| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-08-20 | [1.4.x] Bump version numbers for security release.1.4.14 | James Bennett | |
| 2014-08-11 | [1.4.x] Prevented data leakage in contrib.admin via query string manipulation. | Simon Charette | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on ↵ | Preston Holmes | |
| REMOTE_USE change. This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file ↵ | Tim Graham | |
| names. This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Prevented reverse() from generating URLs pointing to other hosts. | Florian Apolloner | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Added release note stub for 1.4.14. | Tim Graham | |
| 2014-08-11 | [1.4.x] Added a warning that remove_tags() output shouldn't be considered safe. | Tim Graham | |
| Backport of 7efce77de2 from master | |||
| 2014-08-08 | [1.4.x] Noted that django-jython requires Django 1.7. | Tim Graham | |
| Backport of 72e98d5c16 from stable/1.6.x | |||
| 2014-08-06 | [1.4.x] Fixed #23239 -- Clarified a phrase in the contrib.markup docs. | Tim Graham | |
| Backport of e0fb48c254 from stable/1.5.x | |||
| 2014-08-02 | [1.4.x] Fixed #23149 -- Clarified note on HTTPOnly in cookie-based session docs | Erik Romijn | |
| Backport of e26366da44bb343e7a95d01ff0dd18b8026c2802 from master. | |||
| 2014-07-25 | [1.4.x] Added tests/requirements/py2.txt. | Tim Graham | |
| This follows the convention used in other branches so we don't need a special case in the build script for 1.4. | |||
| 2014-07-14 | [1.4.x] Revert "Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet." | Ramiro Morales | |
| This reverts commit b44519072e8a0ef56a0ae9e6e4a1fb04273eb0eb. stable/1.4.x branch is in security-fixes-only mode. | |||
| 2014-07-14 | [1.4.x] Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet. | Tim Graham | |
| Thanks sebastien at clarisys.fr for the report and gautier for the patch. Backport of 5e2c4a4bd1 from master | |||
| 2014-06-18 | [1.4.x] Fixed #22859 -- Improved crossDomain technique in CSRF example. | Tim Graham | |
| Thanks flisky for the report. Backport of 0be4d64487 from master | |||
| 2014-05-15 | [1.4.x] Minor edits to latest release notes. | Tim Graham | |
| Backport of 860d31ac7a3bdd4b27db8b34b110b3d801ddaf8a from master | |||
| 2014-05-14 | Bumped version numbers post-release. | Jacob Kaplan-Moss | |
| 2014-05-14 | Bumped version numbers for release.1.4.13 | Jacob Kaplan-Moss | |
| 2014-05-14 | Added release notes for 1.4.13. | Jacob Kaplan-Moss | |
| 2014-05-12 | [1.4.x] Added additional checks in is_safe_url to account for flexible parsing. | Tim Graham | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-05-12 | [1.4.x] Dropped fix_IE_for_vary/attach. | Aymeric Augustin | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-04-28 | [1.4.x] Added dates to release notes of today's release. | Tim Graham | |
| Backport of 68d264059abb21b96c4fe68bf4d99520268a451c from master | |||
| 2014-04-28 | [1.4.x] Post release version bump. | Tim Graham | |
| 2014-04-28 | [1.4.x] Bump version numbers for 1.4.12 bugfix release.1.4.12 | James Bennett | |
| 2014-04-23 | [1.4.x] Fixed #22486 -- Restored the ability to reverse views created using ↵ | Tim Graham | |
| functools.partial. Regression in 8b93b31. Thanks rcoup for the report. Backport of 3c06b2f2a3 from master | |||
| 2014-04-22 | [1.4.x] Post release version bump. | Tim Graham | |
| 2014-04-21 | [1.4.x] Bump version numbers for 1.4.11 security release.1.4.11 | James Bennett | |
| 2014-04-21 | [1.4.x] Added information on resolved security issues to release notes. | Erik Romijn | |
| Backport of c07f3e60c2d455e36ba4ac339d4283d32bbc3814 from master | |||
| 2014-04-21 | [1.4.x] Fixed queries that may return unexpected results on MySQL due to ↵ | Erik Romijn | |
