| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-10-22 | [1.4.x] Bump version numbers for bugfix release.1.4.16 | James Bennett | |
| 2014-10-22 | [1.4.x] Added release dates to release notes. | Tim Graham | |
| Backport of 9dc782b631 from master | |||
| 2014-10-10 | [1.4.x] Fixed #23631 -- Removed outdated note on MySQL timezone support. | Tim Graham | |
| Thanks marfire for the report. Backport of 9db3653670 from master | |||
| 2014-10-06 | [1.4.x] Fixed #23604 -- Allowed related m2m fields to be references in the ↵ | Emmanuelle Delescolle | |
| admin. Thanks Simon Charette for review. Backport of a24cf21722 from master | |||
| 2014-09-29 | [1.4.x] Required numpy < 1.9 for tests; refs #23489. | Tim Graham | |
| Backport of 4743a94429 from stable/1.7.x | |||
| 2014-09-17 | [1.4.x] Fixed #23499 -- Error in built-in template tag "now" documentation | Joseph Dougherty | |
| Backport of ab8248361e0a7b4fc7684eaaa5891e16b8562683 from master. | |||
| 2014-09-11 | [1.4.x] Fixed #20036 -- Improved GEOS version string parsing | Claude Paroz | |
| Thanks chikiro.spam at gmail.com for the report. | |||
| 2014-09-08 | [1.4.x] Fixed #23431 -- Allowed inline and hidden references to admin fields. | Simon Charette | |
| This fixes a regression introduced by the 53ff096982 security fix. Thanks to @a1tus for the report and Tim for the review. refs #23329. Backport of 342ccbd from master | |||
| 2014-09-02 | [1.4.x] Added dates to release notes. | Tim Graham | |
| Backport of 0fd23545db from master | |||
| 2014-09-02 | [1.4.x] Post release version bump. | Tim Graham | |
| 2014-09-02 | [1.4.x] Bump version numbers for bugfix release.1.4.15 | James Bennett | |
| 2014-08-27 | [1.4.x] Fixed #23329 -- Allowed inherited and m2m fields to be referenced in ↵ | Simon Charette | |
| the admin. Thanks to Trac alias Markush2010 and ross for the detailed reports. Backport of 3cbb759 from master | |||
| 2014-08-26 | [1.4.x] Fixed spelling mistake in file docs. | Tim Graham | |
| Backport of a3e88e64a4 from master | |||
| 2014-08-20 | [1.4.x] Bumped version number post-release. | Tim Graham | |
| 2014-08-20 | [1.4.x] Added dates to release notes. | Tim Graham | |
| 2014-08-20 | [1.4.x] Bump version numbers for security release.1.4.14 | James Bennett | |
| 2014-08-11 | [1.4.x] Prevented data leakage in contrib.admin via query string manipulation. | Simon Charette | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on ↵ | Preston Holmes | |
| REMOTE_USE change. This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file ↵ | Tim Graham | |
| names. This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Prevented reverse() from generating URLs pointing to other hosts. | Florian Apolloner | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Added release note stub for 1.4.14. | Tim Graham | |
| 2014-08-11 | [1.4.x] Added a warning that remove_tags() output shouldn't be considered safe. | Tim Graham | |
| Backport of 7efce77de2 from master | |||
| 2014-08-08 | [1.4.x] Noted that django-jython requires Django 1.7. | Tim Graham | |
| Backport of 72e98d5c16 from stable/1.6.x | |||
| 2014-08-06 | [1.4.x] Fixed #23239 -- Clarified a phrase in the contrib.markup docs. | Tim Graham | |
| Backport of e0fb48c254 from stable/1.5.x | |||
| 2014-08-02 | [1.4.x] Fixed #23149 -- Clarified note on HTTPOnly in cookie-based session docs | Erik Romijn | |
| Backport of e26366da44bb343e7a95d01ff0dd18b8026c2802 from master. | |||
| 2014-07-25 | [1.4.x] Added tests/requirements/py2.txt. | Tim Graham | |
| This follows the convention used in other branches so we don't need a special case in the build script for 1.4. | |||
| 2014-07-14 | [1.4.x] Revert "Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet." | Ramiro Morales | |
