Django 2.2.11 release notes

Donate 来源:django 浏览 442 扫码分享 2021-04-08 21:17:33

Django 2.2.11 release notes
- CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle
- 漏洞修复

Django 2.2.11 release notes

March 4, 2020

Django 2.2.11 fixes a security issue and a data loss bug in 2.2.10.

CVE-2020-9402: Potential SQL injection via `tolerance` parameter in GIS functions and aggregates on Oracle

GIS functions and aggregates on Oracle were subject to SQL injection, using a suitably crafted tolerance.

漏洞修复

Fixed a data loss possibility in the select_for_update(). When using related fields or parent link fields with 多表继承 in the of argument, the corresponding models were not locked (#31246).

当前内容版权归 django 或其关联方所有，如需对内容或内容相关联开源项目进行关注与资助，请访问 django .

本文档使用 BookStack 构建

展开/收起文章目录