diff options
author | Carlton Gibson <carlton.gibson@noumenal.es> | 2023-02-14 09:52:30 +0100 |
---|---|---|
committer | Carlton Gibson <carlton.gibson@noumenal.es> | 2023-02-14 09:53:25 +0100 |
commit | 991461a3b371d023b66a6fa098b5b219b1cf4e7a (patch) | |
tree | a12047411ea3494dab58c022f2b7aa069b1d168f | |
parent | e3b40353f1a5aed3a7100cd2a6d6fa4cab8b1c15 (diff) | |
download | django-991461a3b371d023b66a6fa098b5b219b1cf4e7a.tar.gz |
[4.1.x] Added CVE-2023-24580 to security archive.
Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
-rw-r--r-- | docs/releases/security.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 0023fed03f..0a82738709 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -36,6 +36,16 @@ Issues under Django's security process All security issues have been handled under versions of Django's security process. These are listed below. +February 14, 2023 - :cve:`2023-24580` +------------------------------------- + +Potential denial-of-service vulnerability in file uploads. `Full description +<https://www.djangoproject.com/weblog/2023/feb/14/security-releases/>`__ + +* Django 4.1 :commit:`(patch) <628b33a854a9c68ec8a0c51f382f304a0044ec92>` +* Django 4.0 :commit:`(patch) <83f1ea83e4553e211c1c5a0dfc197b66d4e50432>` +* Django 3.2 :commit:`(patch) <a665ed5179f5bbd3db95ce67286d0192eff041d8>` + February 1, 2023 - :cve:`2023-23969` ------------------------------------ |