Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=scarthgap 2023-07-21T02:08:57+00:00 2023-07-21T02:08:57+00:00 Trevor Gamblin tgamblin@baylibre.com 2023-07-18T15:00:54+00:00 urn:sha1:84c611db3472473b0468d390c12d70cd7d87dfc3 Changelog: https://docs.djangoproject.com/en/4.2/releases/4.2.3/ Django 4.2.3 fixes a security issue with severity “moderate” and several bugs in 4.2.2. CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator EmailValidator and URLValidator were subject to potential regular expression denial of service attack via a very large number of domain name labels of emails and URLs. Bugfixes - Fixed a regression in Django 4.2 that caused incorrect alignment of timezone warnings for DateField and TimeField in the admin (#34645). - Fixed a regression in Django 4.2 that caused incorrect highlighting of rows in the admin changelist view when ModelAdmin.list_editable contained a BooleanField (#34638). Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2023-06-14T16:41:35+00:00 Wang Mingyu wangmy@fujitsu.com 2023-06-13T01:40:12+00:00 urn:sha1:0347cd1b9712012da5d408b3dce123ce6adeda5c Changelog: ========== - Fixed a regression in Django 4.2 that caused an unnecessary DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None lookups for TextField()/BinaryField() on Oracle (#34544). - Restored, following a regression in Django 4.2, get_prep_value() call in JSONField subclasses (#34539). - Fixed a regression in Django 4.2 that caused a crash of QuerySet.defer() when passing a ManyToManyField or GenericForeignKey reference. While doing so is a no-op, it was allowed in older version (#34570). - Fixed a regression in Django 4.2 that caused a crash of QuerySet.only() when passing a reverse OneToOneField reference (#34612). - Fixed a bug in Django 4.2 where makemigrations --update didn't respect the --name option (#34568). - Fixed a performance regression in Django 4.2 when compiling queries without ordering (#34580). - Fixed a regression in Django 4.2 where nonexistent stylesheet was linked on a "Congratulations!" page (#34588). - Fixed a regression in Django 4.2 that caused a crash of QuerySet.aggregate() with expressions referencing other aggregates (#34551). - Fixed a regression in Django 4.2 that caused a crash of QuerySet.aggregate() with aggregates referencing subqueries (#34551). - Fixed a regression in Django 4.2 that caused a crash of querysets on SQLite when filtering on DecimalField against values outside of the defined range (#34590). - Fixed a regression in Django 4.2 that caused a serialization crash on a ManyToManyField without a natural key when its Manager's base QuerySet used select_related() (#34620). Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>