From 2756c6960163f0263a15633fd3cfd93281f47496 Mon Sep 17 00:00:00 2001 From: Mariusz Felisiak Date: Wed, 3 May 2023 15:20:31 +0200 Subject: [PATCH] [4.2.x] Added CVE-2023-31047 to security archive. Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main --- docs/releases/security.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 0a82738709..c90d732397 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -36,6 +36,17 @@ Issues under Django's security process All security issues have been handled under versions of Django's security process. These are listed below. +May 3, 2023 - :cve:`2023-31047` +------------------------------- + +Potential bypass of validation when uploading multiple files using one form +field. `Full description +`__ + +* Django 4.2 :commit:`(patch) <21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd>` +* Django 4.1 :commit:`(patch) ` +* Django 3.2 :commit:`(patch) ` + February 14, 2023 - :cve:`2023-24580` -------------------------------------