diff --git a/CVE-2024-45230.patch b/CVE-2024-45230.patch
new file mode 100644
index 0000000000000000000000000000000000000000..e0d4281eb32c31978dc4868e8a3f3c08b1673cac
--- /dev/null
+++ b/CVE-2024-45230.patch
@@ -0,0 +1,135 @@
+From d147a8ebbdf28c17cafbbe2884f0bc57e2bf82e2 Mon Sep 17 00:00:00 2001
+From: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
+Date: Mon, 12 Aug 2024 15:17:57 +0200
+Subject: [PATCH] [4.2.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in
+ urlize and urlizetrunc template filters.
+
+Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
+---
+ django/utils/html.py | 17 ++++++++------
+ docs/ref/templates/builtins.txt | 11 ++++++++++
+ docs/releases/4.2.16.txt | 14 ++++++++++++
+ .../filter_tests/test_urlize.py | 22 +++++++++++++++++++
+ tests/utils_tests/test_html.py | 1 +
+ 5 files changed, 58 insertions(+), 7 deletions(-)
+ create mode 100644 docs/releases/4.2.16.txt
+
+diff --git a/django/utils/html.py b/django/utils/html.py
+index 23575d3..df38c20 100644
+--- a/django/utils/html.py
++++ b/django/utils/html.py
+@@ -395,14 +395,17 @@ class Urlizer:
+ potential_entity = middle[amp:]
+ escaped = html.unescape(potential_entity)
+ if escaped == potential_entity or escaped.endswith(";"):
+- rstripped = middle.rstrip(";")
+- amount_stripped = len(middle) - len(rstripped)
+- if amp > -1 and amount_stripped > 1:
+- # Leave a trailing semicolon as might be an entity.
+- trail = middle[len(rstripped) + 1 :] + trail
+- middle = rstripped + ";"
++ rstripped = middle.rstrip(self.trailing_punctuation_chars)
++ trail_start = len(rstripped)
++ amount_trailing_semicolons = len(middle) - len(middle.rstrip(";"))
++ if amp > -1 and amount_trailing_semicolons > 1:
++ # Leave up to most recent semicolon as might be an entity.
++ recent_semicolon = middle[trail_start:].index(";")
++ middle_semicolon_index = recent_semicolon + trail_start + 1
++ trail = middle[middle_semicolon_index:] + trail
++ middle = rstripped + middle[trail_start:middle_semicolon_index]
+ else:
+- trail = middle[len(rstripped) :] + trail
++ trail = middle[trail_start:] + trail
+ middle = rstripped
+ trimmed_something = True
+
+diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
+index 39aa398..dda5b42 100644
+--- a/docs/ref/templates/builtins.txt
++++ b/docs/ref/templates/builtins.txt
+@@ -2831,6 +2831,17 @@ Django's built-in :tfilter:`escape` filter. The default value for
+ email addresses that contain single quotes (``'``), things won't work as
+ expected. Apply this filter only to plain text.
+
++.. warning::
++
++ Using ``urlize`` or ``urlizetrunc`` can incur a performance penalty, which
++ can become severe when applied to user controlled values such as content
++ stored in a :class:`~django.db.models.TextField`. You can use
++ :tfilter:`truncatechars` to add a limit to such inputs:
++
++ .. code-block:: html+django
++
++ {{ value|truncatechars:500|urlize }}
++
+ .. templatefilter:: urlizetrunc
+
+ ``urlizetrunc``
+diff --git a/docs/releases/4.2.16.txt b/docs/releases/4.2.16.txt
+new file mode 100644
+index 0000000..b624d5c
+--- /dev/null
++++ b/docs/releases/4.2.16.txt
+@@ -0,0 +1,14 @@
++===========================
++Django 4.2.16 release notes
++===========================
++*September 3, 2024*
++Django 4.2.16 fixes one security issue with severity "moderate" and one
++security issue with severity "low" in 4.2.15.
++
++...
++CVE-2024-45230: Potential denial-of-service vulnerability in ``django.utils.html.urlize()``
++===========================================================================================
++
++:tfilter:`urlize` and :tfilter:`urlizetrunc` were subject to a potential
++denial-of-service attack via very large inputs with a specific sequence of
++characters.
