mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-02-05 06:56:53 +00:00
Code Issues 32 Releases Wiki Activity
django/docs/releases
History
Nick Pope 8c660fb592 Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
2023-02-01 09:44:04 +01:00
..
0.95.txt
0.96.txt
1.0-porting-guide.txt
1.0.1.txt
1.0.2.txt
1.0.txt
1.1.2.txt
1.1.3.txt
1.1.4.txt
1.1.txt
1.2.1.txt
1.2.2.txt
1.2.3.txt
1.2.4.txt
1.2.5.txt
1.2.6.txt
1.2.7.txt
1.2.txt
1.3.1.txt
1.3.2.txt
1.3.3.txt
1.3.4.txt
1.3.5.txt
1.3.6.txt
1.3.7.txt
1.3.txt
1.4.1.txt
1.4.2.txt
1.4.3.txt
1.4.4.txt
1.4.5.txt
1.4.6.txt
1.4.7.txt
1.4.8.txt
1.4.9.txt
1.4.10.txt
1.4.11.txt
1.4.12.txt
1.4.13.txt
1.4.14.txt
1.4.15.txt
1.4.16.txt
1.4.17.txt
1.4.18.txt
1.4.19.txt
1.4.20.txt
1.4.21.txt
1.4.22.txt
1.4.txt
1.5.1.txt
1.5.2.txt
1.5.3.txt
1.5.4.txt
1.5.5.txt
1.5.6.txt
1.5.7.txt
1.5.8.txt
1.5.9.txt
1.5.10.txt
1.5.11.txt
1.5.12.txt
1.5.txt
1.6.1.txt
1.6.2.txt
1.6.3.txt
1.6.4.txt
1.6.5.txt
1.6.6.txt
1.6.7.txt
1.6.8.txt
1.6.9.txt
1.6.10.txt
1.6.11.txt
1.6.txt
1.7.1.txt
Refs #32446 -- Removed SERIALIZE test database setting per deprecation timeline.
2023-01-17 11:49:15 +01:00
1.7.2.txt
1.7.3.txt
1.7.4.txt
1.7.5.txt
1.7.6.txt
1.7.7.txt
1.7.8.txt
1.7.9.txt
1.7.10.txt
1.7.11.txt
1.7.txt
1.8.1.txt
1.8.2.txt
1.8.3.txt
1.8.4.txt
1.8.5.txt
1.8.6.txt
1.8.7.txt
1.8.8.txt
1.8.9.txt
1.8.10.txt
1.8.11.txt
1.8.12.txt
1.8.13.txt
1.8.14.txt
1.8.15.txt
1.8.16.txt
1.8.17.txt
1.8.18.txt
1.8.19.txt
1.8.txt
1.9.1.txt
1.9.2.txt
1.9.3.txt
1.9.4.txt
1.9.5.txt
1.9.6.txt
1.9.7.txt
1.9.8.txt
1.9.9.txt
1.9.10.txt
1.9.11.txt
1.9.12.txt
1.9.13.txt
1.9.txt
1.10.1.txt
1.10.2.txt
1.10.3.txt
1.10.4.txt
1.10.5.txt
1.10.6.txt
1.10.7.txt
1.10.8.txt
1.10.txt
1.11.1.txt
1.11.2.txt
1.11.3.txt
1.11.4.txt
1.11.5.txt
1.11.6.txt
1.11.7.txt
1.11.8.txt
1.11.9.txt
1.11.10.txt
1.11.11.txt
1.11.12.txt
1.11.13.txt
1.11.14.txt
1.11.15.txt
1.11.16.txt
1.11.17.txt
1.11.18.txt
1.11.19.txt
1.11.20.txt
1.11.21.txt
1.11.22.txt
1.11.23.txt
1.11.24.txt
1.11.25.txt
1.11.26.txt
1.11.27.txt
1.11.28.txt
1.11.29.txt
1.11.txt
2.0.1.txt
2.0.2.txt
2.0.3.txt
2.0.4.txt
2.0.5.txt
2.0.6.txt
2.0.7.txt
2.0.8.txt
2.0.9.txt
2.0.10.txt
2.0.11.txt
2.0.12.txt
2.0.13.txt
2.0.txt
2.1.1.txt
2.1.2.txt
2.1.3.txt
2.1.4.txt
2.1.5.txt
2.1.6.txt
2.1.7.txt
2.1.8.txt
2.1.9.txt
2.1.10.txt
2.1.11.txt
2.1.12.txt
2.1.13.txt
2.1.14.txt
2.1.15.txt
2.1.txt
2.2.1.txt
2.2.2.txt
2.2.3.txt
2.2.4.txt
2.2.5.txt
2.2.6.txt
2.2.7.txt
2.2.8.txt
2.2.9.txt
2.2.10.txt
2.2.11.txt
2.2.12.txt
2.2.13.txt
2.2.14.txt
2.2.15.txt
2.2.16.txt
2.2.17.txt
2.2.18.txt
2.2.19.txt
2.2.20.txt
2.2.21.txt
2.2.22.txt
2.2.23.txt
2.2.24.txt
2.2.25.txt
2.2.26.txt
2.2.27.txt
2.2.28.txt
2.2.txt
3.0.1.txt
3.0.2.txt
3.0.3.txt
3.0.4.txt
3.0.5.txt
3.0.6.txt
3.0.7.txt
3.0.8.txt
3.0.9.txt
3.0.10.txt
3.0.11.txt
3.0.12.txt
3.0.13.txt
3.0.14.txt
3.0.txt
3.1.1.txt
3.1.2.txt
3.1.3.txt
3.1.4.txt
3.1.5.txt
3.1.6.txt
3.1.7.txt
3.1.8.txt
3.1.9.txt
3.1.10.txt
3.1.11.txt
3.1.12.txt
3.1.13.txt
3.1.14.txt
3.1.txt
3.2.1.txt
3.2.2.txt
3.2.3.txt
3.2.4.txt
3.2.5.txt
3.2.6.txt
3.2.7.txt
3.2.8.txt
3.2.9.txt
3.2.10.txt
3.2.11.txt
3.2.12.txt
3.2.13.txt
3.2.14.txt
3.2.15.txt
3.2.16.txt
3.2.17.txt
Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
2023-02-01 09:44:04 +01:00
3.2.txt
Refs #33342 -- Removed ExclusionConstraint.opclasses per deprecation timeline.
2023-01-17 11:49:15 +01:00
4.0.1.txt
4.0.2.txt
4.0.3.txt
4.0.4.txt
4.0.5.txt
4.0.6.txt
4.0.7.txt
4.0.8.txt
4.0.9.txt
Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
2023-02-01 09:44:04 +01:00
4.0.txt
Refs #32365 -- Removed django.utils.timezone.utc per deprecation timeline.
2023-01-17 11:49:15 +01:00
4.1.1.txt
4.1.2.txt
4.1.3.txt
4.1.4.txt
4.1.5.txt
4.1.6.txt
Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
2023-02-01 09:44:04 +01:00
4.1.txt
Refs #32339 -- Deprecated transitional form renderers.
2023-01-18 11:08:39 +01:00
4.2.txt
Fixed typo in docs/releases/4.2.txt.
2023-01-17 19:27:51 +01:00
5.0.txt
Moved release note about the default PBKDF2 iterations into django.contrib.auth section.
2023-01-25 22:25:29 +01:00
index.txt
Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17.
2023-01-25 12:26:00 +01:00
security.txt