📝 Update release notes

author Sebastián Ramírez <tiangolo@gmail.com>

Tue, 14 Feb 2023 09:17:08 +0000 (10:17 +0100)

committer Sebastián Ramírez <tiangolo@gmail.com>

Tue, 14 Feb 2023 09:17:08 +0000 (10:17 +0100)
author Sebastián Ramírez <tiangolo@gmail.com>
Tue, 14 Feb 2023 09:17:08 +0000 (10:17 +0100)
committer Sebastián Ramírez <tiangolo@gmail.com>
Tue, 14 Feb 2023 09:17:08 +0000 (10:17 +0100)
diff --git a/docs/en/docs/release-notes.md b/docs/en/docs/release-notes.md

index c1ba01e8b2c871a78ca374f3aab8e94c68d2309a..a46d44f823249b41ec653a8e10ffed048726cff2 100644 (file)
--- a/docs/en/docs/release-notes.md
+++ b/docs/en/docs/release-notes.md
@@ -2,7 +2,14 @@
  
  ## Latest Changes
  
+🚨 This is a security fix. Please upgrade as soon as possible.
+
+### Upgrades
+
  * ⬆️ Upgrade Starlette to 0.25.0. PR [#5996](https://github.com/tiangolo/fastapi/pull/5996) by [@tiangolo](https://github.com/tiangolo).
+    * This solves a vulnerability that could allow denial of service attacks by using many small multipart fields/files (parts), consuming high CPU and memory.
+    * Only applications using forms (e.g. file uploads) could be affected.
+    * For most cases, upgrading won't have any breaking changes.
  
  ## 0.91.0
author	Sebastián Ramírez <tiangolo@gmail.com>
	Tue, 14 Feb 2023 09:17:08 +0000 (10:17 +0100)
committer	Sebastián Ramírez <tiangolo@gmail.com>
	Tue, 14 Feb 2023 09:17:08 +0000 (10:17 +0100)