mirror of
https://github.com/django/django.git
synced 2024-11-27 17:16:33 +01:00
ad0410ec4f
Thanks Seokchan Yoon for reports.
26 lines
968 B
Plaintext
26 lines
968 B
Plaintext
==========================
|
|
Django 4.2.3 release notes
|
|
==========================
|
|
|
|
*July 3, 2023*
|
|
|
|
Django 4.2.3 fixes a security issue with severity "moderate" and several bugs
|
|
in 4.2.2.
|
|
|
|
CVE-2023-36053: Potential regular expression denial of service vulnerability in ``EmailValidator``/``URLValidator``
|
|
===================================================================================================================
|
|
|
|
``EmailValidator`` and ``URLValidator`` were subject to potential regular
|
|
expression denial of service attack via a very large number of domain name
|
|
labels of emails and URLs.
|
|
|
|
Bugfixes
|
|
========
|
|
|
|
* Fixed a regression in Django 4.2 that caused incorrect alignment of timezone
|
|
warnings for ``DateField`` and ``TimeField`` in the admin (:ticket:`34645`).
|
|
|
|
* Fixed a regression in Django 4.2 that caused incorrect highlighting of rows
|
|
in the admin changelist view when ``ModelAdmin.list_editable`` contained a
|
|
``BooleanField`` (:ticket:`34638`).
|