October 4, 2022
Django 4.1.2 fixes a security issue with severity “medium” and several bugs in 4.1.1.
Internationalized URLs were subject to potential denial of service attack via the locale parameter.
Fixed a regression in Django 4.1 that caused a migration crash on PostgreSQL
when adding a model with ExclusionConstraint (#33982).
Fixed a regression in Django 4.1 that caused aggregation over a queryset that
contained an Exists annotation to crash due to too many selected columns
(#33992).
Fixed a bug in Django 4.1 that caused an incorrect validation of
CheckConstraint on NULL values (#33996).
Fixed a regression in Django 4.1 that caused a
QuerySet.values()/values_list() crash on ArrayAgg() and
JSONBAgg() (#34016).
Fixed a bug in Django 4.1 that caused ModelAdmin.autocomplete_fields
to be incorrectly selected after adding/changing related instances via popups
(#34025).
Fixed a regression in Django 4.1 where the app registry was not populated
when running parallel tests with the multiprocessing start method
spawn (#34010).
Fixed a regression in Django 4.1 where the --debug-mode argument to
test did not work when running parallel tests with the
multiprocessing start method spawn (#34010).
Fixed a regression in Django 4.1 that didn’t alter a sequence type when altering type of pre-Django 4.1 serial columns on PostgreSQL (#34058).
Fixed a regression in Django 4.1 that caused a crash for View
subclasses with asynchronous handlers when handling non-allowed HTTP methods
(#34062).
Reverted caching related managers for ForeignKey, ManyToManyField,
and GenericRelation that caused the incorrect refreshing of related
objects (#33984).
Relaxed the system check added in Django 4.1 for the same name used for multiple template tag modules to a warning (#32987).
Apr 19, 2024