mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.

Browse Source 
Thanks James Davis for suggesting the fix.
This commit is contained in:
Tim Graham
2018-02-24 16:22:43 -05:00
parent 8618271caa
commit 97b7dd59bb
5 changed files with 41 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docs/releases/1.8.19.txt
View File

@@ -16,3 +16,15 @@ expression. The ``urlize()`` function is used to implement the ``urlize`` and
The problematic regular expression is replaced with parsing logic that behaves
similarly.
CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html`` and ``truncatewords_html`` template filters
==================================================================================================================
If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were
passed the ``html=True`` argument, they were extremely slow to evaluate certain
inputs due to a catastrophic backtracking vulnerability in a regular
expression. The ``chars()`` and ``words()`` methods are used to implement the
``truncatechars_html`` and ``truncatewords_html`` template filters, which were
thus vulnerable.
The backtracking problem in the regular expression is fixed.