+diff --git a/tests/template_tests/filter_tests/test_urlize.py b/tests/template_tests/filter_tests/test_urlize.py
+index abc227b..e542802 100644
+--- a/tests/template_tests/filter_tests/test_urlize.py
++++ b/tests/template_tests/filter_tests/test_urlize.py
+@@ -305,6 +305,28 @@ class FunctionTests(SimpleTestCase):
+ "http://testing.com/example.,:;)"!",
+ )
+
++ def test_trailing_semicolon(self):
++ self.assertEqual(
++ urlize("http://example.com?x=&", autoescape=False),
++ ''
++ "http://example.com?x=&",
++ )
++ self.assertEqual(
++ urlize("http://example.com?x=&;", autoescape=False),
++ ''
++ "http://example.com?x=&;",
++ )
++ self.assertEqual(
++ urlize("http://example.com?x=&;;", autoescape=False),
++ ''
++ "http://example.com?x=&;;",
++ )
++ self.assertEqual(
++ urlize("http://example.com?x=&.;...;", autoescape=False),
++ ''
++ "http://example.com?x=&.;...;",
++ )
++
+ def test_brackets(self):
+ """
+ #19070 - Check urlize handles brackets properly
+diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py
+index 83ebe43..7ff5020 100644
+--- a/tests/utils_tests/test_html.py
++++ b/tests/utils_tests/test_html.py
+@@ -364,6 +364,7 @@ class TestUtilsHtml(SimpleTestCase):
+ "&:" + ";" * 100_000,
+ "&.;" * 100_000,
+ ".;" * 100_000,
++ "&" + ";:" * 100_000,
+ )
+ for value in tests:
+ with self.subTest(value=value):
+--
+2.43.0
+
diff --git a/CVE-2024-45231.patch b/CVE-2024-45231.patch
new file mode 100644
index 0000000000000000000000000000000000000000..4066f622e7d7e1a15b8c0192498604ea3eb5fdf6
--- /dev/null
+++ b/CVE-2024-45231.patch
@@ -0,0 +1,159 @@
+From bf4888d317ba4506d091eeac6e8b4f1fcc731199 Mon Sep 17 00:00:00 2001
+From: Natalia <124304+nessita@users.noreply.github.com>
+Date: Mon, 19 Aug 2024 14:47:38 -0300
+Subject: [PATCH] [4.2.x] Fixed CVE-2024-45231 -- Avoided server error on
+ password reset when email sending fails.
+
+On successful submission of a password reset request, an email is sent
+to the accounts known to the system. If sending this email fails (due to
+email backend misconfiguration, service provider outage, network issues,
+etc.), an attacker might exploit this by detecting which password reset
+requests succeed and which ones generate a 500 error response.
+
+Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam
+Johnson, and Sarah Boyce for the reviews.
+---
+ django/contrib/auth/forms.py | 9 ++++++++-
+ docs/ref/logging.txt | 12 ++++++++++++
+ docs/releases/4.2.16.txt | 11 +++++++++++
+ docs/topics/auth/default.txt | 4 +++-
+ tests/auth_tests/test_forms.py | 21 +++++++++++++++++++++
+ tests/mail/custombackend.py | 5 +++++
+ 6 files changed, 60 insertions(+), 2 deletions(-)
+
+diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
+index 061dc81b42..7f85787f03 100644
+--- a/django/contrib/auth/forms.py
++++ b/django/contrib/auth/forms.py
+@@ -1,3 +1,4 @@
++import logging
+ import unicodedata
+
+ from django import forms
+@@ -16,6 +17,7 @@ from django.utils.translation import gettext
+ from django.utils.translation import gettext_lazy as _
+
+ UserModel = get_user_model()
++logger = logging.getLogger("django.contrib.auth")
+
+
+ def _unicode_ci_compare(s1, s2):
+@@ -314,7 +316,12 @@ class PasswordResetForm(forms.Form):
+ html_email = loader.render_to_string(html_email_template_name, context)
+ email_message.attach_alternative(html_email, "text/html")
+
+- email_message.send()
++ try:
++ email_message.send()
++ except Exception:
++ logger.exception(
++ "Failed to send password reset email to %s", context["user"].pk
++ )
+
+ def get_users(self, email):
+ """Given an email, return matching user(s) who should receive a reset.
+diff --git a/docs/ref/logging.txt b/docs/ref/logging.txt
+index b11fb752f7..3d33e0af63 100644
+--- a/docs/ref/logging.txt
++++ b/docs/ref/logging.txt
+@@ -204,6 +204,18 @@ all database queries.
+ Support for logging transaction management queries (``BEGIN``, ``COMMIT``,
+ and ``ROLLBACK``) was added.
+
++.. _django-contrib-auth-logger:
++
++``django.contrib.auth``
++~~~~~~~~~~~~~~~~~~~~~~~
++
++.. versionadded:: 4.2.16
++
++Log messages related to :doc:`contrib/auth`, particularly ``ERROR`` messages
++are generated when a :class:`~django.contrib.auth.forms.PasswordResetForm` is
++successfully submitted but the password reset email cannot be delivered due to
++a mail sending exception.
++
+ .. _django-security-logger:
+
+ ``django.security.*``
+diff --git a/docs/releases/4.2.16.txt b/docs/releases/4.2.16.txt
+index 2a84186867..963036345c 100644
+--- a/docs/releases/4.2.16.txt
++++ b/docs/releases/4.2.16.txt
+@@ -13,3 +13,14 @@ CVE-2024-45230: Potential denial-of-service vulnerability in ``django.utils.html
+ :tfilter:`urlize` and :tfilter:`urlizetrunc` were subject to a potential
+ denial-of-service attack via very large inputs with a specific sequence of
+ characters.
