Django 1.11.28 版本发行说明¶
2020 年 2 月 3 日
Django 1.11.28 修复了 1.11.27 中的一个安全问题。
CVE-2020-7471: 通过 StringAgg(delimiter) 可能存在 SQL 注入风险。¶
StringAgg 聚合函数存在 SQL 注入风险,使用适当构造的 delimiter。
Additional Information
Support Django!
Contents
Getting help
- FAQ
- Try the FAQ — it's got answers to many common questions.
- Index, Module Index, or Table of Contents
- Handy when looking for specific information.
- Django Discord Server
- Join the Django Discord Community.
- Official Django Forum
- Join the community on the Django Forum.
- Ticket tracker
- Report bugs with Django or Django documentation in our ticket tracker.
Download:
Offline (Django 5.2):
HTML |
PDF |
ePub
Provided by Read the Docs.