==========================
Django 5.2.9 release notes
==========================

*December 2, 2025*

Django 5.2.9 fixes one security issue with severity "high", one security issue
with severity "moderate", and several bugs in 5.2.8.

CVE-2025-13372: Potential SQL injection in ``FilteredRelation`` column aliases on PostgreSQL
============================================================================================

:class:`.FilteredRelation` was subject to SQL injection in column aliases,
using a suitably crafted dictionary, with dictionary expansion, as the
``**kwargs`` passed to :meth:`.QuerySet.annotate` or :meth:`.QuerySet.alias` on
PostgreSQL.

CVE-2025-64460: Potential denial-of-service vulnerability in XML ``Deserializer``
=================================================================================

:ref:`XML Serialization <serialization-formats-xml>` was subject to a potential
denial-of-service attack due to quadratic time complexity when deserializing
crafted documents containing many nested invalid elements. The internal helper
``django.core.serializers.xml_serializer.getInnerText()`` previously
accumulated inner text inefficiently during recursion. It now collects text per
element, avoiding excessive resource usage.

Bugfixes
========

* Fixed a bug in Django 5.2 where
  ``django.utils.feedgenerator.Stylesheet.__str__()`` did not escape
  the ``url``, ``mimetype``, and ``media`` attributes, potentially leading
  to invalid XML markup (:ticket:`36733`).

* Fixed a bug in Django 5.2 on PostgreSQL where ``bulk_create()`` did not apply
  a field's custom query placeholders (:ticket:`36748`).

* Fixed a regression in Django 5.2.2 that caused a crash when using aggregate
  functions with an empty ``Q`` filter over a queryset with annotations
  (:ticket:`36751`).

* Fixed a regression in Django 5.2.8 where ``DisallowedRedirect`` was raised by
  :class:`~django.http.HttpResponseRedirect` and
  :class:`~django.http.HttpResponsePermanentRedirect` for URLs longer than 2048
  characters. The limit is now 16384 characters (:ticket:`36743`).

* Fixed a crash on Python 3.14+ that prevented template tag functions from
  being registered when their type annotations required deferred evaluation
  (:ticket:`36712`).
