innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
31,138 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

6 Commits

Author SHA1 Message Date
Mariusz Felisiak 6723a26e59 Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL. 2022-04-11 08:59:58 +02:00
Mariusz Felisiak 93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases. 
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
 2022-04-11 08:59:33 +02:00
Manel Clos 62739b6e26 Fixed #33628 -- Ignored directories with empty names in autoreloader check for template changes. 
Regression in 68357b2ca9.
 2022-04-11 07:37:30 +02:00
Mariusz Felisiak 78277faafd Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28. 2022-04-04 10:31:57 +02:00
Mariusz Felisiak fac662f479
Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_relation argument from Query methods." 
Thanks lind-marcus for the report.

This reverts commit 0c71e0f9cf.

Regression in 0c71e0f9cf.
 2022-03-30 07:31:56 +02:00
Carlton Gibson 9652a118ce Added stub release notes for Django 4.0.4. 2022-03-01 09:58:35 +01:00