@@ -61,16 +61,16 @@ diff --git a/django/forms/fields.py b/django/forms/fields.py
index a977256..f939338 100644
--- a/django/forms/fields.py
+++ b/django/forms/fields.py
-@@ -542,6 +542,9 @@ class FileField(Field):
- def __init__(self, *, max_length=None, allow_empty_file=False, **kwargs):
- self.max_length = max_length
- self.allow_empty_file = allow_empty_file
+@@ -523,6 +523,9 @@ class EmailField(CharField):
+ default_validators = [validators.validate_email]
+
+ def __init__(self, **kwargs):
+ # The default maximum length of an email is 320 characters per RFC 3696
+ # section 3.
+ kwargs.setdefault("max_length", 320)
- super().__init__(**kwargs)
+ super().__init__(strip=True, **kwargs)
+
- def to_python(self, data):
diff --git a/docs/ref/forms/fields.txt b/docs/ref/forms/fields.txt
index 6f76d0d..3a888ef 100644
--- a/docs/ref/forms/fields.txt
This change is for python3-django_2.2.28. The patch was accidentally backported incorrectly. The patch in general introduces a field-length restrictrion on the email input fields, however the patch was backported in a way that the restriction was applied on file input fields instead of email fields. This change amends the patch in a way to restrict the email field. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../python/python3-django/CVE-2023-36053.patch | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)