April 1, 2016
Django 1.9.5 fixes several bugs in 1.9.4.
MultiPartParser
ignore filenames that normalize to an empty string
to fix crash in MemoryFileUploadHandler
on specially crafted user input
(#26325).BaseCache.get_or_set()
(#26332). It
now returns the default
value instead of False
if there’s an error
when trying to add the value to the cache.DurationField
values with fractional
seconds could be saved as None
(#26324).contrib.auth
no longer strip trailing and leading whitespace
from the password fields (#26334). The change requires users who set
their password to something with such whitespace after a site updated to
Django 1.9 to reset their password. It provides backwards-compatibility for
earlier versions of Django.collectstatic --clear
to fail if the
storage doesn’t implement path()
(#26297).ForeignKey
has a to_field
set to something other than the primary key
(#26373).CommonMiddleware
that caused spurious warnings in
logs on requests missing a trailing slash (#26293).raw_id_fields
in
list_editable
(#26387).ForeignKey
to 'self'
(#26384).JSONField
inadvertently escaping its contents when displaying values
after failed form validation (#25532).Oct 31, 2018