham@gmail.com> 2018-03-06 08:30:40 -0500
commit: 97b7dd59bb8d6163239061e2022153c3415d146d (patch)
tree: 9226d827f280e10f46d7abba5a5228d2cfd87538 /docs/releases/2.0.3.txt
parent: 8618271caa0b09daba39ff3b46567d33ae1e1d3a (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/releases/2.0.3.txt b/docs/releases/2.0.3.txt
index a4c01302d1..a7c712c83f 100644
--- a/docs/releases/2.0.3.txt
+++ b/docs/releases/2.0.3.txt
@@ -18,6 +18,18 @@ expressions. The ``urlize()`` function is used to implement the ``urlize`` and
 The problematic regular expressions are replaced with parsing logic that
 behaves similarly.
 
+CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html`` and ``truncatewords_html`` template filters
+==================================================================================================================
+
+If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were
+passed the ``html=True`` argument, they were extremely slow to evaluate certain
+inputs due to a catastrophic backtracking vulnerability in a regular
+expression. The ``chars()`` and ``words()`` methods are used to implement the
+``truncatechars_html`` and ``truncatewords_html`` template filters, which were
+thus vulnerable.
+
+The backtracking problem in the regular expression is fixed.
+
 Bugfixes
 ========
author	Tim Graham <timograham@gmail.com>	2018-02-24 16:22:43 -0500
committer	Tim Graham <timograham@gmail.com>	2018-03-06 08:30:40 -0500
commit	97b7dd59bb8d6163239061e2022153c3415d146d (patch)
tree	9226d827f280e10f46d7abba5a5228d2cfd87538 /docs/releases/2.0.3.txt
parent	8618271caa0b09daba39ff3b46567d33ae1e1d3a (diff)