summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/3.2.21.txt7
-rw-r--r--docs/releases/4.1.11.txt7
-rw-r--r--docs/releases/4.2.5.txt7
3 files changed, 19 insertions, 2 deletions
diff --git a/docs/releases/3.2.21.txt b/docs/releases/3.2.21.txt
index 79efc679d1..062ac66682 100644
--- a/docs/releases/3.2.21.txt
+++ b/docs/releases/3.2.21.txt
@@ -6,4 +6,9 @@ Django 3.2.21 release notes
Django 3.2.21 fixes a security issue with severity "moderate" in 3.2.20.
-...
+CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
+===================================================================================================
+
+``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
+service attack via certain inputs with a very large number of Unicode
+characters.
diff --git a/docs/releases/4.1.11.txt b/docs/releases/4.1.11.txt
index efb6c14071..34734603c8 100644
--- a/docs/releases/4.1.11.txt
+++ b/docs/releases/4.1.11.txt
@@ -6,4 +6,9 @@ Django 4.1.11 release notes
Django 4.1.11 fixes a security issue with severity "moderate" in 4.1.10.
-...
+CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
+===================================================================================================
+
+``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
+service attack via certain inputs with a very large number of Unicode
+characters.
diff --git a/docs/releases/4.2.5.txt b/docs/releases/4.2.5.txt
index d88ece91e6..21e04fbb97 100644
--- a/docs/releases/4.2.5.txt
+++ b/docs/releases/4.2.5.txt
@@ -7,6 +7,13 @@ Django 4.2.5 release notes
Django 4.2.5 fixes a security issue with severity "moderate" and several bugs
in 4.2.4.
+CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
+===================================================================================================
+
+``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
+service attack via certain inputs with a very large number of Unicode
+characters.
+
Bugfixes
========
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 03:27:29 +0000