Added CVE-2023-46695 to security archive.

author: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-11-01 08:16:14 +0100
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-11-01 08:16:14 +0100
commit: 7caf2621833a45cdfe7e6e305e4885ecc8d79744 (patch)
tree: b41f4bcfa4771ea71f35969e07fce7427397ab6e /docs
parent: 05ba4130ee878c4f520b5d34bb11eaad794623be (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 6fdee8bf57..cf63dafa0d 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,8 +36,19 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+November 1, 2023 - :cve:`2023-46695`
+------------------------------------
+
+Potential denial of service vulnerability in ``UsernameField`` on Windows.
+`Full description
+<https://www.djangoproject.com/weblog/2023/nov/01/security-releases/>`__
+
+* Django 4.2 :commit:`(patch) <048a9ebb6ea468426cb4e57c71572cbbd975517f>`
+* Django 4.1 :commit:`(patch) <4965bfdde2e5a5c883685019e57d123a3368a75e>`
+* Django 3.2 :commit:`(patch) <f9a7fb8466a7ba4857eaf930099b5258f3eafb2b>`
+
 October 4, 2023 - :cve:`2023-43665`
--------------------------------------
+-----------------------------------
 
 Denial-of-service possibility in ``django.utils.text.Truncator``.
 `Full description
author	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-11-01 08:16:14 +0100
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-11-01 08:16:14 +0100
commit	7caf2621833a45cdfe7e6e305e4885ecc8d79744 (patch)
tree	b41f4bcfa4771ea71f35969e07fce7427397ab6e /docs
parent	05ba4130ee878c4f520b5d34bb11eaad794623be (diff)