| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the release notes page
(https://docs.djangoproject.com/en/4.0/releases/3.2.10/):
Django 3.2.10 fixes a security issue with severity “low” and a bug in
3.2.9.
CVE-2021-44420: Potential bypass of an upstream access control based on
URL paths
HTTP requests for URLs with trailing newlines could bypass an upstream
access control based on URL paths.
Bugfixes
Fixed a regression in Django 3.2 that caused a crash of setUpTestData()
with BinaryField on PostgreSQL, which is memoryview-backed (#33333).
Django 3.2.9 fixes a bug in 3.2.8 and adds compatibility with Python
3.10.
Bugfixes
Fixed a bug in Django 3.2 that caused a migration crash on SQLite when
altering a field with a functional index (#33194).
Django 3.2.8 fixes two bugs in 3.2.7.
Bugfixes
Fixed a bug in Django 3.2 that caused incorrect links on read-only
fields in the admin (#33077).
Fixed a regression in Django 3.2 that caused incorrect selection of
items across all pages when actions were placed both on the top and
bottom of the admin change-list view (#33083).
Django 3.2.7 fixes a bug in 3.2.6.
Bugfixes
Fixed a regression in Django 3.2 that caused the incorrect offset
extraction from fixed offset timezones (#32992).
Django 3.2.6 fixes several bugs in 3.2.5.
Bugfixes
Fixed a regression in Django 3.2 that caused a crash validating "NaN"
input with a forms.DecimalField when additional constraints, e.g.
max_value, were specified (#32949).
Fixed a bug in Django 3.2 where a system check would crash on a model
with a reverse many-to-many relation inherited from a parent class
(#32947).
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
|
3.2.5 fixes CVE-2021-35042: Potential SQL injection via unsanitized
QuerySet.order_by() input.
Additional release notes:
- Fixed a regression in Django 3.2 that caused a crash of
QuerySet.values_list(…, named=True) after prefetch_related() (#32812).
- Fixed a bug in Django 3.2 that caused a migration crash on MySQL 8.0.13+
when altering BinaryField, JSONField, or TextField to non-nullable
(#32503).
- Fixed a regression in Django 3.2 that caused a migration crash on MySQL
8.0.13+ when adding nullable BinaryField, JSONField, or TextField with a
default value (#32832).
- Fixed a bug in Django 3.2 where a system check would crash on a model
with an invalid app_label (#32863).
There is no corresponding uprev for the 2.x LTS branch since it is
already at the latest version (2.2.24).
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
|
