| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-02-20 | [1.4.x] Bump version numbers to roll a clean package.1.4.5 | James Bennett | |
| 2013-02-20 | [1.4.x] Note that ALLOWED_HOSTS default changes in Django 1.5. | Carl Meyer | |
| 2013-02-19 | [1.4.x] Fixed #19857 -- Fixed broken docs link in project template. | Carl Meyer | |
| 2013-02-19 | [1.4.x] Don't characterize XML vulnerabilities as DoS-only. | Carl Meyer | |
| 2013-02-19 | [1.4.x] Bump version numbers for security release.1.4.4 | James Bennett | |
| 2013-02-19 | [1.4.x] Update 1.4.4 release notes for all security fixes. | Carl Meyer | |
| 2013-02-19 | [1.4.x] Added a default limit to the maximum number of forms in a formset. | Aymeric Augustin | |
| This is a security fix. Disclosure and advisory coming shortly. | |||
| 2013-02-19 | [1.4.x] Checked object permissions on admin history view. | Carl Meyer | |
| This is a security fix. Disclosure and advisory coming shortly. Patch by Russell Keith-Magee. | |||
| 2013-02-19 | [1.4.x] Restrict the XML deserializer to prevent network and ↵ | Carl Meyer | |
| entity-expansion DoS attacks. This is a security fix. Disclosure and advisory coming shortly. | |||
| 2013-02-19 | [1.4.x] Added ALLOWED_HOSTS setting for HTTP host header validation. | Carl Meyer | |
| This is a security fix; disclosure and advisory coming shortly. | |||
| 2013-02-16 | [1.4.x] Fixed #19824 - Corrected the class described for Field.primary_key ↵ | Tim Graham | |
| from IntegerField to AutoField. Thanks Keryn Knight. Backport of 218bbef0c4 from master | |||
| 2013-02-16 | [1.4.x] Fixed #19812 - Removed a duplicate phrase in the widget docs. | Tim Graham | |
| Thanks diegueus9 for the report and itsallvoodoo for the draft patch. Backport of 7a80904b00 from master | |||
| 2013-02-16 | [1.4.x] Fixed #19719 - Removed misleading example from ModelForm documentation | Alex Hunley | |
| Backport of 976dc07baf from master | |||
| 2013-02-12 | [1.4.x] Fixed #19815 - Removed an unused import in tutorial 3. | Tim Graham | |
| Thanks pedro.calcao@ for the report. | |||
| 2013-02-13 | [1.4.x] Removed try-except in django.db.close_connection() | Anssi Kääriäinen | |
| The reason was that the except clause needed to remove a connection from the django.db.connections dict, but other parts of Django do not expect this to happen. In addition the except clause was silently swallowing the exception messages. Refs #19707, special thanks to Carl Meyer for pointing out that this approach should be taken. | |||
| 2013-02-11 | Fixed WSGIPythonPath instruction in deployment docs | Claude Paroz | |
| Partial backport of 3abf6105b6 from master. Refs #19042. | |||
| 2013-02-10 | [1.4.x] Made custom m2m fields without through easier to use | Anssi Kääriäinen | |
| The change in f105fbe52b21da206bfbaedf0e92326667d7b2d4 made through=None m2m fields fail in cases where they worked before. It isn't possible to create such fields using public APIs. The fix is trivial, so it seems worth fixing this for custom m2m field users. This is not a backport from master. Master has gotten enough other changes to related fields internal API that this fix alone isn't enough to do any good. | |||
| 2013-02-10 | [1.4.x] Fixed #19707 -- Reset transaction state after requests | Anssi Kääriäinen | |
| Backpatch of a4e97cf315142e61bb4bc3ed8259b95d8586d09c. | |||
| 2013-02-10 | [1.4.x] Fixed #19645 -- Added tests for TransactionMiddleware | Anssi Kääriäinen | |
| Backpatch of f556df90be995a83b979cf875705d98521ab4dc7. Backpatching these tests so that it will be easier to backpatch the fix for #19707. | |||
| 2013-02-07 | [1.4.x] Fixed #19756 - Corrected a ManyToMany example and added some links ↵ | Tim Graham | |
| and markup. Backport of 43efefae69 from master | |||
| 2013-02-02 | [1.4.x] Fixed #19702 -- Changed a SQL command syntax to be MySQL 4-compatible | Claude Paroz | |
| Thanks matf at op.pl for the report. | |||
| 2013-02-02 | [1.5.x] Lowered field ordering requirement in ogrinspect test | Claude Paroz | |
| This test was randomly failing depending on the library environment. Backport of a1c470a6f from master. | |||
| 2013-02-02 | [1.4.x] Fixed #18144 -- Added backwards compatibility with old unsalted MD5 ↵ | Claude Paroz | |
| passwords Thanks apreobrazhensky at gmail.com for the report. Backport of 63d6a50dd from master. | |||
| 2013-01-17 | [1.4.x] Fixed #19555 - Removed '2012' from tutorial 1. | Tim Graham | |
| Thanks rodrigorosa.lg and others for the report. Backport of 99315f709e from master | |||
| 2013-01-09 | [1.4.x] Addeded CSS to bold deprecation notices. | Tim Graham | |
| Thanks Sam Lai for mentioning this on the mailing list. Backport of 227bd3f8db from master | |||
