Changes between Version 12 and Version 13 of SecurityTeam
- Timestamp:
- Nov 21, 2025, 6:26:48 AM (2 weeks ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SecurityTeam
v12 v13 114 114 Kind regards, the Django Security Team. 115 115 116 === Maximum password validator (lack of) == 116 === Maximum password validator (lack of) === 117 117 118 118 Thank you for your report. We reviewed the issue and do not consider it a security vulnerability. … … 141 141 [0] https://docs.djangoproject.com/en/stable/ref/settings/#data-upload-max-memory-size 142 142 143 === HTTP Content-Type Header parsing (parse_header_parameters) === 144 145 Thank you for your report. This problem has already been reported a few times in the past. The security team does not consider this to be a vulnerability, and work towards improving the handling of strings containing a large number of separators by `parse_header_parameters` has been happening in public[0]. We invite you to join this effort. 146 147 Kind regards, the Django Security Team. 148 149 [0] https://code.djangoproject.com/ticket/35440 150 143 151 === Unauthenticated cache purge === 144 152