========================== Django 1.9.3 release notes ========================== *March 1, 2015* Django 1.9.3 fixes two security issues and several bugs in 1.9.2. Bugfixes ======== * Skipped URL checks (new in 1.9) if the ``ROOT_URLCONF`` setting isn't defined (:ticket:`26155`). * Fixed a crash on PostgreSQL that prevented using ``TIME_ZONE=None`` and ``USE_TZ=False`` (:ticket:`26177`). * Added system checks for query name clashes of hidden relationships (:ticket:`26162`). * Fixed a regression for cases where ``ForeignObject.get_extra_descriptor_filter()`` returned a ``Q`` object (:ticket:`26153`). * Fixed regression with an ``__in=qs`` lookup for a ``ForeignKey`` with ``to_field`` set (:ticket:`26196`). * Made ``forms.FileField`` and ``utils.translation.lazy_number()`` picklable (:ticket:`26212`). * Fixed :class:`~django.contrib.postgres.fields.RangeField` and :class:`~django.contrib.postgres.fields.ArrayField` serialization with ``None`` values (:ticket:`26215`). * Fixed a crash when filtering by a ``Decimal`` in ``RawQuery`` (:ticket:`26219`). * Reallowed dashes in top-level domain names of URLs checked by ``URLValidator`` to fix a regression in Django 1.8 (:ticket:`26204`). * Fixed some crashing deprecation shims in ``SimpleTemplateResponse`` that regressed in Django 1.9 (:ticket:`26253`). * Fixed ``BoundField`` to reallow slices of subwidgets (:ticket:`26267`). * Changed the admin's "permission denied" message in the login template to use ``get_username`` instead of ``username`` to support custom user models (:ticket:`26231`). * Fixed a crash when passing a nonexistent template name to the cached template loader's ``load_template()`` method (:ticket:`26280`). * Prevented ``ContentTypeManager`` instances from sharing their cache (:ticket:`26286`). * Reverted a change in Django 1.9.2 (:ticket:`25858`) that prevented relative lazy relationships defined on abstract models to be resolved according to their concrete model's ``app_label`` (:ticket:`26186`).