CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)

StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.

Bugfixes

• Fixed a regression in Django 3.0 that caused a crash when subtracting DateField, DateTimeField, or TimeField from a Subquery() annotation (:ticket:`31133`).
• Fixed a regression in Django 3.0 where QuerySet.values() and values_list() crashed if a queryset contained an aggregation and Exists() annotation (:ticket:`31136`).
• Relaxed the system check added in Django 3.0 to reallow use of a sublanguage in the :setting:`LANGUAGE_CODE` setting, when a base language is available in Django but the sublanguage is not (:ticket:`31141`).
• Added support for using enumeration types TextChoices, IntegerChoices, and Choices in templates (:ticket:`31154`).
• Fixed a system check to ensure the max_length attribute fits the longest choice, when a named group contains only non-string values (:ticket:`31155`).
• Fixed a regression in Django 2.2 that caused a crash of ArrayAgg and StringAgg with filter argument when used in a Subquery (:ticket:`31097`).
• Fixed a regression in Django 2.2.7 that caused get_FOO_display() to work incorrectly when overriding inherited choices (:ticket:`31124`).
• Fixed a regression in Django 3.0 that caused a crash of QuerySet.prefetch_related() for GenericForeignKey with a custom ContentType foreign key (:ticket:`31190`).