mirror of
https://github.com/django/django.git
synced 2024-12-29 12:36:08 +00:00
e5ea284294
Thanks to Benjamin Balder Bach for the report.
59 lines
2.2 KiB
Plaintext
59 lines
2.2 KiB
Plaintext
==========================
|
|
Django 4.1.2 release notes
|
|
==========================
|
|
|
|
*October 4, 2022*
|
|
|
|
Django 4.1.2 fixes a security issue with severity "medium" and several bugs in
|
|
4.1.1.
|
|
|
|
CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs
|
|
===================================================================================
|
|
|
|
Internationalized URLs were subject to potential denial of service attack via
|
|
the locale parameter.
|
|
|
|
Bugfixes
|
|
========
|
|
|
|
* Fixed a regression in Django 4.1 that caused a migration crash on PostgreSQL
|
|
when adding a model with ``ExclusionConstraint`` (:ticket:`33982`).
|
|
|
|
* Fixed a regression in Django 4.1 that caused aggregation over a queryset that
|
|
contained an ``Exists`` annotation to crash due to too many selected columns
|
|
(:ticket:`33992`).
|
|
|
|
* Fixed a bug in Django 4.1 that caused an incorrect validation of
|
|
``CheckConstraint`` on ``NULL`` values (:ticket:`33996`).
|
|
|
|
* Fixed a regression in Django 4.1 that caused a
|
|
``QuerySet.values()/values_list()`` crash on ``ArrayAgg()`` and
|
|
``JSONBAgg()`` (:ticket:`34016`).
|
|
|
|
* Fixed a bug in Django 4.1 that caused :attr:`.ModelAdmin.autocomplete_fields`
|
|
to be incorrectly selected after adding/changing related instances via popups
|
|
(:ticket:`34025`).
|
|
|
|
* Fixed a regression in Django 4.1 where the app registry was not populated
|
|
when running parallel tests with the ``multiprocessing`` start method
|
|
``spawn`` (:ticket:`34010`).
|
|
|
|
* Fixed a regression in Django 4.1 where the ``--debug-mode`` argument to
|
|
``test`` did not work when running parallel tests with the
|
|
``multiprocessing`` start method ``spawn`` (:ticket:`34010`).
|
|
|
|
* Fixed a regression in Django 4.1 that didn't alter a sequence type when
|
|
altering type of pre-Django 4.1 serial columns on PostgreSQL
|
|
(:ticket:`34058`).
|
|
|
|
* Fixed a regression in Django 4.1 that caused a crash for :class:`View`
|
|
subclasses with asynchronous handlers when handling non-allowed HTTP methods
|
|
(:ticket:`34062`).
|
|
|
|
* Reverted caching related managers for ``ForeignKey``, ``ManyToManyField``,
|
|
and ``GenericRelation`` that caused the incorrect refreshing of related
|
|
objects (:ticket:`33984`).
|
|
|
|
* Relaxed the system check added in Django 4.1 for the same name used for
|
|
multiple template tag modules to a warning (:ticket:`32987`).
|