1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00
Commit Graph

6 Commits

Author SHA1 Message Date
Simon Charette
8f8dc5a1fc Fixed CVE-2024-53908 -- Prevented SQL injections in direct HasKeyLookup usage on Oracle.
Thanks Seokchan Yoon for the report, and Mariusz Felisiak and Sarah
Boyce for the reviews.
2024-12-04 13:43:13 +01:00
Sarah Boyce
49ff1042aa Fixed CVE-2024-53907 -- Mitigated potential DoS in strip_tags().
Thanks to jiangniao for the report, and Shai Berger and Natalia Bidart
for the reviews.
2024-12-04 13:43:13 +01:00
Adam Johnson
2f6b096b83 Fixed #35950 -- Restored refreshing of relations when fields deferred.
Thank you to Simon Charette and Sarah Boyce for the review.

Regression in 73df8b54a2.
2024-12-02 16:01:37 +01:00
Sarah Boyce
2544c15854 Added stub release notes and release date for 5.1.4, 5.0.10, and 4.2.17. 2024-11-27 15:41:18 +01:00
Tommy Allen
c635decb00
Fixed #35942 -- Fixed createsuperuser crash on Python 3.13+ when username is unavailable.
Thanks Mariusz Felisiak and Jacob Tyler Walls for reviews.
2024-11-26 17:15:00 -03:00
Mariusz Felisiak
5bd5805811 Added stub release notes for 5.1.4. 2024-11-05 06:30:53 +01:00