django.git/django/db/models/functions/datetime.py, branch 4.1 django http://cgit.adnoto.dev/django.git/atom?h=4.1 2022-07-06T07:10:41Z [4.1.x] Refs CVE-2022-34265 -- Properly escaped Extract() and Trunc() parameters. 2022-07-06T07:10:41Z Simon Charette charette.s@gmail.com 2022-06-20T03:46:22Z urn:sha1:585ed2f6d7e02b64747770add0e2d3749980d73c Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> Backport of 877c800f255ccaa7abde1fb944de45d1616f5cc9 from main [4.1.x] Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection. 2022-07-04T06:26:02Z Mariusz Felisiak felisiak.mariusz@gmail.com 2022-06-22T10:44:04Z urn:sha1:284b188a4194e8fa5d72a73b09a869d7dd9f0dc5 Thanks Takuto Yoshikai (Aeye Security Lab) for the report. Refs #33476 -- Reformatted code with Black. 2022-02-07T19:37:05Z django-bot ops@djangoproject.com 2022-02-03T19:24:19Z urn:sha1:9c19aff7c7561e3a82978a272ecdaad40dda5c00 Fixed #32365 -- Made zoneinfo the default timezone implementation. 2021-09-16T10:11:05Z Carlton Gibson carlton.gibson@noumenal.es 2021-09-09T13:15:44Z urn:sha1:306607d5b99b6eca6ae2c1e726d8eb32b9b2ca1b Thanks to Adam Johnson, Aymeric Augustin, David Smith, Mariusz Felisiak, Nick Pope, and Paul Ganssle for reviews. Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.db.models. 2021-07-15T09:43:33Z Daniyal abbasi.daniyal98@gmail.com 2021-03-24T05:45:08Z urn:sha1:f479df7f8d03ab767bb5e5d655243191087d6432 Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> Fixed #32750 -- Fixed crash of Extract() transform on OuterRef() expressions. 2021-05-17T15:51:39Z Artur Beltsov artur1998g@gmail.com 2021-05-16T10:25:35Z urn:sha1:3954bf50fb814e7362e69f1020a747e601cc73fe Thanks Simon Charette for the review. Removed trailing whitespaces in error messages. 2021-03-24T10:44:01Z Mariusz Felisiak felisiak.mariusz@gmail.com 2021-03-24T10:44:01Z urn:sha1:94463aa861208b11382c7904272d3529372d6b24 Fixed #31640 -- Made Trunc() truncate datetimes to Date/TimeField in a specific timezone. 2020-10-14T18:06:26Z David-Wobrock david.wobrock@gmail.com 2020-10-04T17:28:21Z urn:sha1:ee005328c8eec5c013c6bf9d6fbb2ae9d540df14 Refs #31640 -- Made Extract raise ValueError when using tzinfo with Date/TimeField. 2020-10-14T18:03:07Z David-Wobrock david.wobrock@gmail.com 2020-10-05T15:39:53Z urn:sha1:a0571c1003c5a312a6a2ce7409799d77f2d95025 Fixed #31948 -- Added tzinfo parameter to TruncDate() and TruncTime(). 2020-09-02T05:42:27Z Joe Jackson cpmhjoe@gmail.com 2020-08-29T18:40:54Z urn:sha1:9d5d865fd6e989abe60fdf02e7f97fd4d98178a4