Merge pull request from GHSA-mqjc-6jp2-39mq

jmcrawford45 · web-flow · commit caeecb76e852 · 2024-01-17T11:40:17.000-05:00
limit NKFD normalization to 10k chars
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -12,6 +12,7 @@ Added Digicert source plugin. Enable it with DIGICERT_SOURCE_ENABLED
 Added AWS ACM source plugin. This plugin retreives all certificates for an account and a region.
 Added AWS ACM destination plugin. This plugin uploads a certificate to AWS ACM.
 Allow updating options field via authority update API.
+Fixed a DoS security issue affecting Windows env via the name parameter of the certificate post endpoint.
 
 
 1.6.0 - `2023-10-23`
diff --git a/lemur/common/defaults.py b/lemur/common/defaults.py
@@ -15,6 +15,8 @@ def text_to_slug(value, joiner="-"):
     Normalize a string to a "slug" value, stripping character accents and removing non-alphanum characters.
     A series of non-alphanumeric characters is replaced with the joiner character.
     """
+    if len(value) > 10_000:
+        raise ValueError("Input value is too long.")
 
     # Strip all character accents: decompose Unicode characters and then drop combining chars.
     value = "".join(
