Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity

[4.1.x] Added CVE-2023-23969 to security archive.

Browse Source 
Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main
This commit is contained in:
Mariusz Felisiak 2023-02-01 12:09:03 +01:00
parent f3b6a4f1f3
commit 9ac634ff26
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/releases/security.txt
View File

@ -36,6 +36,16 @@ Issues under Django's security process
All security issues have been handled under versions of Django's security All security issues have been handled under versions of Django's security
process. These are listed below. process. These are listed below.
February 1, 2023 - :cve:`2023-23969`
------------------------------------
Potential denial-of-service via ``Accept-Language`` headers. `Full description
<https://www.djangoproject.com/weblog/2023/feb/01/security-releases/>`__
* Django 4.1 :commit:`(patch) <9d7bd5a56b1ce0576e8e07a8001373576d277942>`
* Django 4.0 :commit:`(patch) <4452642f193533e288a52c02efb5bbc766a68f95>`
* Django 3.2 :commit:`(patch) <c7e0151fdf33e1b11d488b6f67b94fdf3a30614a>`
October 4, 2022 - :cve:`2022-41323` October 4, 2022 - :cve:`2022-41323`
----------------------------------- -----------------------------------