[4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.

Thanks Seokchan Yoon for reports.
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-06-14 12:23:06 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-07-03 08:27:05 +0200
commit: beb3f3d55940d9aa7198bf9d424ab74e873aec3d (patch)
tree: 9f2a1ec68609b0e1936fe5942697ef0431065d5d /docs/releases/3.2.20.txt
parent: 3b48fe413f91612fb8c43fe9d489860d10c84bf7 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/docs/releases/3.2.20.txt b/docs/releases/3.2.20.txt
index e4ef914394..c8f60a70e2 100644
--- a/docs/releases/3.2.20.txt
+++ b/docs/releases/3.2.20.txt
@@ -6,4 +6,9 @@ Django 3.2.20 release notes
 
 Django 3.2.20 fixes a security issue with severity "moderate" in 3.2.19.
 
-...
+CVE-2023-36053: Potential regular expression denial of service vulnerability in ``EmailValidator``/``URLValidator``
+===================================================================================================================
+
+``EmailValidator`` and ``URLValidator`` were subject to potential regular
+expression denial of service attack via a very large number of domain name
+labels of emails and URLs.
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-06-14 12:23:06 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-07-03 08:27:05 +0200
commit	beb3f3d55940d9aa7198bf9d424ab74e873aec3d (patch)
tree	9f2a1ec68609b0e1936fe5942697ef0431065d5d /docs/releases/3.2.20.txt
parent	3b48fe413f91612fb8c43fe9d489860d10c84bf7 (diff)