An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
This PR contains the following updates:
==4.2.5->==4.2.7GitHub Vulnerability Alerts
CVE-2023-46695
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
Release Notes
django/django (django)
### [`v4.2.7`](https://togithub.com/django/django/compare/4.2.6...4.2.7) [Compare Source](https://togithub.com/django/django/compare/4.2.6...4.2.7) ### [`v4.2.6`](https://togithub.com/django/django/compare/4.2.5...4.2.6) [Compare Source](https://togithub.com/django/django/compare/4.2.5...4.2.6)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.