Blog Info | The Django weblog |
---|---|
Blog website | Link |
Feb. 6, 2024 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 5.0.2, Django 4.2.10, and Django 3.2.24. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2024-24680: Potential denial-of-service in intcomma template filter The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. Thanks Seokchan Yoon for the report. This issue has severity &quo…
Read MoreOct. 23, 2023 » The Django weblog » [Archived Version]
Django 5.0 beta 1 is now available. It represents the second stage in the 5.0 release cycle and is an opportunity for you to try out the changes coming in Django 5.0. Django 5.0 brings a deluge of exciting new features which you can read about in the in-development 5.0 release notes. Only bugs in new features and regressions from earlier versions of Django will be fixed between now and the 5.0 final release. Translations will be updated following the "string freeze", which occurs when…
Read MoreOct. 4, 2023 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 4.2.6, Django 4.1.12, and Django 3.2.22. These releases address the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator Following the fix for CVE-2019-14232, the regular expressions used in the implementation of django.utils.text.Truncator’s chars() and words() methods (with html=True) were rev…
Read MoreSept. 18, 2023 » The Django weblog » [Archived Version]
Django 5.0 alpha 1 is now available. It represents the first stage in the 5.0 release cycle and is an opportunity for you to try out the changes coming in Django 5.0. Django 5.0 brings a deluge of exciting new features which you can read about in the in-development 5.0 release notes. This alpha milestone marks the feature freeze. The current release schedule calls for a beta release in about a month and a release candidate about a month from then. We'll only be able to keep this schedule if we …
Read MoreAug. 1, 2023 » The Django weblog » [Archived Version]
Today we've issued the 4.2.4 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E.
Read MoreJune 5, 2023 » The Django weblog » [Archived Version]
Today we've issued the 4.2.2 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E.
Read More