Today we've issued the 5.0.4 bugfix release.
The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E.
In accordance with our security release policy, the Django team is issuing Django 5.0.3, Django 4.2.11, and Django 3.2.25. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.
Django 5.0.2 fixes a security issue with severity “moderate” and several bugs in 5.0.1. Also, the latest string translations from Transifex are incorporated.
intcomma
template filter¶The intcomma
template filter was subject to a potential denial-of-service attack when used with very long strings.
In accordance with our security release policy, the Django team is issuing Django 5.0.2, Django 4.2.10, and Django 3.2.24. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.