#30769: Access JSON key crashes when using annotated field from subquery.
-------------------------------------+-------------------------------------
Reporter: Tim Kleinschmidt | Owner: Simon
| Charette
Type: Bug | Status: closed
Component: Database layer | Version: 1.11
(models, ORM) |
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Mariusz Felisiak <felisiak.mariusz@…>):
In [changeset:"fd393907c91e855acbd6f7a287bdc8e951c328e8" fd39390]:
{{{
#!CommitTicketReference repository=""
revision="fd393907c91e855acbd6f7a287bdc8e951c328e8"
[1.11.x] Fixed #30769 -- Fixed a crash when filtering against a subquery
JSON/HStoreField annotation.
This was a regression introduced by
7deeabc7c7526786df6894429ce89a9c4b614086
to address CVE-2019-14234.
Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
Backport of 6c3dfba89215fc56fc27ef61829a6fff88be4abb from master.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/30769#comment:9>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/064.1c157414215200fda2fc35179b358a37%40djangoproject.com.
