Django 4.2.8 documentation

Home | Table of contents | Index | Modules

« previous | up | next »

Django 4.2.3 release notes¶

July 3, 2023

Django 4.2.3 fixes a security issue with severity “moderate” and several bugs in 4.2.2.

CVE-2023-36053: Potential regular expression denial of service vulnerability in `EmailValidator`/`URLValidator`¶

EmailValidator and URLValidator were subject to potential regular expression denial of service attack via a very large number of domain name labels of emails and URLs.

Bugfixes¶

Fixed a regression in Django 4.2 that caused incorrect alignment of timezone warnings for DateField and TimeField in the admin (#34645).
Fixed a regression in Django 4.2 that caused incorrect highlighting of rows in the admin changelist view when ModelAdmin.list_editable contained a BooleanField (#34638).

« previous | up | next »

Django 4.2.8 documentation

Django 4.2.3 release notes¶

CVE-2023-36053: Potential regular expression denial of service vulnerability in `EmailValidator`/`URLValidator`¶

Bugfixes¶

Table of Contents

Previous topic

Next topic

This Page

Last update:

Django 4.2.8 documentation

Django 4.2.3 release notes¶

CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator¶

Bugfixes¶

Last update:

CVE-2023-36053: Potential regular expression denial of service vulnerability in `EmailValidator`/`URLValidator`¶