• dev
  • Version de la documentation : 5.0

Django 3.2.25 release notes

March 4, 2024

Django 3.2.25 fixes a security issue with severity « moderate » and a regression in 3.2.24.

CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a suitably crafted string (follow up to CVE-2019-14232 and CVE-2023-43665).

Correction de bogues

  • Fixed a regression in Django 3.2.24 where intcomma template filter could return a leading comma for string representation of floats (#35172).
Notes de publication de Django 4.0
Django 3.2.24 release notes
Back to Top