Django 3.1.12 release notes

Django 3.1.12 fixes two security issues in 3.1.11.

As a mitigation, path sanitation is now applied and only files within the template root directories can be loaded.

CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses

and validate_ipv46_address() validators were not affected on Python 3.9.5+.