February 6, 2024
Django 5.0.2 fixes a security issue with severity “moderate” and several bugs in 5.0.1. Also, the latest string translations from Transifex are incorporated.
intcomma template filter¶The intcomma template filter was subject to a potential denial-of-service
attack when used with very long strings.
Reallowed, following a regression in Django 5.0.1, filtering against local
foreign keys not included in ModelAdmin.list_filter
(#35087).
Fixed a regression in Django 5.0 where links in the admin had an incorrect color (#35121).
Fixed a bug in Django 5.0 that caused a crash of Model.full_clean() on
models with a GeneratedField (#35127).
Fixed a regression in Django 5.0 that caused a crash of
FilteredRelation() with querysets as right-hand sides (#35135).
FilteredRelation() now raises a ValueError on querysets as right-hand
sides.
Fixed a regression in Django 5.0 that caused a crash of the dumpdata
management command when a base queryset used prefetch_related()
(#35159).
Fixed a regression in Django 5.0 that caused the request_finished signal to
sometimes not be fired when running Django through an ASGI server, resulting
in potential resource leaks (#35059).
Fixed a bug in Django 5.0 that caused a migration crash on MySQL when adding
a BinaryField, TextField, JSONField, or GeometryField with a
db_default (#35162).
Fixed a bug in Django 5.0 that caused a migration crash on models with a
literal db_default of a complex type such as dict instance of a
JSONField. Running makemigrations might generate no-op AlterField
operations for fields using db_default (#35149).
Mar 04, 2025