mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-12 08:19:10 +00:00
Code Issues 32 Releases Wiki Activity
django/tests/queries
History
Mariusz Felisiak 38d9ef8c7b [4.2.x] Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB. 
Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f9a4ef1514cf1a41f714fef08005200.

Backport of 41b43c74bda19753c757036673ea9db74acf494a from main.
2025-10-01 09:05:20 -04:00
..
__init__.py
Merged regressiontests and modeltests into the test root.
2013-02-26 14:36:57 +01:00
models.py
Fixed #34012 -- Made QuerySet.order_by() apply transforms on related fields for models with Meta.ordering.
2022-10-04 08:19:34 +02:00
test_bulk_update.py
Made QuerySet.bulk_update() raise an error when batch_size is zero.
2022-06-13 06:25:25 +02:00
test_contains.py
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
test_db_returning.py
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
test_explain.py
Fixed #33717 -- Dropped support for PostgreSQL 11.
2022-05-19 09:26:48 +02:00
test_iterator.py
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
test_q.py
Fixed #16211 -- Added logical NOT support to F expressions.
2022-10-31 09:55:51 +01:00
test_qs_combinators.py
[4.2.x] Fixed #34267 -- Fixed sliced QuerySet.union() crash.
2023-01-20 09:25:26 +01:00
test_query.py
Refs #33308 -- Avoided passing None to RawSQL's params.
2022-12-02 10:56:09 +01:00
test_sqlcompiler.py
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
tests.py
[4.2.x] Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB.
2025-10-01 09:05:20 -04:00