mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-13 11:57:01 +00:00
Code Issues 32 Releases Wiki Activity
36fe303e35
django/tests/regressiontests/forms
History
Jacob Kaplan-Moss 9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields. 
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-09 20:57:59 +00:00
..
localflavor
__init__.py
error_messages.py Fixed #10968 - Form.errors should use Form.error_class. 2009-09-11 10:47:40 +00:00
extra.py
fields.py SECURITY ALERT: Corrected regular expressions for URL and email fields. 2009-10-09 20:57:59 +00:00
forms.py
formsets.py
media.py
models.py Fixed #10792 -- Ensured that ModelChoiceFields don't provide an empty option when the underlying field has blank=False and there is a default value available. Thanks to carljm for the report and patch. 2009-05-10 07:44:27 +00:00
regressions.py
tests.py
util.py
widgets.py