[4.0.x] Added CVE-2023-24580 to security archive.stable/4.0.x

Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
author: Carlton Gibson <carlton.gibson@noumenal.es> 2023-02-14 09:52:30 +0100
committer: Carlton Gibson <carlton.gibson@noumenal.es> 2023-02-14 09:53:46 +0100
commit: ef62a3a68c9d558486145a42c0d71ea9a76add9e (patch)
tree: 426ac4fc9372d9274e20ecb9534748a50925b37a
parent: b87e3dc110ef3f257620f484b4fda9faecd8267a (diff)
download: django-stable/4.0.x.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 0023fed03f..0a82738709 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,16 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+February 14, 2023 - :cve:`2023-24580`
+-------------------------------------
+
+Potential denial-of-service vulnerability in file uploads. `Full description
+<https://www.djangoproject.com/weblog/2023/feb/14/security-releases/>`__
+
+* Django 4.1 :commit:`(patch) <628b33a854a9c68ec8a0c51f382f304a0044ec92>`
+* Django 4.0 :commit:`(patch) <83f1ea83e4553e211c1c5a0dfc197b66d4e50432>`
+* Django 3.2 :commit:`(patch) <a665ed5179f5bbd3db95ce67286d0192eff041d8>`
+
 February 1, 2023 - :cve:`2023-23969`
 ------------------------------------
author	Carlton Gibson <carlton.gibson@noumenal.es>	2023-02-14 09:52:30 +0100
committer	Carlton Gibson <carlton.gibson@noumenal.es>	2023-02-14 09:53:46 +0100
commit	ef62a3a68c9d558486145a42c0d71ea9a76add9e (patch)
tree	426ac4fc9372d9274e20ecb9534748a50925b37a
parent	b87e3dc110ef3f257620f484b4fda9faecd8267a (diff)
download	django-stable/4.0.x.tar.gz