mirror of
https://github.com/godotengine/buildroot.git
synced 2025-12-31 09:48:56 +03:00
cd8bf27f72
Fixes the following (Windows-only) security issue: CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField was subject to a potential denial of service attack via certain inputs with a very large number of Unicode characters. In order to avoid the vulnerability, invalid values longer than UsernameField.max_length are no longer normalized, since they cannot pass validation anyway. https://www.djangoproject.com/weblog/2023/nov/01/security-releases/ Signed-off-by: Peter Korsgaard <peter@korsgaard.com>