[3.2.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.

Thanks Seokchan Yoon for reports.
author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-06-14 12:23:06 +0200
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-07-03 08:32:26 +0200
commit: 454f2fb93437f98917283336201b4048293f7582 (patch)
tree: 6c0c1bf6d7b1c5c367cd4928a4d7e6e10638d7b9 /docs/releases
parent: 07cc014cb30bc3c343a25c81aad6820bbc72c0d9 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/docs/releases/3.2.20.txt b/docs/releases/3.2.20.txt
index e4ef914394..c8f60a70e2 100644
--- a/docs/releases/3.2.20.txt
+++ b/docs/releases/3.2.20.txt
@@ -6,4 +6,9 @@ Django 3.2.20 release notes
 
 Django 3.2.20 fixes a security issue with severity "moderate" in 3.2.19.
 
-...
+CVE-2023-36053: Potential regular expression denial of service vulnerability in ``EmailValidator``/``URLValidator``
+===================================================================================================================
+
+``EmailValidator`` and ``URLValidator`` were subject to potential regular
+expression denial of service attack via a very large number of domain name
+labels of emails and URLs.
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-06-14 12:23:06 +0200
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-07-03 08:32:26 +0200
commit	454f2fb93437f98917283336201b4048293f7582 (patch)
tree	6c0c1bf6d7b1c5c367cd4928a4d7e6e10638d7b9 /docs/releases
parent	07cc014cb30bc3c343a25c81aad6820bbc72c0d9 (diff)