| typecasting. This is a security fix. Disclosure will follow shortly. Backport of 75c0d4ea3ae48970f788c482ee0bd6b29a7f1307 from master | |||
| 2014-04-21 | [1.4.x] Prevented leaking the CSRF token through caching. | Aymeric Augustin | |
| This is a security fix. Disclosure will follow shortly. Backport of c083e3815aec23b99833da710eea574e6f2e8566 from master | |||
| 2014-04-21 | [1.4.x] Fixed a remote code execution vulnerabilty in URL reversing. | Tim Graham | |
| Thanks Benjamin Bach for the report and initial patch. This is a security fix; disclosure to follow shortly. Backport of 8b93b31487d6d3b0fcbbd0498991ea0db9088054 from master | |||
| 2014-04-21 | [1.4.x] Corrected the section identifier for MySQL unicode reference. | Matt Lauber | |
| Backport of b2514c02e1 from master | |||
| 2014-04-19 | [1.4.x] Fixed random aggregation_regress test_more_more_more() failure | Tim Graham | |
| The cause was assuming that an unordered queryset returns the values always in the same order. Backport of 33dd8f544205be923e2a06106909ebcd3583526b | |||
| 2014-03-24 | [1.4.x] Updated six to 1.6.1. | Tim Graham | |
| Backport of 2ec82c7387db071278201796208808de84c90dbf from master | |||
| 2014-03-22 | [1.4.x] Clarified striptags documentation | Claude Paroz | |
| The fact that striptags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/ Partial backport (doc-only) of 6ca6c36f82 from master. | |||
| 2014-03-05 | [1.4.x] Fixed #21195 -- Clarifed usage of template_name in tutorial part 4. | Tim Graham | |
| Backport of b66a51ad545ac726ef98966cbc35ee7aefdff8cd from master. | |||
| 2014-01-26 | [1.4.x] Added release note stub for 1.4.11. | Tim Graham | |
| Backport of dfa28981ce from master. | |||
| 2014-01-26 | [1.4.x] Fixed #21823 -- Upgraded six to 1.5.2 | Tim Graham | |
| Backport of 780ae7e9f8 from master. | |||
| 2014-01-24 | [1.4.x] Fixed #21869 -- Fixed docs building with Sphinx 1.2.1. | Tim Graham | |
| Thanks tragiclifestories for the report. Backport of e1d18b9d2e from master | |||
| 2014-01-19 | [1.4.x] Added a note about LTS releases. | Jacob Kaplan-Moss | |
| Backport of a44cbca2a5f1388c6511dad48443877fa660845a from master. | |||
| 2014-01-17 | [1.4.x] Fixed #20052 -- Discouraged use of Jython given the current state of ↵ | Tim Graham | |
| django-jython. Thanks Josh Juneau (maintainer of django-jython) for the review. Backport of a67e327db5 from master | |||
| 2014-01-02 | Updated six to version 1.4.1 | Luke Plant | |
| This is not a bugfix. But six only exists on Django 1.4.x branch to help with future compatibility, so it is helpful if it keeps up with latest Django. | |||
| 2013-12-11 | [1.4.x] Fixed #21594 -- Added note about model formsets deleting objects. | Ben Spaulding | |
| This behavior has been fixed in 65e03a424e. refs #10284. Backport of de1d5d5df5 from stable/1.6.x. | |||
| 2013-12-04 | [1.4.x] Fixed #21558 -- Support building CHM files. | Aymeric Augustin | |
| Thanks Michał Pasternak. Backport of cd9e85ec from master. | |||
| 2013-12-02 | [1.4.x] Fixed #21538 -- Added numpy to test/requirements/base.txt | Alasdair Nicol | |
| Thanks Tim Graham for the report Backport of c75dd664c from master | |||
| 2013-11-23 | [1.4.x] Removed obsolete deprecation notes. | Aymeric Augustin | |
| 2013-11-22 | [1.4.x] Fix #20054: Removed links to modwsgi.org. | Baptiste Mispelon | |
| Backport of 957fcd0c9fc605bbb69e03296aede3b0bac5a8d2 from master. | |||
| 2013-11-07 | [1.4.x] Added 1.4.10 release notes to index. | Tim Graham | |
| 2013-11-06 | [1.4.x] Bump version info and add release notes for 1.4.10.1.4.10 | James Bennett | |
| 2013-11-02 | Fixed #21362 -- Restored Python 2.5 compatibility. | Florian Apolloner | |
| 2013-11-01 | Merge pull request #1837 from loic/django14 | Aymeric Augustin | |
| Fixed SyntaxError on Python 2.5 caused by a @unittest.skipIf class decoration. | |||
 |
index : chango.git | |
| django |
| summaryrefslogtreecommitdiff |