Django - 4.2.6
Security
Django 4.2.6 release notes
October 4, 2023
Django 4.2.6 fixes a security issue with severity “moderate” and several bugs
in 4.2.5.
Bugfixes
- Fixed a regression in Django 4.2.5 where overriding the deprecated
DEFAULT\_FILE\_STORAGE
andSTATICFILES\_STORAGE
settings in tests caused
the mainSTORAGES
to mutate (#34821). - Fixed a regression in Django 4.2 that caused unnecessary casting of string
based fields (CharField
,EmailField
,TextField
,CICharField
,
CIEmailField
, andCITextField
) used with the\_\_isnull
lookup on
PostgreSQL. As a consequence, the pre-Django 4.2 indexes didn’t match and
were not used by the query planner (#34840).
You may need to recreate indexes propagated to the database with Django
4.2 - 4.2.5 as they contain unnecessary ::text
casting that is avoided as
of this release.
Security
Security wording was detected, but no CVEs were found.
Details
date
Oct. 4, 2023, 12:57 p.m.
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Django releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!