[4.2.x] Added CVE-2023-46695 to security archive.

Backport of 7caf2621833a45cdfe7e6e305e4885ecc8d79744 from main
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-11-01 08:16:14 +0100
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-11-01 08:17:50 +0100
commit: e4c9703ec66e2638385fbb240a49925c138b7dea (patch)
tree: c4f6ac0f49d8ca75f7a3d2737b1ba5779add8467 /docs/releases/security.txt
parent: 45e4d268cc447e71ae174508eef21d100b4ca0c4 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 6fdee8bf57..cf63dafa0d 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,8 +36,19 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+November 1, 2023 - :cve:`2023-46695`
+------------------------------------
+
+Potential denial of service vulnerability in ``UsernameField`` on Windows.
+`Full description
+<https://www.djangoproject.com/weblog/2023/nov/01/security-releases/>`__
+
+* Django 4.2 :commit:`(patch) <048a9ebb6ea468426cb4e57c71572cbbd975517f>`
+* Django 4.1 :commit:`(patch) <4965bfdde2e5a5c883685019e57d123a3368a75e>`
+* Django 3.2 :commit:`(patch) <f9a7fb8466a7ba4857eaf930099b5258f3eafb2b>`
+
 October 4, 2023 - :cve:`2023-43665`
--------------------------------------
+-----------------------------------
 
 Denial-of-service possibility in ``django.utils.text.Truncator``.
 `Full description
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-11-01 08:16:14 +0100
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-11-01 08:17:50 +0100
commit	e4c9703ec66e2638385fbb240a49925c138b7dea (patch)
tree	c4f6ac0f49d8ca75f7a3d2737b1ba5779add8467 /docs/releases/security.txt
parent	45e4d268cc447e71ae174508eef21d100b4ca0c4 (diff)