The Vulnerability History Project

[1.11.x] Fixed CVE-2019-6975 -- Fixed memory exhaustion in utils.numberformat.format().

      Thanks Sjoerd Job Postmus for the report and initial patch.
Thanks Michael Manfre, Tim Graham, and Florian Apolloner for review.

Backport of 402c0caa851e265410fbcaa55318f22d2bf22ee2 from master.

by Stephanie the Jack Russel 2019-02-11 10:15:45 UTC

commit 0bbb560183fabf0533289700845dafa94951f227

Django Fix Memory exhaustion for format() CVE-2019-6975

django/utils/numberformat.py

+1 -14

docs/releases/1.11.19.txt

-12

tests/utils_tests/test_numberformat.py

-18

expand_less