Django 4.2.3 release notes¶
July 3, 2023
Django 4.2.3 fixes a security issue with severity “moderate” and several bugs in 4.2.2.
CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator
/URLValidator
¶
EmailValidator
and URLValidator
were subject to potential regular
expression denial of service attack via a very large number of domain name
labels of emails and URLs.
Bugfixes¶
- Fixed a regression in Django 4.2 that caused incorrect alignment of timezone
warnings for
DateField
andTimeField
in the admin (#34645). - Fixed a regression in Django 4.2 that caused incorrect highlighting of rows
in the admin changelist view when
ModelAdmin.list_editable
contained aBooleanField
(#34638).