chango.git, branch 1.1.4

chango.git, branch 1.1.4 django http://cgit.adnoto.dev/chango.git/atom?h=1.1.4 2011-02-09T03:06:37Z [1.1.X] Bump version number for impending security release. 2011-02-09T03:06:37Z James Bennett ubernostrum@gmail.com 2011-02-09T03:06:37Z urn:sha1:24f2898b76480c626633bd0dd0c3bb7d2068e6d8 git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15474 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fixed security issue in AdminFileWidget. Release and disclosure forthcoming. 2011-02-09T02:48:48Z Carl Meyer carl@oddbird.net 2011-02-09T02:48:48Z urn:sha1:1966786d2dde73e17f39cf340eb33fcb5d73904e git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15472 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fixed a security issue in the file session backend. Disclosure and new release forthcoming. 2011-02-09T02:14:24Z Alex Gaynor alex.gaynor@gmail.com 2011-02-09T02:14:24Z urn:sha1:570a32a047ea56265646217264b0d3dab1a14dbd git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15469 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fixed a security issue in the CSRF component. Disclosure and new release forthcoming. 2011-02-09T02:07:35Z Alex Gaynor alex.gaynor@gmail.com 2011-02-09T02:07:35Z urn:sha1:408c5c873ce1437c7eee9544ff279ecbad7e150a git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15466 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fixed #15103 - SuspiciousOperation with limit_choices_to and raw_id_fields 2011-01-28T15:32:25Z Luke Plant L.Plant.98@cantab.net 2011-01-28T15:32:25Z urn:sha1:274bd67c13f4e979b3982d275470f80cc53509d0 Thanks to natrius for the report. This patch also fixes some unicode bugs in affected code. Backport of [15347] from trunk. Backported to 1.1.X because this was a regression caused by a security fix backported to 1.1.X. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15350 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fixed #14999 -- Ensure that filters on local fields are allowed, and aren't caught as a security problem. Thanks to medhat for the report. 2011-01-12T20:45:01Z Ramiro Morales cramm0@gmail.com 2011-01-12T20:45:01Z urn:sha1:703dc822565024a65aa9cd3994355577ca8a348b Backport of r15139 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15176 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Update download_url for 1.1.3. 2010-12-23T04:12:42Z James Bennett ubernostrum@gmail.com 2010-12-23T04:12:42Z urn:sha1:cbbfe1132804c4c05327bd5103fc6c1057ccb93a git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15043 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Bump to 1.1.3 for security release. 2010-12-23T03:51:37Z James Bennett ubernostrum@gmail.com 2010-12-23T03:51:37Z urn:sha1:334654fdf1d4f660ce9bb2a4aa65859f6441f24d git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15037 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fix a security issue in the auth system. Disclosure and new release forthcoming. 2010-12-23T03:47:58Z Alex Gaynor alex.gaynor@gmail.com 2010-12-23T03:47:58Z urn:sha1:7f8dd9cbac074389af8d8fd235bf2cb657227b9a git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15036 bcc190cf-cafb-0310-a4f2-bffc1f526a37 [1.1.X] Fix a security issue in the admin. Disclosure and new release forthcoming. 2010-12-23T03:47:38Z Alex Gaynor alex.gaynor@gmail.com 2010-12-23T03:47:38Z urn:sha1:17084839fd7e267da5729f2a27753322b9d415a0 git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@15035 bcc190cf-cafb-0310-a4f2-bffc1f526a37