[5.1.x] Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template filter.

Thanks sw0rd1ight for the report.

Backport of 55d89e25f4 from main.

docs/releases/4.2.20.txt

@@ -5,3 +5,9 @@ Django 4.2.20 release notes
 *March 6, 2025*
 
 Django 4.2.20 fixes a security issue with severity "moderate" in 4.2.19.
+
+CVE-2025-26699: Potential denial-of-service vulnerability in ``django.utils.text.wrap()``
+=========================================================================================
+
+The ``wrap()`` and :tfilter:`wordwrap` template filter were subject to a
+potential denial-of-service attack when used with very long strings.

docs/releases/5.0.13.txt

@@ -5,3 +5,9 @@ Django 5.0.13 release notes
 *March 6, 2025*
 
 Django 5.0.13 fixes a security issue with severity "moderate" in 5.0.12.
+
+CVE-2025-26699: Potential denial-of-service vulnerability in ``django.utils.text.wrap()``
+=========================================================================================
+
+The ``wrap()`` and :tfilter:`wordwrap` template filter were subject to a
+potential denial-of-service attack when used with very long strings.

docs/releases/5.1.7.txt

@@ -7,6 +7,12 @@ Django 5.1.7 release notes
 Django 5.1.7 fixes a security issue with severity "moderate" and several bugs
 in 5.1.6.
 
+CVE-2025-26699: Potential denial-of-service vulnerability in ``django.utils.text.wrap()``
+=========================================================================================
+
+The ``wrap()`` and :tfilter:`wordwrap` template filter were subject to a
+potential denial-of-service attack when used with very long strings.
+
 Bugfixes
 ========