The Vulnerability History Project

[2.1.x] Fixed CVE-2019-6975 -- Fixed memory exhaustion in utils.numberformat.format().

      Thanks Sjoerd Job Postmus for the report and initial patch.
Thanks Michael Manfre, Tim Graham, and Florian Apolloner for review.

Backport of 402c0caa851e265410fbcaa55318f22d2bf22ee2 from master

by Stephanie the Jack Russel 2019-02-11 10:08:45 UTC

commit 40cd19055773705301c3428ed5e08a036d2091f3

Django Fix Memory exhaustion for format() CVE-2019-6975

django/utils/numberformat.py

+1 -14

docs/releases/1.11.19.txt

-12

docs/releases/2.0.11.txt

-12

docs/releases/2.1.6.txt

-12

tests/utils_tests/test_numberformat.py

-19

expand_less