March 20, 2023 » The Django weblog » [Archived Version]
DjangoCon Europe 2023 will be held May 29th-June 2nd in Edinburgh, Scotland, but we're already looking ahead to next year's conference. Could your town - or your football stadium, circus tent, private island or city hall - host this wonderful community event? Hosting a DjangoCon is an ambitious undertaking. It's hard work, but each year it has been successfully run by a team of community volunteers, not all of whom have had previous experience - more important is enthusiasm, organisational ski…
Read MoreMarch 20, 2023 » The Django weblog » [Archived Version]
Django 4.2 release candidate 1 is the final opportunity for you to try out the farrago of new features before Django 4.2 is released. The release candidate stage marks the string freeze and the call for translators to submit translations. Provided no major bugs are discovered that can't be solved in the next two weeks, Django 4.2 will be released on or around April 3. Any delays will be communicated on the Django forum. Please use this opportunity to help find and fix bugs (which should be repo…
Read MoreMarch 9, 2023 » The Django weblog » [Archived Version]
We are excited to share the results of the annual Django Developers Survey which was conducted this year in collaboration with JetBrains. Almost 5,000 Django users from 248 countries took the survey which covered a broad list of topics including Django usage, operating systems, libraries, tools, and many other insights. View the results of the 2022 Django Developers Survey. If you have feedback on the findings and how to improve the survey in future years please share on the official Django For…
Read MoreFeb. 20, 2023 » The Django weblog » [Archived Version]
Django 4.2 beta 1 is now available. It represents the second stage in the 4.2 release cycle and is an opportunity for you to try out the changes coming in Django 4.2. Django 4.2 has a farrago of new features which you can read about in the in-development 4.2 release notes. Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 4.2 final (also, translations will be updated following the "string freeze" when the release candidate is issue…
Read MoreFeb. 14, 2023 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 4.1.7, Django 4.0.10, and Django 3.2.18. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Passing certain inputs to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. The number o…
Read MoreFeb. 7, 2023 » The Django weblog » [Archived Version]
After five years as part of the Django Fellowship program, Carlton Gibson has decided to step down as a Django Fellow this spring to explore other things. Carlton has made an extraordinary impact as a Django Fellow. The Django Software Foundation is grateful for his service and assistance. The Fellowship program was started in 2014 as a way to dedicate high-quality and consistent resources to the maintenance of Django. As Django has matured, the DSF has been able to fundraise and earmark funds …
Read MoreFeb. 1, 2023 » The Django weblog » [Archived Version]
In accordance with our security release policy, the Django team is issuing Django 4.1.6, Django 4.0.9, and Django 3.2.17. These releases addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible. CVE-2023-23969: Potential denial-of-service via Accept-Language headers The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if larg…
Read MoreJan. 17, 2023 » The Django weblog » [Archived Version]
Django 4.2 alpha 1 is now available. It represents the first stage in the 4.2 release cycle and is an opportunity for you to try out the changes coming in Django 4.2. Django 4.2 has a farrago of new features which you can read about in the in-development 4.2 release notes. This alpha milestone marks the feature freeze. The current release schedule calls for a beta release in about a month and a release candidate about a month from then. We'll only be able to keep this schedule if we get early a…
Read MoreJan. 2, 2023 » The Django weblog » [Archived Version]
Today we've issued the 4.1.5 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.
Read MoreDec. 6, 2022 » The Django weblog » [Archived Version]
The organizers of DjangoCon US and DjangoCon Europe spend a tremendous amount of energy both hosting the conferences and putting all the talks online after. The complete playlists of talks from each conference are now available on YouTube: DjangoCon Europe 2022 DjangoCon US 2022
Read More