++
++CVE-2024-45231: Potential user email enumeration via response status on password reset
++======================================================================================
++
++Due to unhandled email sending failures, the
++:class:`~django.contrib.auth.forms.PasswordResetForm` class allowed remote
++attackers to enumerate user emails by issuing password reset requests and
++observing the outcomes.
++
++To mitigate this risk, exceptions occurring during password reset email sending
++are now handled and logged using the :ref:`django-contrib-auth-logger` logger.
+diff --git a/docs/topics/auth/default.txt b/docs/topics/auth/default.txt
+index 528902416d..ad840c5e57 100644
+--- a/docs/topics/auth/default.txt
++++ b/docs/topics/auth/default.txt
+@@ -1661,7 +1661,9 @@ provides several built-in forms located in :mod:`django.contrib.auth.forms`:
+ .. method:: send_mail(subject_template_name, email_template_name, context, from_email, to_email, html_email_template_name=None)
+
+ Uses the arguments to send an ``EmailMultiAlternatives``.
+- Can be overridden to customize how the email is sent to the user.
++ Can be overridden to customize how the email is sent to the user. If
++ you choose to override this method, be mindful of handling potential
++ exceptions raised due to email sending failures.
+
+ :param subject_template_name: the template for the subject.
+ :param email_template_name: the template for the email body.
+diff --git a/tests/auth_tests/test_forms.py b/tests/auth_tests/test_forms.py
+index 81c56a428e..f068d347a9 100644
+--- a/tests/auth_tests/test_forms.py
++++ b/tests/auth_tests/test_forms.py
+@@ -1245,6 +1245,27 @@ class PasswordResetFormTest(TestDataMixin, TestCase):
+ )
+ )
+
++ @override_settings(EMAIL_BACKEND="mail.custombackend.FailingEmailBackend")
++ def test_save_send_email_exceptions_are_catched_and_logged(self):
++ (user, username, email) = self.create_dummy_user()
++ form = PasswordResetForm({"email": email})
++ self.assertTrue(form.is_valid())
++
++ with self.assertLogs("django.contrib.auth", level=0) as cm:
++ form.save()
++
++ self.assertEqual(len(mail.outbox), 0)
++ self.assertEqual(len(cm.output), 1)
++ errors = cm.output[0].split("\n")
++ pk = user.pk
++ self.assertEqual(
++ errors[0],
++ f"ERROR:django.contrib.auth:Failed to send password reset email to {pk}",
++ )
++ self.assertEqual(
++ errors[-1], "ValueError: FailingEmailBackend is doomed to fail."
++ )
++
+ @override_settings(AUTH_USER_MODEL="auth_tests.CustomEmailField")
+ def test_custom_email_field(self):
+ email = "test@mail.com"
+diff --git a/tests/mail/custombackend.py b/tests/mail/custombackend.py
+index 14e7f077ba..c6c567b642 100644
+--- a/tests/mail/custombackend.py
++++ b/tests/mail/custombackend.py
+@@ -12,3 +12,8 @@ class EmailBackend(BaseEmailBackend):
+ # Messages are stored in an instance variable for testing.
+ self.test_outbox.extend(email_messages)
+ return len(email_messages)
++
++
++class FailingEmailBackend(BaseEmailBackend):
++ def send_messages(self, email_messages):
++ raise ValueError("FailingEmailBackend is doomed to fail.")
+--
+2.20.1
+
diff --git a/python-django.spec b/python-django.spec
index ac31c22ebd5ede1bdfe9bf33ac003ebef19403a6..8781761fb739a520b19599d22c0137d7d1184025 100644
--- a/python-django.spec
+++ b/python-django.spec
@@ -1,11 +1,13 @@
%global _empty_manifest_terminate_build 0
Name: python-django
Version: 4.2.15
-Release: 1
+Release: 2
Summary: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
License: Apache-2.0 and Python-2.0 and BSD-3-Clause
URL: https://www.djangoproject.com/
Source0: https://files.pythonhosted.org/packages/source/d/Django/Django-%{version}.tar.gz
+Patch0: CVE-2024-45230.patch
+Patch1: CVE-2024-45231.patch
BuildArch: noarch
%description
@@ -72,6 +74,9 @@ mv %{buildroot}/doclist.lst .
%{_docdir}/*
%changelog
+* Thu Oct 10 2024 zhangxianting - 4.2.15-2
+- Fix CVE-2024-45230 CVE-2024-45231
+
* Thu Aug 08 2024 yaoxin - 4.2.15-1
- Update to 4.2.15
* CVE-2024-41989: Memory exhaustion in ``django.utils.numberformat.floatformat()``