| 2012-12-21 | [1.4.X] Fixed #19506 - Remove 'mysite' prefix in model example. | Tim Graham | |
| Thanks Mike O'Connor for the report. Backport of 52a2588df6 from master | |||
| 2012-12-19 | [1.4.x] Added PASSWORD_HASHERS to settings reference document. | Ramiro Morales | |
| abd0f304b162b3120b1c7321fbfc3090e5f3c92c from master. | |||
| 2012-12-15 | [1.4.X] Fixed #18099 -- corrected a typo in the initial data docs. Thanks ↵ | Alex Gaynor | |
| to Bradley Ayers for the patch. Backport of f5a9e5e9 from master | |||
| 2012-12-10 | [1.4.X] Fixed a test failure in the comment tests. | Florian Apolloner | |
| Backport of 1eb0da1c5ba3096f218d1df13d02a2b8e1ac7a36 from master. | |||
| 2012-12-10 | [1.4.x] Bump version numbers for security release.1.4.3 | James Bennett | |
| 2012-12-10 | [1.4.X] Fixed a security issue in get_host. | Florian Apolloner | |
| Full disclosure and new release forthcoming. | |||
| 2012-12-10 | [1.4.X] Fixed #18856 -- Ensured that redirects can't be poisoned by ↵ | Florian Apolloner | |
| malicious users. | |||
| 2012-12-04 | [1.4.x] Fixed the admin_filters tests for Postgres. | Julien Phalip | |
| Backport of c196e01100b2 | |||
| 2012-12-03 | [1.4.x] Fixed #19318 -- Ensured that the admin's SimpleListFilter options ↵ | Sebastián Magrí | |
| can be displayed as selected even if the lookup's first element is not a string. Backport of 88e17156393b | |||
| 2012-11-24 | [1.4.x] Fixed ordering-related failure in m2m_through_regress tests | Anssi Kääriäinen | |
| Backpatch of dc569c880143db07e01b3293d698ad8fe4a0136f | |||
| 2012-11-24 | [1.4.x] Restored Python 2.5 compatibility in m2m_through_regress tests. | Aymeric Augustin | |
| Refs #18823. | |||
| 2012-11-24 | [1.4.x] Fixed SQLite's collapsing of same-valued instances in bulk_create | Anssi Kääriäinen | |
| SQLite used INSERT INTO tbl SELECT %s UNION SELECT %s, the problem was that there should have been UNION ALL instead of UNION. Refs #19351 Backpatch of a27582484cf814554907d2d1ad077852de36963f | |||
| 2012-11-22 | [1.4.X] Fixed #19317 - Added an image for warning blocks in the docs | Tim Graham | |
| Thanks tome for the suggestion and patch. Backport of 3587991ba8 from master | |||
| 2012-11-21 | [1.4.x] Added examples of using startproject/app with URLs | Preston Holmes | |
| thanks to Brent O'Connor for the idea and intial docs | |||
| 2012-11-20 | [1.4.x] Corrected docs about default value of MESSAGE_STORAGE | Luke Plant | |
| Backport of a32f30c79c1be8e088917bced0f97760a92045ef from master | |||
| 2012-11-17 | [1.4.X] Fixed #13997 - Added an example of constructing a MultiWidget and ↵ | Tim Graham | |
| documented the value_from_datadict method. Backport of 04775b4598 from master | |||
| 2012-11-15 | [1.4.x] Fixed #19058 -- Fixed Oracle GIS crash | Anssi Kääriäinen | |
| The problem is the same as in #10888 which was reintroduced when bulk_insert was added. Thanks to Jani Tiainen for report, patch and also testing the final patch on Oracle GIS. Backpatch of 92d7f541da8b59520c833b19fbba52d3ecef2428 | |||
| 2012-11-13 | [1.4.X] Typo in comments doc | Nicolas Ippolito | |
| Backport of 17b14d4819 from master | |||
| 2012-11-02 | Fixed #19225 -- Typo in shortcuts docs. | Aymeric Augustin | |
| Thanks SunPowered for the report. | |||
| 2012-10-29 | [1.4.x] Fixed #19208 -- Docs for mod_wsgi daemon mode | Aymeric Augustin | |
| Thanks Graham Dumpleton for the patch. Backport of bc00075 from master. | |||
| 2012-10-29 | [1.4.x] Fixed #19172 -- Isolated poisoned_http_host tests from 500 handlers | Claude Paroz | |
| Thanks bernardofontes for the report. Backport of b774c5993 from master. | |||
| 2012-10-28 | [1.4.x] Fixed #18823 -- Ensured m2m.clear() works when using through+to_field | Anssi Kääriäinen | |
| There was a potential data-loss issue involved -- when clearing instance's m2m assignments it was possible some other instance's m2m data was deleted instead. This commit also improved None handling for to_field cases. Backpatch of 611c4d6f1c24763e5e6e331a5dcf9b610288aaa8 | |||
| 2012-10-24 | [1.4.X] Fixed #9471 - Expanded ModelAdmin.raw_id_fields docs; thanks ↵ | Tim Graham | |
| adroffne for the suggestion. Backport of da958eb209 from master | |||
| 2012-10-23 | [1.4.x] Fix an HTML-parser test that's failed in Python 2.6.8 since 5c79dd58. | Carl Meyer | |
| The problem description in #18239 asserted that http://bugs.python.org/issue670664 was fixed in Python 2.6.8, but based on http://bugs.python.org/issue670664#msg146770 it appears that's not correct; the fix was only applied in 2.7, 3.2, and Python trunk. Therefore we must use our patched HTMLParser subclass in all Python 2.6 versions. Backport of fcec904e4f from master. Fixes #19148. | |||
| 2012-10-21 | Added 1.4.2 release notes | Preston Holmes | |
