April 1, 2016
Django 1.9.5 fixes several bugs in 1.9.4.
MultiPartParser ignore filenames that normalize to an empty string
to fix crash in
MemoryFileUploadHandler on specially crafted user input
Fixed a race condition in
BaseCache.get_or_set() (#26332). It
now returns the
default value instead of
False if there’s an error
when trying to add the value to the cache.
Fixed data loss on SQLite where
DurationField values with fractional
seconds could be saved as
The forms in
contrib.auth no longer strip trailing and leading whitespace
from the password fields (#26334). The change requires users who set
their password to something with such whitespace after a site updated to
Django 1.9 to reset their password. It provides backwards-compatibility for
earlier versions of Django.
Fixed a memory leak in the cached template loader (#26306).
Fixed a regression that caused
collectstatic --clear to fail if the
storage doesn’t implement
Fixed a crash when using a reverse lookup with a subquery when a
ForeignKey has a
to_field set to something other than the primary key
Fixed a regression in
CommonMiddleware that caused spurious warnings in
logs on requests missing a trailing slash (#26293).
Restored the functionality of the admin’s
Fixed a regression with abstract model inheritance and explicit parent links (#26413).
Fixed a migrations crash on SQLite when renaming the primary key of a model
JSONField inadvertently escaping its contents when displaying values
after failed form validation (#25532).