mirrors/django
mirrors/django
0
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-11-25 07:59:34 +01:00
Code Issues Releases Wiki Activity
2a14b8df39
django/docs/releases/3.2.10.txt

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

21 lines
642 B
Plaintext
Raw Normal View History

Added stub release notes for Django 3.2.10.
2021-11-01 10:40:42 +01:00
===========================
Django 3.2.10 release notes
===========================
Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25.
2021-11-29 13:21:54 +01:00
*December 7, 2021*
Added stub release notes for Django 3.2.10.
2021-11-01 10:40:42 +01:00
Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths. Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
2021-11-29 11:52:03 +01:00
Django 3.2.10 fixes a security issue with severity "low" and a bug in 3.2.9.
CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
=================================================================================
HTTP requests for URLs with trailing newlines could bypass an upstream access
control based on URL paths.
Added stub release notes for Django 3.2.10.
2021-11-01 10:40:42 +01:00
Bugfixes
========
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL. This makes models.BinaryField pickleable on PostgreSQL. Regression in 3cf80d3fcf7446afdde16a2be515c423f720e54d. Thanks Adam Zimmerman for the report.
2021-12-03 11:56:22 +01:00
* Fixed a regression in Django 3.2 that caused a crash of ``setUpTestData()``
with ``BinaryField`` on PostgreSQL, which is ``memoryview``-backed
(:ticket:`33333`).
Copy Permalink