django.git, branch 1.5c2

django.git, branch 1.5c2 django http://cgit.adnoto.dev/django.git/atom?h=1.5c2 2013-02-19T20:15:33Z [1.5.x] Bump version numbers for security release. 2013-02-19T20:15:33Z James Bennett james@b-list.org 2013-02-19T20:15:33Z urn:sha1:18d920ea4839fb54f9d2a5dcb555b6a5666ee469 [1.5.x] Update 1.5 release notes for XML and formset fixes. 2013-02-19T17:39:04Z Carl Meyer carl@oddbird.net 2013-02-12T23:02:05Z urn:sha1:84ce990c0790c61230e2c6dca6768f91e67b3ee6 [1.5.x] Added a default limit to the maximum number of forms in a formset. 2013-02-19T17:39:04Z Aymeric Augustin aymeric.augustin@m4x.org 2013-02-12T10:22:41Z urn:sha1:3ef4bbf495cc6c061789132e3d50a8231a89406b This is a security fix. Disclosure and advisory coming shortly. [1.5.x] Checked object permissions on admin history view. 2013-02-19T17:39:04Z Carl Meyer carl@oddbird.net 2013-02-04T23:57:59Z urn:sha1:0e46c7f7ac9c8c56149090b58a277239708cf4f7 This is a security fix. Disclosure and advisory coming shortly. Patch by Russell Keith-Magee. [1.5.x] Restricted the XML deserializer to prevent DoS attacks. 2013-02-19T17:39:03Z Carl Meyer carl@oddbird.net 2013-02-12T04:54:53Z urn:sha1:2d0c22e02db42763f66f9b941cd2c798590c03b9 This is a security fix. Disclosure and advisory coming shortly. [1.5.x] Added a new required ALLOWED_HOSTS setting for HTTP host header validation. 2013-02-19T17:39:03Z Carl Meyer carl@oddbird.net 2013-02-09T17:26:24Z urn:sha1:a7e33c5bf3a5d854a088c6e56f2684952b1cd2b6 This is a security fix; disclosure and advisory coming shortly. [1.5.X] Fixed #19717 - Removed mentions of "root QuerySet" in docs. 2013-02-18T14:36:49Z Tim Graham timograham@gmail.com 2013-02-18T14:35:22Z urn:sha1:5d853db90e71691f2b6b0827b002b9d0edb38fd1 Thanks julien.aubert.mail@ for the report and James Pic for the patch. Backport of 64d0f89ab1 from master [1.5.x] Corrected INSTALLED_APPS syntax in 1.5 release notes. 2013-02-17T13:55:22Z Simon Meers simon@simonmeers.com 2013-02-17T13:55:22Z urn:sha1:94ef17e2c223225cfa3a4bd2f9b4e1d961269e88 Backport of 9c2066d5 from master. [1.5.x] Fixed #19824 - Corrected the class described for Field.primary_key from IntegerField to AutoField. 2013-02-16T23:34:18Z Tim Graham timograham@gmail.com 2013-02-16T23:31:54Z urn:sha1:ba794f68bfa86c2744e89adeb6027c9d6059d85e Thanks Keryn Knight. Backport of 218bbef0c4 from master [1.5.x] Fixed #19812 - Removed a duplicate phrase in the widget docs. 2013-02-16T23:25:03Z Tim Graham timograham@gmail.com 2013-02-16T23:23:39Z urn:sha1:ad2b091c1f48687188295e57b5cf4f6ad751f572 Thanks diegueus9 for the report and itsallvoodoo for the draft patch. Backport of 7a80904b00 from master