Notes de publication de Django 3.2.10

7 décembre 2021

Django 3.2.10 fixes a security issue with severity « low » and a bug in 3.2.9.

CVE-2021-44420: Potential bypass of an upstream access control based on URL paths

HTTP requests for URLs with trailing newlines could bypass an upstream access control based on URL paths.

Correction de bogues

  • Fixed a regression in Django 3.2 that caused a crash of setUpTestData() with BinaryField on PostgreSQL, which is memoryview-backed (#33333).
Django 3.2.11 release notes
Notes de publication de Django 3.2.9
Back to Top