==========================Django 3.0.3 release notes==========================*February 3, 2020*Django 3.0.3 fixes a security issue and several bugs in 3.0.2.CVE-2020-7471: Potential SQL injection via ``StringAgg(delimiter)``===================================================================:class:`~django.contrib.postgres.aggregates.StringAgg` aggregation function wassubject to SQL injection, using a suitably crafted ``delimiter``.Bugfixes========* Fixed a regression in Django 3.0 that caused a crash when subtracting``DateField``, ``DateTimeField``, or ``TimeField`` from a ``Subquery()``annotation (:ticket:`31133`).* Fixed a regression in Django 3.0 where ``QuerySet.values()`` and``values_list()`` crashed if a queryset contained an aggregation and``Exists()`` annotation (:ticket:`31136`).* Relaxed the system check added in Django 3.0 to reallow use of a sublanguagein the :setting:`LANGUAGE_CODE` setting, when a base language is available inDjango but the sublanguage is not (:ticket:`31141`).* Added support for using enumeration types ``TextChoices``,``IntegerChoices``, and ``Choices`` in templates (:ticket:`31154`).* Fixed a system check to ensure the ``max_length`` attribute fits the longestchoice, when a named group contains only non-string values (:ticket:`31155`).* Fixed a regression in Django 2.2 that caused a crash of:class:`~django.contrib.postgres.aggregates.ArrayAgg` and:class:`~django.contrib.postgres.aggregates.StringAgg` with ``filter``argument when used in a ``Subquery`` (:ticket:`31097`).* Fixed a regression in Django 2.2.7 that caused:meth:`~django.db.models.Model.get_FOO_display` to work incorrectly whenoverriding inherited choices (:ticket:`31124`).* Fixed a regression in Django 3.0 that caused a crash of``QuerySet.prefetch_related()`` for ``GenericForeignKey`` with a custom``ContentType`` foreign key (:ticket:`31190`).