Added CVE-2021-32052 to security archive.

author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2021-05-06 09:58:24 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2021-05-06 09:58:24 +0200
commit: efebcc429f048493d6bc710399e65d98081eafd5 (patch)
tree: 598cbec96cdd0d3def97267f9e83a97054e7f5a9 /docs/releases/security.txt
parent: e1e81aa1c4427411e3c68facdd761229ffea6f6f (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 847abd9cac..4f755f4381 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,20 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+May 6, 2021 - :cve:`2021-32052`
+-------------------------------
+
+Header injection possibility since ``URLValidator`` accepted newlines in input
+on Python 3.9.5+. `Full description
+<https://www.djangoproject.com/weblog/2021/may/06/security-releases/>`__
+
+Versions affected
+~~~~~~~~~~~~~~~~~
+
+* Django 3.2 :commit:`(patch) <2d2c1d0c97832860fbd6597977e2aae17dd7e5b2>`
+* Django 3.1 :commit:`(patch) <afb23f5929944a407e4990edef1c7806a94c9879>`
+* Django 2.2 :commit:`(patch) <d9594c4ea57b6309d93879805302cec9ae9f23ff>`
+
 May 4, 2021 - :cve:`2021-31542`
 -------------------------------
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2021-05-06 09:58:24 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2021-05-06 09:58:24 +0200
commit	efebcc429f048493d6bc710399e65d98081eafd5 (patch)
tree	598cbec96cdd0d3def97267f9e83a97054e7f5a9 /docs/releases/security.txt
parent	e1e81aa1c4427411e3c68facdd761229ffea6f6f (diff)