Note di rilascio di Django 3.2.10
7 Dicembre 2021
Django 3.2.10 fixes a security issue with severity «low» and a bug in 3.2.9.
CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
HTTP requests for URLs with trailing newlines could bypass an upstream access
control based on URL paths.
Correzioni di bug
- Fixed a regression in Django 3.2 that caused a crash of
setUpTestData()
with BinaryField
on PostgreSQL, which is memoryview
-backed
(#33333).