| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-08-01 | [2.2.x] Bumped version for 2.2.4 release.2.2.4 | Carlton Gibson | |
| 2019-07-29 | [2.2.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in ↵ | Florian Apolloner | |
| django.utils.encoding.uri_to_iri(). Thanks to Guido Vranken for initial report. | |||
| 2019-07-29 | [2.2.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and ↵ | Mariusz Felisiak | |
| index lookups against SQL injection. Thanks to Sage M. Abdullah for the report and initial patch. Thanks Florian Apolloner for reviews. | |||
| 2019-07-29 | [2.2.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in ↵ | Florian Apolloner | |
| strip_tags() when handling incomplete HTML entities. Thanks to Guido Vranken for initial report. | |||
| 2019-07-29 | [2.2.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues ↵ | Florian Apolloner | |
| when truncating HTML. Thanks to Guido Vranken for initial report. | |||
| 2019-07-29 | [2.2.x] Fixed #30656 -- Added QuerySet.bulk_update() to the database ↵ | daniel a rios | |
| optimization docs. Backport of 68aeb9016084290aac4f82860e17a9f4e941676e from master | |||
| 2019-07-29 | [2.2.x] Refs #30656 -- Reorganized bulk methods in the database optimization ↵ | daniel a rios | |
| docs. Backport of fe33fdc049df75f9dd8e2eecc8c94aefc0132cb8 from master | |||
| 2019-07-25 | [2.2.x] Added stub release notes for security releases. | Carlton Gibson | |
| Backport of f13147c8de725eed7038941758469aeb9bd66503 from master | |||
| 2019-07-24 | [2.2.x] Fixed #30647 -- Fixed crash of autoreloader when extra directory ↵ | Tom Forbes | |
| cannot be resolved. Backport of fc75694257b5bceab82713f84fe5a1b23d641c3f from master. | |||
| 2019-07-23 | [2.2.x] Fixed typo in docs/topics/http/sessions.txt. | terminator14 | |
| Backport of 8323691de0ba120dbdc8055063574df2b0c0afa4 from master | |||
| 2019-07-23 | [2.2.x] Fixed #30506 -- Fixed crash of autoreloader when path contains null ↵ | Tom Forbes | |
| characters. Backport of 2ff517ccb6116c1be6338e6bdcf08a313defc5c7 from master. | |||
| 2019-07-19 | [2.2.x] Refs #30083 -- Added a warning about performing queries in ↵ | Mariusz Felisiak | |
| pre/post_init receivers. Thanks Carlton Gibson the review. Backport of fc1182af01c391ce33d7fcf51c756829c6a11d5b from master | |||
| 2019-07-19 | [2.2.x] Refs #30083 -- Clarified database state of instances in ↵ | Mariusz Felisiak | |
| signals.pre_init docs. Backport of a2e1c17f193f5017e1f6fac7d860f1f9e34d7892 from master | |||
| 2019-07-18 | [2.2.x] Fixed #30648 -- Removed unnecessary overriding get_context_data() ↵ | Davit Gachechiladze | |
| from mixins with CBVs docs. Backport of 7f612eda80db1c1c8e502aced54c2062080eae46 from master | |||
| 2019-07-18 | [2.2.x] Refs #30547 -- Clarified that partial UniqueConstraints don't affect ↵ | Mariusz Felisiak | |
| model validation. Backport of 230d75f59c43b9731465c4ec92ad714e301637b8 from master | |||
| 2019-07-16 | [2.2.x] Fixed heading level typo in docs/ref/contrib/postgres/fields.txt. | Mariusz Felisiak | |
| Backport of ad4e83a6d1c0a212fae751a3125dff6e28b2390a from master | |||
| 2019-07-16 | [2.2.x] Updated WSGI servers ordering according to the more commonly used. | Frank Wiles | |
| Backport of fa65b90a96f27dced8cfa89126d28186b4c80fbf from master | |||
| 2019-07-15 | [2.2.x] Fixed explanation of how to automatically create tables in database. | Frank Wiles | |
| Backport of c1b94e32fb3df25d72b5e9973da7928dddbc3a2e from master | |||
| 2019-07-11 | [2.2.x] Doc'd --no-input option for createsuperuser. | Hasan Ramezani | |
| Backport of 8dd5877f58f84f2b11126afbd0813e24545919ed from master | |||
| 2019-07-10 | [2.2.x] Fixed #30621 -- Fixed crash of __contains lookup for ↵ | Mariusz Felisiak | |
| Date/DateTimeRangeField when the right hand side is the same type. Thanks Tilman Koschnick for the report and initial patch. Thanks Carlton Gibson for the review. Regression in 6b048b364ca1e0e56a0d3815bf2be33ac9998355. Backport of 7991111af12056ec9a856f35935d273526338c1f from master | |||
| 2019-07-10 | [2.2.x] Fixed #30628 -- Adjusted expression identity to differentiate bound ↵ | Simon Charette | |
| fields. Expressions referring to different bound fields should not be considered equal. Thanks Julien Enselme for the detailed report. Regression in bc7e288ca9554ac1a0a19941302dea19df1acd21. Backport of ee6e93ec8727d0f5ed33190a3c354867669ed72f from master | |||
| 2019-07-09 | [2.2.x] Fixed typos in docs/ref/django-admin.txt. | Mariusz Felisiak | |
| Backport of 24e8f7f7d3063a3bbfe14774080bc89035b4a3e2 from master | |||
| 2019-07-09 | [2.2.x] Added stub release notes for 2.2.4. | Mariusz Felisiak | |
