File: 4.1.2.txt

package info (click to toggle)
python-django 3%3A5.2.5-1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 61,236 kB
  • sloc: python: 361,585; javascript: 19,250; xml: 211; makefile: 182; sh: 28
file content (58 lines) | stat: -rw-r--r-- 2,302 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
==========================
Django 4.1.2 release notes
==========================

*October 4, 2022*

Django 4.1.2 fixes a security issue with severity "medium" and several bugs in
4.1.1.

CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs
===================================================================================

Internationalized URLs were subject to potential denial of service attack via
the locale parameter.

Bugfixes
========

* Fixed a regression in Django 4.1 that caused a migration crash on PostgreSQL
  when adding a model with ``ExclusionConstraint`` (:ticket:`33982`).

* Fixed a regression in Django 4.1 that caused aggregation over a queryset that
  contained an ``Exists`` annotation to crash due to too many selected columns
  (:ticket:`33992`).

* Fixed a bug in Django 4.1 that caused an incorrect validation of
  ``CheckConstraint`` on ``NULL`` values (:ticket:`33996`).

* Fixed a regression in Django 4.1 that caused a
  ``QuerySet.values()/values_list()`` crash on ``ArrayAgg()`` and
  ``JSONBAgg()`` (:ticket:`34016`).

* Fixed a bug in Django 4.1 that caused :attr:`.ModelAdmin.autocomplete_fields`
  to be incorrectly selected after adding/changing related instances via popups
  (:ticket:`34025`).

* Fixed a regression in Django 4.1 where the app registry was not populated
  when running parallel tests with the ``multiprocessing`` start method
  ``spawn`` (:ticket:`34010`).

* Fixed a regression in Django 4.1 where the ``--debug-mode`` argument to
  ``test`` did not work when running parallel tests with the
  ``multiprocessing`` start method ``spawn`` (:ticket:`34010`).

* Fixed a regression in Django 4.1 that didn't alter a sequence type when
  altering type of pre-Django 4.1 serial columns on PostgreSQL
  (:ticket:`34058`).

* Fixed a regression in Django 4.1 that caused a crash for :class:`View`
  subclasses with asynchronous handlers when handling non-allowed HTTP methods
  (:ticket:`34062`).

* Reverted caching related managers for ``ForeignKey``, ``ManyToManyField``,
  and ``GenericRelation`` that caused the incorrect refreshing of related
  objects (:ticket:`33984`).

* Relaxed the system check added in Django 4.1 for the same name used for
  multiple template tag modules to a warning (:ticket:`32987`).