Django 4.2.3 release notes
July 3, 2023
Django 4.2.3 fixes a security issue with severity “moderate” and several bugs in 4.2.2.
CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator
/URLValidator
EmailValidator
and URLValidator
were subject to potential regular expression denial of service attack via a very large number of domain name labels of emails and URLs.
漏洞修复
- Fixed a regression in Django 4.2 that caused incorrect alignment of timezone warnings for
DateField
andTimeField
in the admin (#34645). - Fixed a regression in Django 4.2 that caused incorrect highlighting of rows in the admin changelist view when
ModelAdmin.list_editable
contained aBooleanField
(#34638).