Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri().

Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-08-22 08:53:03 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-09-04 11:58:37 +0200
commit: 3f41d6d62929dfe53eda8109b3b836f26645bdce (patch)
tree: a221032a51e25559ef8266a861fc8a8447078a78 /docs/releases/3.2.21.txt
parent: 048d75aeb1e2b1c08b1b9ec359397f00aec1b57d (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/docs/releases/3.2.21.txt b/docs/releases/3.2.21.txt
index 79efc679d1..062ac66682 100644
--- a/docs/releases/3.2.21.txt
+++ b/docs/releases/3.2.21.txt
@@ -6,4 +6,9 @@ Django 3.2.21 release notes
 
 Django 3.2.21 fixes a security issue with severity "moderate" in 3.2.20.
 
-...
+CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
+===================================================================================================
+
+``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
+service attack via certain inputs with a very large number of Unicode
+characters.
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-08-22 08:53:03 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-09-04 11:58:37 +0200
commit	3f41d6d62929dfe53eda8109b3b836f26645bdce (patch)
tree	a221032a51e25559ef8266a861fc8a8447078a78 /docs/releases/3.2.21.txt
parent	048d75aeb1e2b1c08b1b9ec359397f00aec1b57d (diff)