Candidate: CVE-2009-3695
PublicDate: 2009-10-13 10:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695
Description:
 Algorithmic complexity vulnerability in the forms library in Django 1.0
 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial
 of service (CPU consumption) via a crafted (1) EmailField (email address)
 or (2) URLField (URL) that triggers a large amount of backtracking in a
 regular expression.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550457
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_python-django:
upstream_python-django: needs-triage
dapper_python-django: DNE
hardy_python-django: ignored (reached end-of-life)
intrepid_python-django: needed (reached end-of-life)
jaunty_python-django: released (1.0.2-1ubuntu0.2)
karmic_python-django: not-affected (1.1.1-1ubuntu1)
lucid_python-django: not-affected (1.1.1-1ubuntu1)
maverick_python-django: not-affected (1.1.1-1ubuntu1)
natty_python-django: not-affected (1.1.1-1ubuntu1)
oneiric_python-django: not-affected (1.1.1-1ubuntu1)
devel_python-django: not-affected (1.1.1-1ubuntu1)