django/docs/releases/4.2.10.txt

===========================
Django 4.2.10 release notes
===========================

*February 6, 2024*

Django 4.2.10 fixes a security issue with severity "moderate" in 4.2.9.

CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter
===========================================================================

The ``intcomma`` template filter was subject to a potential denial-of-service
attack when used with very long strings.
Added stub release notes and release date for 5.0.2, 4.2.10, and 3.2.24. 2024-01-29 14:41:53 +00:00			`===========================`
			`Django 4.2.10 release notes`
			`===========================`

			`February 6, 2024`

			`Django 4.2.10 fixes a security issue with severity "moderate" in 4.2.9.`

Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter. Thanks Seokchan Yoon for the report. Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> Co-authored-by: Shai Berger <shai@platonix.com> 2024-01-22 13:21:13 +00:00			CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter
			`===========================================================================`

			The ``intcomma`` template filter was subject to a potential denial-of-service
			`attack when used with very long strings.`