| Backport of 08e69cad9ccb18738b66388b0d0ee4660470710e from master | |||
| 2019-07-04 | [2.2.x] Fixed #30600 -- Clarified that ValueError raised by ↵ | sp1rs | |
| converter.to_python() means no match. Backport of f197c3dd9130b18397022605c27ffe5755f329d7 from master | |||
| 2019-07-04 | [2.2.x] Fixed #28667 -- Clarified how to override list of forms fields for ↵ | swatantra | |
| custom UserAdmin with a custom user model. Backport of c13e3715f5f46f2ee4ddba357e2589a45e831813 from master | |||
| 2019-07-02 | [2.2.x] Fixed #28588 -- Doc'd User.has_perm() & co. behavior for active ↵ | Carlton Gibson | |
| superusers. Equivalent note for PermissionsMixin was added in d33864ed138f65070049a3ac20ee98e03a1442b9. Backport of 4b32d039dbb59b3c3e76587df5c58150e752d9ac from master | |||
| 2019-07-01 | [2.2.x] Fixed #30589 -- Clarified that urlize should be applied only to ↵ | aitoehigie | |
| email addresses without single quotes. Backport of c2f381ef17058e5cfea58ae507983d2e459a2888 from master | |||
| 2019-07-01 | [2.2.x] Added CVE-2019-12781 to the security release archive. | Mariusz Felisiak | |
| Backport of 868cd56f058ca203419ad0886353173b74c3bcf1 from master | |||
| 2019-07-01 | [2.2.x] Post-release version bump. | Mariusz Felisiak | |
| 2019-07-01 | [2.2.x] Bumped version for 2.2.3 release.2.2.3 | Mariusz Felisiak | |
| 2019-07-01 | [2.2.x] Updated man page for Django 2.2. | Mariusz Felisiak | |
| 2019-07-01 | [2.2.x] Added release date for 2.2.3. | Mariusz Felisiak | |
| Backport of fc41401f33045d2015dd92e735a13e5ee4af3afd from master | |||
| 2019-07-01 | [2.2.x] Fixed CVE-2019-12781 -- Made HttpRequest always trust ↵ | Carlton Gibson | |
| SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review. Backport of 54d0f5e62f54c29a12dd96f44bacd810cbe03ac8 from master | |||
| 2019-07-01 | [2.2.x] Added stub release notes for security releases. | Mariusz Felisiak | |
| Backport of 30b3ee9d0b33bb440f9c73d1ce9e0e7303887a9f from master | |||
| 2019-06-30 | [2.2.x] Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database. | Mariusz Felisiak | |
| Backport of 4305fbe8b11f44ab5d6759346488026c1e9677b2 from master | |||
| 2019-06-29 | [2.2.x] Updated translations from Transifex | Claude Paroz | |
| 2019-06-26 | [2.2.x] Fixed #30588 -- Fixed crash of autoreloader when __main__ module ↵ | Tom Forbes | |
| doesn't have __file__ attribute. Backport of 8454f6dea49dddb821bfcb7569ea222bb487dfd1 from master | |||
| 2019-06-24 | [2.2.x] Fixed typo in docs/topics/db/models.txt. | Meysam | |
| Backport of 833878411c35e1d47abfb77c23863a9dc9bb6d27 from master | |||
| 2019-06-24 | [2.2.x] Fixed typo in docs/ref/models/indexes.txt. | Alexey Opalev | |
| Backport of 2f91e7832fd2e51dfb75f6027b673a943e736ef0 from master | |||
| 2019-06-22 | [2.2.x] Removed unneeded non-breaking spaces added in 00169bc36 | Claude Paroz | |
| Backport of 8590726a5dd3087d40b549580703cd8c74f3d7b1 from master. | |||
| 2019-06-21 | [2.2.x] Bumped minimum ESLint version to 4.18.2. | Markus Holtermann | |
| Backport of ad7b438002f1ab2a0ccb321012182991737ea84e from master. | |||
| 2019-06-21 | [2.2.x] Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes. | Jon Dufresne | |
| Backport of 2ef6f209f79b0bd27d53405f0d46bb9ab82b2a52 from master | |||
| 2019-06-20 | [2.2.x] Refs #30565 -- Doc'd HttpResponse.close() method. | Chris Jerdonek | |
| Backport of 533311782fd0c974208490ec9d11da3bbe179dea from master | |||
| 2019-06-20 | [2.2.x] Fixed #30547 -- Doc'd how Meta.constraints affect model validation. | Swat009 | |
| Backport of 00169bc36156d4a32546229bf39de91213709eaf from master | |||
| 2019-06-19 | [2.2.x] Fixed typos in signals and custom management commands docs. | Hasan Ramezani | |
| Backport of a7038adbd02c916315b16939b835f021c2ee8880 from master | |||
| 2019-06-18 | [2.2.x] Fixed typos and example in signals.pre_init docs. | Hasan Ramezani | |
| Backport of 036362e0cfe74e4ab8a65b99eb2aa9c35371fc04 from master | |||
| 2019-06-13 | [2.2.x] Fixed an example of email with display name in EmailMessage.from_email. | Joachim Jablon | |
| Backport of 0c2ffdd526ff0f0015628821c77fbee15960eaef from master | |||
| 2019-06-11 | [2.2.x] Fixed intword example in docs/ref/contrib/humanize.txt. | Jon Dufresne | |
| Backport of 175656e166712db019a4704c4031510b9fd6b00a from master | |||
| 2019-06-11 | [2.2.x] Fixed #30486 -- Fixed the default value of Aggregate.distinct and ↵ | Vyacheslav Ver | |
| updated example of custom aggregate functions. Backport of 76b3fc5c8d8dffb441aaa08f75833888be2107af from master | |||
| 2019-06-11 | [2.2.x] Changed charset and collation link to MySQL docs. | Mykola Nicholas | |
| Backport of f3a03d5b61bbf6a47c9aaf8113cff5b1befbcbc5 from master | |||
