django/docs/releases/4.0.8.txt

==========================
Django 4.0.8 release notes
==========================

*October 4, 2022*

Django 4.0.8 fixes a security issue with severity "medium" in 4.0.7.

CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs
===================================================================================

Internationalized URLs were subject to potential denial of service attack via
the locale parameter.
Set date and added stub notes for 4.1.2, 4.0.8, and 3.2.16 releases. 2022-09-27 07:44:39 +00:00			`==========================`
			`Django 4.0.8 release notes`
			`==========================`

			`October 4, 2022`

			`Django 4.0.8 fixes a security issue with severity "medium" in 4.0.7.`

Fixed CVE-2022-41323 -- Prevented locales being interpreted as regular expressions. Thanks to Benjamin Balder Bach for the report. 2022-09-02 08:44:05 +00:00			`CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs`
			`===================================================================================`

			`Internationalized URLs were subject to potential denial of service attack via`
			`the locale parameter.`