Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
django/tests/aggregation
History
Mariusz Felisiak 2044dac5c6 [3.2.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases. 
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.

Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main.
2022-04-11 09:12:06 +02:00
..
__init__.py
Merged regressiontests and modeltests into the test root.
2013-02-26 14:36:57 +01:00
models.py
Fixed #31377 -- Disabled grouping by aliases on QuerySet.values()/values_list() when they collide with field names.
2020-03-25 09:13:46 +01:00
test_filter_argument.py
Fixed #31568 -- Fixed alias reference when aggregating over multiple subqueries.
2020-05-14 09:31:15 +02:00
tests.py
[3.2.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases.
2022-04-11 09:12:06 +02:00