Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
30,223 Commits 26 Branches 382 Tags
Commit Graph

5 Commits

Author SHA1 Message Date
Mariusz Felisiak
800828887a [4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases. 
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.

Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main.
 2022-04-11 09:02:14 +02:00
django-bot
6a682b38e7 [4.0.x] Refs #33476 -- Reformatted code with Black. 
Backport of 9c19aff7c7561e3a82978a272ecdaad40dda5c00 from main.
 2022-02-08 12:15:38 +01:00
Nick Pope
335c9c94ac Simplified imports from django.db and django.contrib.gis.db. 2020-02-04 13:20:06 +01:00
Claude Paroz
d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Ian Foote
39f35d4b9d Fixed #25871 -- Added expressions support to QuerySet.values(). 2016-08-18 16:05:15 -04:00