You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* ReDos: Apply `re.escape` to unsafe variable `keyword` before passing to `re.compile`
* Replace ReDos-vulnerable regex with the one from upstream Python-Markdown
* ReDos backtracking fix for macro plugin
* Add release note for GHSA-wj85-w4f4-xh8h
* Bump release date
* Bump version
Copy file name to clipboardExpand all lines: docs/release_notes.rst
+11
Original file line number
Diff line number
Diff line change
@@ -68,6 +68,17 @@ Removed
68
68
* Removes support for Python 3.7, 3.8, 3.9
69
69
70
70
71
+
0.10.1
72
+
------
73
+
74
+
Released on 2024-03-16
75
+
76
+
Security
77
+
~~~~~~~~
78
+
79
+
* Fixes reDOS issues: Denial of Service possible through unsafe regular expressions `GHSA-wj85-w4f4-xh8h <https://github.com/django-wiki/django-wiki/security/advisories/GHSA-wj85-w4f4-xh8h>`__ (Santos Gallegos, Benjamin Balder Bach)
0 commit comments