| Age | Commit message (Collapse) | Author |
|
SQL injection.
Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
|
|
models.
|
|
|
|
It's a regression in GEOS 3.8.0 fixed in GEOS 3.8.1.
|
|
Refs Python CVE-2022-0391. Django is not affected, but others who
incorrectly use internal function url_has_allowed_host_and_scheme()
with unsanitized input could be at risk.
|
|
|
|
|
|
multipartparser.parse_header().
|
|
django.utils.html.json_script().
|
|
|
|
boundary streams.
This also removes unused parse_header() and _parse_header_params()
helpers in django.http.multipartparser.
|
|
Reraising ValueError was unused since its introduction in
d725cc9734272f867d41f7236235c28b3931a1b2.
|
|
|
|
|
|
for selecting values when allow_multiple_selected is False.
|
|
|
|
|
|
used in subquery on Oracle.
|
|
|
|
on PostgreSQL and MySQL.
Thanks Shai Berger for the report.
Regression in 30a01441347d5a2146af2944b29778fa0834d4be.
|
|
|
|
|
|
installed apps and template tag libraries.
Thanks Claude Paroz for the report.
Regression in 004b4620f6f4ad87261e149898940f2dcd5757ef.
|
|
QuerySeta.abulk_create().
|
|
|
|
|
|
Regression in 64c3f049ea3bcb1c82f35ae09f1dd5349a826a5c.
|
|
Django 4.0.
Thanks Paul in 't Hout for the report.
Regression in 1f643c28b5f2b039c47155692844dbae1cb091cd.
|
|
|
|
|
|
Thank you Daniel Samuels for test project.
|
|
Replacements were added in fa0653cd1d791a8bce835e8992cbeab6fd70d0e7
where we created a callback function by concatenating strings. It's
unnecessary since d638cdc42acec608c1967f44af6be32a477c239f.
|
|
TrigramStrictWordDistance() on PostgreSQL.
|
|
|
|
inline m2m annotation.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
queryset with aggregation.
|
|
|
|
|
|
DEFAULT_INDEX_TABLESPACE.
Thanks to Simon Charette for locating where issue lay.
|
|
|
|
|
|
|
|
django.utils.http.parse_header_parameters() for parsing Content-Type header.
|
|
Added in e9bbdb39de3047761fa8d03d5241eccd571093ff.
Obsolete since e9103402c0fa873aea58a6a11dba510cd308cb84.
|