Django 3.2.4 release notes

Django 3.2.4 fixes two security issues and several bugs in 3.2.3.

As a mitigation, path sanitation is now applied and only files within the template root directories can be loaded.

validate_ipv4_address() and validators were not affected on Python 3.9.5+.

• Fixed a bug in Django 3.2 where a final catch-all view in the admin didn’t respect the server-provided value of when redirecting unauthenticated users to the login page (#32754).
• Fixed a bug in Django 3.2 where a system check would crash on an abstract model ().
• Fixed a crash in Django 3.2 that could occur when running mod_wsgi with the recommended settings while the Windows colorama library was installed (#32740).
• Fixed a bug in Django 3.2 that would trigger the auto-reloader for template changes when directory paths were specified with strings ().
• Fixed a regression in Django 3.2 that caused a loss of precision for operations with DecimalField on MySQL (#32793).