2025年2月14日
Django 5.1.5 では 5.1.4 における深刻度 "moderate" のセキュリティの問題とバグを修正しました。
Lack of upper bound limit enforcement in strings passed when performing IPv6
validation could lead to a potential denial-of-service attack. The undocumented
and private functions clean_ipv6_address and is_valid_ipv6_address were
vulnerable, as was the django.forms.GenericIPAddressField form field,
which has now been updated to define a max_length of 39 characters.
django.db.models.GenericIPAddressField モデルフィールドは影響されませんでした。
Fixed a crash when applying migrations with references to the removed
Meta.index_together option (#34856).
12月 04, 2025