mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-07 07:15:35 +00:00
Code Issues 32 Releases Wiki Activity

Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.

Browse Source 
Thanks Seokchan Yoon for the report.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Shai Berger <shai@platonix.com>
This commit is contained in:
Adam Johnson
2024-01-22 13:21:13 +00:00
committed by Natalia
parent 9cefdfc43f
commit 55519d6cf8
5 changed files with 87 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/releases/5.0.2.txt
View File

@@ -7,6 +7,12 @@ Django 5.0.2 release notes
Django 5.0.2 fixes a security issue with severity "moderate" and several bugs
in 5.0.1. Also, the latest string translations from Transifex are incorporated.
CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter
===========================================================================
The ``intcomma`` template filter was subject to a potential denial-of-service
attack when used with very long strings.
Bugfixes
========