Skip to content

Commit 901ec7a

Browse files
nessitanessita
committed
[5.0.x] Added CVE-2024-45230 and CVE-2024-45231 to security archive.
Backport of aa52930 from main.
1 parent cc13485 commit 901ec7a

File tree

1 file changed

+22
-0
lines changed

1 file changed

+22
-0
lines changed

docs/releases/security.txt

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,28 @@ Issues under Django's security process
3636
All security issues have been handled under versions of Django's security
3737
process. These are listed below.
3838

39+
September 3, 2024 - :cve:`2024-45231`
40+
-------------------------------------
41+
42+
Potential user email enumeration via response status on password reset.
43+
`Full description
44+
<https://www.djangoproject.com/weblog/2024/sep/03/security-releases/>`__
45+
46+
* Django 5.1 :commit:`(patch) <3c733c78d6f8e50296d6e248968b6516c92a53ca>`
47+
* Django 5.0 :commit:`(patch) <96d84047715ea1715b4bd1594e46122b8a77b9e2>`
48+
* Django 4.2 :commit:`(patch) <bf4888d317ba4506d091eeac6e8b4f1fcc731199>`
49+
50+
September 3, 2024 - :cve:`2024-45230`
51+
-------------------------------------
52+
53+
Potential denial-of-service vulnerability in ``django.utils.html.urlize()``.
54+
`Full description
55+
<https://www.djangoproject.com/weblog/2024/sep/03/security-releases/>`__
56+
57+
* Django 5.1 :commit:`(patch) <022ab0a75c76ab2ea31dfcc5f2cf5501e378d397>`
58+
* Django 5.0 :commit:`(patch) <813de2672bd7361e9a453ab62cd6e52f96b6525b>`
59+
* Django 4.2 :commit:`(patch) <d147a8ebbdf28c17cafbbe2884f0bc57e2bf82e2>`
60+
3961
August 6, 2024 - :cve:`2024-42005`
4062
----------------------------------
4163

0 commit comments

Comments
 (0)