diff options
| author | Natalia <124304+nessita@users.noreply.github.com> | 2025-11-26 17:22:53 -0300 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2025-11-26 20:04:08 -0300 |
| commit | 0e85bdbde1c1fdbd3a92cdb6d31fab788811da63 (patch) | |
| tree | 0eed7a195fa44b57128b92a73c2bfae7df8a4eea | |
| parent | e6973490373dca340e36f2db3eae1eb26a6a2d80 (diff) | |
[4.2.x] Refs #36743 -- Added missing release notes for 5.1.15 and 4.2.27.
The fix landed in a8cf8c292cfee98fe6cc873ca5221935f1d02271 will be
backported to 5.1 and 4.2 since the 2048 limit was rolled out as part of
the security release for CVE-2025-64458.
Backport of 18b13cf6c48ff0a20b2a74d3b90d1fc1602608e4 from main.
| -rw-r--r-- | docs/releases/4.2.27.txt | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/docs/releases/4.2.27.txt b/docs/releases/4.2.27.txt index e4a61d9568..7ffa5fa458 100644 --- a/docs/releases/4.2.27.txt +++ b/docs/releases/4.2.27.txt @@ -10,4 +10,7 @@ with severity "moderate", and one bug in 4.2.26. Bugfixes ======== -* ... +* Fixed a regression in Django 4.2.26 where ``DisallowedRedirect`` was raised + by :class:`~django.http.HttpResponseRedirect` and + :class:`~django.http.HttpResponsePermanentRedirect` for URLs longer than 2048 + characters. The limit is now 16384 characters (:ticket:`36743`). |