1. ==========================

  2. Django 1.8.2 release notes

  3. ==========================

  4. 

  5. *May 20, 2015*

  6. 

  7. Django 1.8.2 fixes a security issue and several bugs in 1.8.1.

  8. 

  9. Fixed session flushing in the ``cached_db`` backend

  10. ===================================================

  11. 

  12. A change to ``session.flush()`` in the ``cached_db`` session backend in Django

  13. 1.8 mistakenly sets the session key to an empty string rather than ``None``. An

  14. empty string is treated as a valid session key and the session cookie is set

  15. accordingly. Any users with an empty string in their session cookie will use

  16. the same session store. ``session.flush()`` is called by

  17. ``django.contrib.auth.logout()`` and, more seriously, by

  18. ``django.contrib.auth.login()`` when a user switches accounts. If a user is

  19. logged in and logs in again to a different account (without logging out) the

  20. session is flushed to avoid reuse. After the session is flushed (and its

  21. session key becomes ``''``) the account details are set on the session and the

  22. session is saved. Any users with an empty string in their session cookie will

  23. now be logged into that account.

  24. 

  25. Bugfixes

  26. ========

  27. 

  28. * Fixed check for template engine alias uniqueness (:ticket:`24685`).

  29. 

  30. * Fixed crash when reusing the same ``Case`` instance in a query

  31.   (:ticket:`24752`).

  32. 

  33. * Corrected join promotion for ``Case`` expressions. For example, annotating a

  34.   query with a  ``Case`` expression could unexpectedly filter out results

  35.   (:ticket:`24766`).

  36. 

  37. * Fixed negated ``Q`` objects in expressions. Cases like

  38.   ``Case(When(~Q(friends__age__lte=30)))`` tried to generate a subquery which

  39.   resulted in a crash (:ticket:`24705`).

  40. 

  41. * Fixed incorrect GROUP BY clause generation on MySQL when the query's model

  42.   has a self-referential foreign key (:ticket:`24748`).

  43. 

  44. * Implemented ``ForeignKey.get_db_prep_value()`` so that ``ForeignKey``\s

  45.   pointing to :class:`~django.db.models.UUIDField` and inheritance on models

  46.   with ``UUIDField`` primary keys work correctly (:ticket:`24698`,

  47.   :ticket:`24712`).

  48. 

  49. * Fixed ``isnull`` lookup for ``HStoreField`` (:ticket:`24751`).

  50. 

  51. * Fixed a MySQL crash when a migration removes a combined index (unique_together

  52.   or index_together) containing a foreign key (:ticket:`24757`).

  53. 

  54. * Fixed session cookie deletion when using :setting:`SESSION_COOKIE_DOMAIN`

  55.   (:ticket:`24799`).

  56. 

  57. * On PostgreSQL, when no access is granted for the ``postgres`` database,

  58.   Django now falls back to the default database when it normally requires a

  59.   "no database" connection (:ticket:`24791`).

  60. 

  61. * Fixed display of ``contrib.admin``’s ``ForeignKey`` widget when it's used

  62.   in a row with other fields (:ticket:`24784`).
About Sign Up Leave Feedback Contact