Fedora 10 Security Update: Django-1.1.1-1.fc10

26
Article Source Fedora 10 Security Updates
October 13, 2009, 5:46 pm

Resolved Bugs
528246 – Django’s forms DOS in 1.1/1.0
Django’s forms library included field types which perform regular-expression-based validation of email addresses and URLs. Certain addresses/URLs could trigger a pathological performance case in this regular expression, resulting in the server process/thread becoming unresponsive, and consuming excessive CPU over an extended period of time. If deliberately triggered, this could result in an effective denial-of-service attack…

Read More