| This reverts commit b44519072e8a0ef56a0ae9e6e4a1fb04273eb0eb. stable/1.4.x branch is in security-fixes-only mode. | |||
| 2014-07-14 | [1.4.x] Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet. | Tim Graham | |
| Thanks sebastien at clarisys.fr for the report and gautier for the patch. Backport of 5e2c4a4bd1 from master | |||
| 2014-06-18 | [1.4.x] Fixed #22859 -- Improved crossDomain technique in CSRF example. | Tim Graham | |
| Thanks flisky for the report. Backport of 0be4d64487 from master | |||
| 2014-05-15 | [1.4.x] Minor edits to latest release notes. | Tim Graham | |
| Backport of 860d31ac7a3bdd4b27db8b34b110b3d801ddaf8a from master | |||
| 2014-05-14 | Bumped version numbers post-release. | Jacob Kaplan-Moss | |
| 2014-05-14 | Bumped version numbers for release.1.4.13 | Jacob Kaplan-Moss | |
| 2014-05-14 | Added release notes for 1.4.13. | Jacob Kaplan-Moss | |
| 2014-05-12 | [1.4.x] Added additional checks in is_safe_url to account for flexible parsing. | Tim Graham | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-05-12 | [1.4.x] Dropped fix_IE_for_vary/attach. | Aymeric Augustin | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-04-28 | [1.4.x] Added dates to release notes of today's release. | Tim Graham | |
| Backport of 68d264059abb21b96c4fe68bf4d99520268a451c from master | |||
| 2014-04-28 | [1.4.x] Post release version bump. | Tim Graham | |
| 2014-04-28 | [1.4.x] Bump version numbers for 1.4.12 bugfix release.1.4.12 | James Bennett | |
| 2014-04-23 | [1.4.x] Fixed #22486 -- Restored the ability to reverse views created using ↵ | Tim Graham | |
| functools.partial. Regression in 8b93b31. Thanks rcoup for the report. Backport of 3c06b2f2a3 from master | |||
| 2014-04-22 | [1.4.x] Post release version bump. | Tim Graham | |
| 2014-04-21 | [1.4.x] Bump version numbers for 1.4.11 security release.1.4.11 | James Bennett | |
| 2014-04-21 | [1.4.x] Added information on resolved security issues to release notes. | Erik Romijn | |
| Backport of c07f3e60c2d455e36ba4ac339d4283d32bbc3814 from master | |||
| 2014-04-21 | [1.4.x] Fixed queries that may return unexpected results on MySQL due to ↵ | Erik Romijn | |
| typecasting. This is a security fix. Disclosure will follow shortly. Backport of 75c0d4ea3ae48970f788c482ee0bd6b29a7f1307 from master | |||
| 2014-04-21 | [1.4.x] Prevented leaking the CSRF token through caching. | Aymeric Augustin | |
| This is a security fix. Disclosure will follow shortly. Backport of c083e3815aec23b99833da710eea574e6f2e8566 from master | |||
| 2014-04-21 | [1.4.x] Fixed a remote code execution vulnerabilty in URL reversing. | Tim Graham | |
| Thanks Benjamin Bach for the report and initial patch. This is a security fix; disclosure to follow shortly. Backport of 8b93b31487d6d3b0fcbbd0498991ea0db9088054 from master | |||
| 2014-04-21 | [1.4.x] Corrected the section identifier for MySQL unicode reference. | Matt Lauber | |
| Backport of b2514c02e1 from master | |||
| 2014-04-19 | [1.4.x] Fixed random aggregation_regress test_more_more_more() failure | Tim Graham | |
| The cause was assuming that an unordered queryset returns the values always in the same order. Backport of 33dd8f544205be923e2a06106909ebcd3583526b | |||
| 2014-03-24 | [1.4.x] Updated six to 1.6.1. | Tim Graham | |
| Backport of 2ec82c7387db071278201796208808de84c90dbf from master | |||
| 2014-03-22 | [1.4.x] Clarified striptags documentation | Claude Paroz | |
| The fact that striptags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/ Partial backport (doc-only) of 6ca6c36f82 from master. | |||
| 2014-03-05 | [1.4.x] Fixed #21195 -- Clarifed usage of template_name in tutorial part 4. | Tim Graham | |
| Backport of b66a51ad545ac726ef98966cbc35ee7aefdff8cd from master. | |||
 |
index : chango.git | |
| django |
| summaryrefslogtreecommitdiff |