[4.2.x] Added CVE-2023-41164 to security archive.

Backport of 8a98768868a104ea3ce10d8182590bdd095d9ccb from main
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-09-04 13:09:48 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-09-04 13:17:59 +0200
commit: a1dd78513980873be882cb75481ea6e9e2cb6212 (patch)
tree: 43d91b9e9eface97c8a9dd12329067b947f69220 /docs/releases/security.txt
parent: a9686cb8711d56062f6c2c5fa9d8aea83e45c7bc (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 48586c8a6e..34394c50b0 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+September 4, 2023 - :cve:`2023-41164`
+-------------------------------------
+
+Potential denial of service vulnerability in
+``django.utils.encoding.uri_to_iri()``. `Full description
+<https://www.djangoproject.com/weblog/2023/sep/04/security-releases/>`__
+
+* Django 4.2 :commit:`(patch) <9c51b4dcfa0cefcb48231f4d71cafa80821f87b9>`
+* Django 4.1 :commit:`(patch) <ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0>`
+* Django 3.2 :commit:`(patch) <6f030b1149bd8fa4ba90452e77cb3edc095ce54e>`
+
 July 3, 2023 - :cve:`2023-36053`
 --------------------------------
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-09-04 13:09:48 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-09-04 13:17:59 +0200
commit	a1dd78513980873be882cb75481ea6e9e2cb6212 (patch)
tree	43d91b9e9eface97c8a9dd12329067b947f69220 /docs/releases/security.txt
parent	a9686cb8711d56062f6c2c5fa9d8aea83e45c7bc (diff)