Package: python-django Version: 1:1.10.7-2+deb9u17 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security
Hi, The following vulnerability was published for python-django. CVE-2023-36053[0]: | In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, | EmailValidator and URLValidator are subject to a potential ReDoS | (regular expression denial of service) attack via a very large | number of domain name labels of emails and URLs. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-36053 https://www.cve.org/CVERecord?id=CVE-2023-36053 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
