Django - 4.1.2
Security
Django 4.1.2 release notes
October 4, 2022
Django 4.1.2 fixes a security issue with severity “medium” and several bugs in
4.1.1.
CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs
Internationalized URLs were subject to potential denial of service attack via
the locale parameter.
Bugfixes
- Fixed a regression in Django 4.1 that caused a migration crash on PostgreSQL
when adding a model withExclusionConstraint
(#33982). - Fixed a regression in Django 4.1 that caused aggregation over a queryset that
contained anExists
annotation to crash due to too many selected columns
(#33992). - Fixed a bug in Django 4.1 that caused an incorrect validation of
CheckConstraint
onNULL
values (#33996). - Fixed a regression in Django 4.1 that caused a
QuerySet.values()/values\_list()
crash onArrayAgg()
and
JSONBAgg()
(#34016). - Fixed a bug in Django 4.1 that caused
ModelAdmin.autocomplete\_fields
to be incorrectly selected after adding/changing related instances via popups
(#34025). - Fixed a regression in Django 4.1 where the app registry was not populated
when running parallel tests with themultiprocessing
start method
spawn
(#34010). - Fixed a regression in Django 4.1 where the
--debug-mode
argument to
test
did not work when running parallel tests with the
multiprocessing
start methodspawn
(#34010). - Fixed a regression in Django 4.1 that didn’t alter a sequence type when
altering type of pre-Django 4.1 serial columns on PostgreSQL
(#34058). - Fixed a regression in Django 4.1 that caused a crash for
View
subclasses with asynchronous handlers when handling non-allowed HTTP methods
(#34062). - Reverted caching related managers for
ForeignKey
,ManyToManyField
,
andGenericRelation
that caused the incorrect refreshing of related
objects (#33984). - Relaxed the system check added in Django 4.1 for the same name used for
multiple template tag modules to a warning (#32987).
Security
Details
date
Oct. 4, 2022, 7:42 a.m.
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Django releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!