Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This PR updates [Django](https://pypi.org/project/Django) from **2.1.4** to **2.1.5**. <details> <summary>Changelog</summary> ### 2.1.5 ``` ========================== *January 4, 2019* Django 2.1.5 fixes a security issue and several bugs in 2.1.4. CVE-2019-3498: Content spoofing possibility in the default 404 page ------------------------------------------------------------------- An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the ``django.views.defaults.page_not_found()`` view. The URL path is no longer displayed in the default 404 template and the ``request_path`` context variable is now quoted to fix the issue for custom templates that use the path. Bugfixes ======== * Fixed compatibility with mysqlclient 1.3.14 (:ticket:`30013`). * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop and rebuild your SQLite database if you applied a migration while using an older version of Django with SQLite 3.26 or later (:ticket:`29182`). * Prevented SQLite schema alterations while foreign key checks are enabled to avoid the possibility of schema corruption (:ticket:`30023`). * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) where request body data isn't properly consumed for such connections (:ticket:`30015`). * Fixed a regression in Django 2.1.4 where ``InlineModelAdmin.has_change_permission()`` is incorrectly called with a non-``None`` ``obj`` argument during an object add (:ticket:`30050`). ========================== ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/django - Changelog: https://pyup.io/changelogs/django/ - Homepage: https://www.djangoproject.com/ </details>
- Loading branch information
