Blog Info | The Django weblog |
---|---|
Blog website | Link |
Feb. 14, 2023 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 4.1.7, Django 4.0.10, and Django 3.2.18. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Passing certain inputs to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. The number o…
Read MoreDec. 6, 2022 » The Django weblog » [Archived Version]
Today we've issued the 4.1.4 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Carlton Gibson: E17DF5C82B4F9D00.
Read More