[4.2.x] Added CVE-2023-31047 to security archive.

Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-05-03 15:20:31 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-05-03 15:21:47 +0200
commit: 2756c6960163f0263a15633fd3cfd93281f47496 (patch)
tree: 2a6f42479928b8725b829b498d0505cc24a926b0 /docs/releases/security.txt
parent: 110919987b9a19644f5b650d4de345fea76d4a9b (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 0a82738709..c90d732397 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+May 3, 2023 - :cve:`2023-31047`
+-------------------------------
+
+Potential bypass of validation when uploading multiple files using one form
+field. `Full description
+<https://www.djangoproject.com/weblog/2023/may/03/security-releases/>`__
+
+* Django 4.2 :commit:`(patch) <21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd>`
+* Django 4.1 :commit:`(patch) <e7c3a2ccc3a562328600be05068ed9149e12ce64>`
+* Django 3.2 :commit:`(patch) <eed53d0011622e70b936e203005f0e6f4ac48965>`
+
 February 14, 2023 - :cve:`2023-24580`
 -------------------------------------
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-05-03 15:20:31 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-05-03 15:21:47 +0200
commit	2756c6960163f0263a15633fd3cfd93281f47496 (patch)
tree	2a6f42479928b8725b829b498d0505cc24a926b0 /docs/releases/security.txt
parent	110919987b9a19644f5b650d4de345fea76d4a9b (diff)