March 4, 2020
Django 3.0.4 fixes a security issue and several bugs in 3.0.3.
tolerance
parameter in GIS functions and aggregates on Oracle¶GIS functions and aggregates on Oracle were subject to SQL injection,
using a suitably crafted tolerance
.
select_for_update()
. When using
related fields or parent link fields with Multi-table inheritance in
the of
argument, the corresponding models were not locked
(#31246).DateField
or DateTimeField
expressions on
MySQL (#31312).GROUP BY
clause (#31150).Dec 13, 2021