March 25-26
*Triaged:*
https://code.djangoproject.com/ticket/35330 - The update of related
objects fails in the admin when the related model is camel case. (accepted)
https://code.djangoproject.com/ticket/35331 - Adding a new related
entry using the "+" sign from M2M field doesn't update
Hi all,
A few years ago, I reported a vulnerability in Django because Python wasn't
parsing URLs containing tabs or newlines correctly. In this ticket, it was
fixed in Python:
https://bugs.python.org/issue43882
But Python, being maintained mostly by volunteers, did the minimum needed
work to
I always wonder why people feel the need to belittle others' work with
statements like " But Python, being maintained mostly by volunteers, did
the minimum needed work to fix the vulnerability without really fixing the
urlparse library properly."
But then add something about their time being too va
You write:
"It could still be a vulnerability ... / It could fail to parse ... /
could decide it's invalid - This is all pretty bad..."
I agree - this indeed would be really bad, if it can be used in
malicious ways. But note that the fact that django or an upstream lib
decided to slightly de
