| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-04-11 | Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL ↵ | Mariusz Felisiak | |
| injection on PostgreSQL. | |||
| 2022-04-11 | Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and ↵ | Mariusz Felisiak | |
| extra() against SQL injection in column aliases. Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. | |||
| 2022-04-04 | Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28. | Mariusz Felisiak | |
