October 4, 2022
Django 4.1.2 fixes a security issue with severity "medium" and several bugs in 4.1.1.
Internationalized URLs were subject to potential denial of service attack via the locale parameter.
Fixed a regression in Django 4.1 that caused a migration crash on PostgreSQL
when adding a model with ExclusionConstraint
(#33982).
Fixed a regression in Django 4.1 that caused aggregation over a queryset that
contained an Exists
annotation to crash due to too many selected columns
(#33992).
Fixed a bug in Django 4.1 that caused an incorrect validation of
CheckConstraint
on NULL
values (#33996).
Fixed a regression in Django 4.1 that caused a
QuerySet.values()/values_list()
crash on ArrayAgg()
and
JSONBAgg()
(#34016).
Fixed a bug in Django 4.1 that caused ModelAdmin.autocomplete_fields
to be incorrectly selected after adding/changing related instances via popups
(#34025).
Fixed a regression in Django 4.1 where the app registry was not populated
when running parallel tests with the multiprocessing
start method
spawn
(#34010).
Fixed a regression in Django 4.1 where the --debug-mode
argument to
test
did not work when running parallel tests with the
multiprocessing
start method spawn
(#34010).
Fixed a regression in Django 4.1 that didn't alter a sequence type when altering type of pre-Django 4.1 serial columns on PostgreSQL (#34058).
Fixed a regression in Django 4.1 that caused a crash for View
subclasses with asynchronous handlers when handling non-allowed HTTP methods
(#34062).
Reverted caching related managers for ForeignKey
, ManyToManyField
,
and GenericRelation
that caused the incorrect refreshing of related
objects (#33984).
Relaxed the system check added in Django 4.1 for the same name used for multiple template tag modules to a warning (#32987).
Jan 15, 2024