Tests failing with Django >=3.2.1
Stormheg opened this issue · comments
Django >=3.1.9 and >=2.2.21 are also affected.
Some tests fail with the following error:
raise SuspiciousFileOperation("File name '%s' includes path elements" % name)
django.core.exceptions.SuspiciousFileOperation: File name 'original_images/wagtail.jpg' includes path elements
This appears to be related to a fix for a recent security defect in Django (CVE-2021-31542: Potential directory-traversal via uploaded files).
See https://www.djangoproject.com/weblog/2021/may/04/security-releases/
A ticket has been opened on Django's issue tracker: https://code.djangoproject.com/ticket/32718
This is happening for us at The Motley Fool as well.
The Django team is working on a patch that should resolve the issue: https://code.djangoproject.com/ticket/32718#comment:29
The Django team has released bug fix releases 3.2.3, 3.1.11, and 2.2.23 that have fixed the SuspiciousFileOperation
bug.
https://www.djangoproject.com/weblog/2021/may/13/bugfix-releases/
Going to close this issue now.