Django 2.2.10 版本发行说明

2020 年 2 月 3 日

Django 2.2.10 fixes a security issue in 2.2.9.

CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)

StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.

« previous | up | next »