diff options
| author | Adam Johnson <me@adamj.eu> | 2024-01-22 13:21:13 +0000 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2024-02-06 09:56:20 -0300 |
| commit | 572ea07e84b38ea8de0551f4b4eda685d91d09d2 (patch) | |
| tree | b1af886bda265a2c297e1a800f5ff675179f7237 /docs/releases | |
| parent | 9fe7411235b7fb133eed5093fee714c4c7db4c98 (diff) | |
[4.2.x] Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.
Thanks Seokchan Yoon for the report.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Shai Berger <shai@platonix.com>
Diffstat (limited to 'docs/releases')
| -rw-r--r-- | docs/releases/3.2.24.txt | 6 | ||||
| -rw-r--r-- | docs/releases/4.2.10.txt | 6 |
2 files changed, 10 insertions, 2 deletions
diff --git a/docs/releases/3.2.24.txt b/docs/releases/3.2.24.txt index 1ab7024f73..67be0f65d1 100644 --- a/docs/releases/3.2.24.txt +++ b/docs/releases/3.2.24.txt @@ -6,4 +6,8 @@ Django 3.2.24 release notes Django 3.2.24 fixes a security issue with severity "moderate" in 3.2.23. -... +CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter +=========================================================================== + +The ``intcomma`` template filter was subject to a potential denial-of-service +attack when used with very long strings. diff --git a/docs/releases/4.2.10.txt b/docs/releases/4.2.10.txt index c039f6840f..7cdfa69814 100644 --- a/docs/releases/4.2.10.txt +++ b/docs/releases/4.2.10.txt @@ -6,4 +6,8 @@ Django 4.2.10 release notes Django 4.2.10 fixes a security issue with severity "moderate" in 4.2.9. -... +CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter +=========================================================================== + +The ``intcomma`` template filter was subject to a potential denial-of-service +attack when used with very long strings. |