[5.0.x] Added CVE-2023-46695 to security archive.

Backport of 7caf2621833a45cdfe7e6e305e4885ecc8d79744 from main
2025-03-24 00:00:45 +00:00 · 2023-11-01 08:16:14 +01:00 · 2023-11-01 08:16:14 +01:00 · 2d929dd2cc
commit 2d929dd2cc
parent bb71d34551
1 changed files with 12 additions and 1 deletions
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@ -36,8 +36,19 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.

+November 1, 2023 - :cve:`2023-46695`
+------------------------------------
+
+Potential denial of service vulnerability in ``UsernameField`` on Windows.
+`Full description
+<https://www.djangoproject.com/weblog/2023/nov/01/security-releases/>`__
+
+* Django 4.2 :commit:`(patch) <048a9ebb6ea468426cb4e57c71572cbbd975517f>`
+* Django 4.1 :commit:`(patch) <4965bfdde2e5a5c883685019e57d123a3368a75e>`
+* Django 3.2 :commit:`(patch) <f9a7fb8466a7ba4857eaf930099b5258f3eafb2b>`
+
 October 4, 2023 - :cve:`2023-43665`
-------------------------------------
+-----------------------------------

 Denial-of-service possibility in ``django.utils.text.Truncator``.
 `Full description