[4.1.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri().

Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-08-22 08:53:03 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-09-04 12:14:21 +0200
commit: ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0 (patch)
tree: 4b93acd6125b01d60e39c795cbcbd206d26fe21b /docs/releases/3.2.21.txt
parent: 52533346d221fa57b676056418c0e0d9342a2d67 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/docs/releases/3.2.21.txt b/docs/releases/3.2.21.txt
index 79efc679d1..062ac66682 100644
--- a/docs/releases/3.2.21.txt
+++ b/docs/releases/3.2.21.txt
@@ -6,4 +6,9 @@ Django 3.2.21 release notes
 
 Django 3.2.21 fixes a security issue with severity "moderate" in 3.2.20.
 
-...
+CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
+===================================================================================================
+
+``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
+service attack via certain inputs with a very large number of Unicode
+characters.
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-08-22 08:53:03 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-09-04 12:14:21 +0200
commit	ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0 (patch)
tree	4b93acd6125b01d60e39c795cbcbd206d26fe21b /docs/releases/3.2.21.txt
parent	52533346d221fa57b676056418c0e0d9342a2d67 (diff)