[4.1.x] Added CVE-2023-24580 to security archive.

Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
author: Carlton Gibson <carlton.gibson@noumenal.es> 2023-02-14 09:52:30 +0100
committer: Carlton Gibson <carlton.gibson@noumenal.es> 2023-02-14 09:53:25 +0100
commit: 991461a3b371d023b66a6fa098b5b219b1cf4e7a (patch)
tree: a12047411ea3494dab58c022f2b7aa069b1d168f
parent: e3b40353f1a5aed3a7100cd2a6d6fa4cab8b1c15 (diff)
download: django-991461a3b371d023b66a6fa098b5b219b1cf4e7a.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 0023fed03f..0a82738709 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,16 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+February 14, 2023 - :cve:`2023-24580`
+-------------------------------------
+
+Potential denial-of-service vulnerability in file uploads. `Full description
+<https://www.djangoproject.com/weblog/2023/feb/14/security-releases/>`__
+
+* Django 4.1 :commit:`(patch) <628b33a854a9c68ec8a0c51f382f304a0044ec92>`
+* Django 4.0 :commit:`(patch) <83f1ea83e4553e211c1c5a0dfc197b66d4e50432>`
+* Django 3.2 :commit:`(patch) <a665ed5179f5bbd3db95ce67286d0192eff041d8>`
+
 February 1, 2023 - :cve:`2023-23969`
 ------------------------------------
author	Carlton Gibson <carlton.gibson@noumenal.es>	2023-02-14 09:52:30 +0100
committer	Carlton Gibson <carlton.gibson@noumenal.es>	2023-02-14 09:53:25 +0100
commit	991461a3b371d023b66a6fa098b5b219b1cf4e7a (patch)
tree	a12047411ea3494dab58c022f2b7aa069b1d168f
parent	e3b40353f1a5aed3a7100cd2a6d6fa4cab8b1c15 (diff)
download	django-991461a3b371d023b66a6fa098b5b219b1cf4e7a.tar.gz