django.git, branch 3.0.13

django.git, branch 3.0.13 django http://cgit.adnoto.dev/django.git/atom?h=3.0.13 2021-02-19T08:42:24Z [3.0.x] Bumped version for 3.0.13 release. 2021-02-19T08:42:24Z Carlton Gibson carlton.gibson@noumenal.es 2021-02-19T08:42:24Z urn:sha1:04a9b7df3fe627d03547a01330a20dfcbf2e8bd5 [3.0.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.limited_parse_qsl(). 2021-02-18T09:21:04Z Nick Pope nick@nickpope.me.uk 2021-02-16T10:14:17Z urn:sha1:326a926beef869d3341bc9ef737887f0449b6b71 [3.0.x] Added documentation extlink for bugs.python.org. 2021-02-17T13:27:36Z Nick Pope nick@nickpope.me.uk 2021-02-16T10:08:39Z urn:sha1:ad36388406195ecddb319fea862298e6c8d27d3b Backport of d02d60eb0f032c9395199fb73c6cd29ee9bb2646 from master [3.0.x] Added CVE-2021-3281 to security archive. 2021-02-01T09:46:46Z Mariusz Felisiak felisiak.mariusz@gmail.com 2021-02-01T09:21:30Z urn:sha1:0194f0be31b92c8e66636859df618611fb2f4d18 Backport of f749148d62ece28d208ab66b109f858215ba090a from master [3.0.x] Post-release version bump. 2021-02-01T08:48:38Z Mariusz Felisiak felisiak.mariusz@gmail.com 2021-02-01T08:48:38Z urn:sha1:bfe24c380355c753b9d6b38a841d8f0e0491b571 [3.0.x] Bumped version for 3.0.12 release. 2021-02-01T08:40:04Z Mariusz Felisiak felisiak.mariusz@gmail.com 2021-02-01T08:40:04Z urn:sha1:81c99e4eb00b58e3eb33f3d5c1747b6c57e9d649 [3.0.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 2021-02-01T08:14:22Z Mariusz Felisiak felisiak.mariusz@gmail.com 2021-01-22T11:23:18Z urn:sha1:52e409ed17287e9aabda847b6afe58be2fa9f86a Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews. Thanks Wang Baohua for the report. Backport of 05413afa8c18cdb978fcdf470e09f7a12b234a23 from master. [3.0.x] Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database. 2021-01-29T10:03:35Z Mariusz Felisiak felisiak.mariusz@gmail.com 2021-01-29T10:00:12Z urn:sha1:74ca3cac3272b3a9df6a351095fe4117d0cf2608 Backport of 135c800fe6138d7818501a384c0ebbdc5442762c from master [3.0.x] Updated CVE URL. 2021-01-02T11:50:30Z Tim Graham timograham@gmail.com 2021-01-02T11:49:00Z urn:sha1:f13bedf102a8e65272d8b10e82eecdaab092a470 Backport of 656b331b13e08e82bbf0b88d39080c5b1a02109c from master [3.0.x] Fixed #31850 -- Fixed BasicExtractorTests.test_extraction_warning with xgettext 0.21+. 2020-11-02T09:29:51Z Max Smolens msmolens@gmail.com 2020-10-06T21:58:52Z urn:sha1:c506639b425ca876b2d9a633fc6410e917d45605 "format string with unnamed arguments cannot be properly localized" warning is not raised in xgettext 0.21+. This patch uses a message that causes an xgettext warning regardless of the version. Backport of 07a30f561661efae1691ff45d10ec6014b395b58 from master