1
0
mirror of https://github.com/django/django.git synced 2024-12-30 21:16:26 +00:00
Commit Graph

7 Commits

Author SHA1 Message Date
Mariusz Felisiak
9c51b4dcfa [4.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri().
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.

Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-09-04 12:05:35 +02:00
willzhao
acfb427522 [4.2.x] Fixed #34803 -- Fixed queryset crash when filtering againts deeply nested OuterRef annotations.
Thanks Pierre-Nicolas Rigal for the report.

Regression in c67ea79aa9.

Backport of 9cc0d7f7f8 from main
2023-09-01 11:25:00 +02:00
Mariusz Felisiak
55a0b9c32e [4.2.x] Added stub release notes and release date for 4.2.5, 4.1.11, and 3.2.21.
Backport of 24f1a38b37 from main
2023-08-28 06:14:50 +02:00
Juan Alvarez
46b2b08e45 [4.2.x] Fixed #34779 -- Avoided unnecessary selection of non-nullable m2m fields without natural keys during serialization.
By using `select_related(None)` instead of `select_related()`, the
unnecessary joins are completely avoided. Note that the current tests
already covers the change, when the field is not `null=True`.

Regression in f9936deed1.

Backport of 517d3bb4dd from main
2023-08-19 11:23:59 +02:00
Mariusz Felisiak
d34db6602e [4.2.x] Fixed #34773 -- Fixed syncing DEFAULT_FILE_STORAGE/STATICFILES_STORAGE settings with STORAGES.
Thanks Petr Dlouhý for the report.

Bug in 32940d390a.
Backport of 6b965c6000 from main
2023-08-18 18:12:30 +02:00
Simon Charette
3a1863319c [4.2.x] Fixed #34754 -- Fixed JSONField check constraints validation on NULL values.
The __isnull lookup of JSONField must special case
Value(None, JSONField()) left-hand-side in order to be coherent with
its convoluted null handling.

Since psycopg>=3 offers no way to pass a NULL::jsonb the issue is
resolved by optimizing IsNull(Value(None), True | False) to
True | False.

Regression in 5c23d9f0c3.

Thanks Alexandre Collet for the report.

Backport of 3434dbd39d from main
2023-08-04 10:58:53 +02:00
Natalia
a750fd0d7f [4.2.x] Added stub release notes for 4.2.5.
Backport of 24068058a6 from main
2023-08-01 14:56:34 -03:00