Feb. 20, 2023 » The Django weblog » [Archived Version]
Django 4.2 beta 1 is now available. It represents the second stage in the 4.2 release cycle and is an opportunity for you to try out the changes coming in Django 4.2. Django 4.2 has a farrago of new features which you can read about in the in-development 4.2 release notes. Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 4.2 final (also, translations will be updated following the "string freeze" when the release candidate is issue…
Read MoreFeb. 14, 2023 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 4.1.7, Django 4.0.10, and Django 3.2.18. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Passing certain inputs to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. The number o…
Read MoreFeb. 7, 2023 » The Django weblog » [Archived Version]
After five years as part of the Django Fellowship program, Carlton Gibson has decided to step down as a Django Fellow this spring to explore other things. Carlton has made an extraordinary impact as a Django Fellow. The Django Software Foundation is grateful for his service and assistance. The Fellowship program was started in 2014 as a way to dedicate high-quality and consistent resources to the maintenance of Django. As Django has matured, the DSF has been able to fundraise and earmark funds …
Read MoreFeb. 1, 2023 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 4.1.6, Django 4.0.9, and Django 3.2.17. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2023-23969: Potential denial-of-service via Accept-Language headers The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if larg…
Read MoreJan. 17, 2023 » The Django weblog » [Archived Version]
Django 4.2 alpha 1 is now available. It represents the first stage in the 4.2 release cycle and is an opportunity for you to try out the changes coming in Django 4.2. Django 4.2 has a farrago of new features which you can read about in the in-development 4.2 release notes. This alpha milestone marks the feature freeze. The current release schedule calls for a beta release in about a month and a release candidate about a month from then. We'll only be able to keep this schedule if we get early a…
Read MoreJan. 2, 2023 » The Django weblog » [Archived Version]
Today we've issued the 4.1.5 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.
Read MoreDec. 6, 2022 » The Django weblog » [Archived Version]
The organizers of DjangoCon US and DjangoCon Europe spend a tremendous amount of energy both hosting the conferences and putting all the talks online after. The complete playlists of talks from each conference are now available on YouTube: DjangoCon Europe 2022 DjangoCon US 2022
Read MoreDec. 6, 2022 » The Django weblog » [Archived Version]
Today we've issued the 4.1.4 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Carlton Gibson: E17DF5C82B4F9D00.
Read MoreNov. 29, 2022 » The Django weblog » [Archived Version]
The 2023 Board is transitional to our new staggered 2 year term board membership model. Here are the results of this year's election as selected by ranked choice voting: Chaim Kirby* Jacob Kaplan-Moss Katie McLaughlin* Aaron Bassett Kátia Yoshime Nakamura* Peter Baumgartner Cagil Ulusahin Sonmez* * Elected to a two (2) year term Congratulations to our winners and a huge thank you to our departing board members Anna Makarudze, Mfon Eti-mfon, William Vincent, and Žan Anderle. You all set the…
Read MoreNov. 25, 2022 » The Django weblog » [Archived Version]
The Django Software Foundation Board is pleased to announce that the 2022 Malcolm Tredinnick Memorial Prize has been awarded to Paolo Melchiorre. Paolo Melchiorre has been a member of the Python community since 2006, also of the Django community since 2012, and a DSF Member since 2020. Over the last 5 years, Paolo has presented nearly 40 Django talks at various DjangoCon, PyCon, and community conferences both online and in person. He also has been an active contributor to the djangoproject.co…
Read More