mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-29 08:36:09 +00:00
Code Issues 32 Releases Wiki Activity

[4.2.x] Added CVE-2023-24580 to security archive.

Browse Source 
Backport of ecafcaf634 from main
This commit is contained in:
Carlton Gibson
2023-02-14 09:52:30 +01:00
parent 7ac5ff37b8
commit ac8cf0ae76
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/releases/security.txt
View File

@@ -36,6 +36,16 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security
process. These are listed below.
February 14, 2023 - :cve:`2023-24580`
-------------------------------------
Potential denial-of-service vulnerability in file uploads. `Full description
<https://www.djangoproject.com/weblog/2023/feb/14/security-releases/>`__
* Django 4.1 :commit:`(patch) <628b33a854a9c68ec8a0c51f382f304a0044ec92>`
* Django 4.0 :commit:`(patch) <83f1ea83e4553e211c1c5a0dfc197b66d4e50432>`
* Django 3.2 :commit:`(patch) <a665ed5179f5bbd3db95ce67286d0192eff041d8>`
February 1, 2023 - :cve:`2023-23969`
------------------------------------