The following flaw was found in Django: 'django.core.validators.URLValidator' included a regular expression that was extremely slow to evaluate against certain invalid inputs. This regular expression has been simplified and optimized. This flaw has been fixed in Django version 1.8.3. Acknowledgements: Red Hat would like to thank the upstream Django project for reporting this issue.
Created attachment 1049118 [details] urlvalidator-1.8.x.diff
Created attachment 1049119 [details] urlvalidator-master.diff
Created attachment 1049882 [details] urlvalidator-1.8.x.diff
Created attachment 1049883 [details] urlvalidator-master.diff
This is now public: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
python-django-1.8.3-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.