summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-10-04[4.1.x] Bumped version for 4.1.12 release.4.1.12Natalia
2023-10-04[4.1.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in ↵Natalia
django.utils.text.Truncator when truncating HTML text. Thanks Wenchao Li of Alibaba Group for the report.
2023-09-27[4.1.x] Added stub release notes for 4.1.12 and 3.2.22.Natalia
2023-09-04[4.1.x] Added CVE-2023-41164 to security archive.Mariusz Felisiak
Backport of 8a98768868a104ea3ce10d8182590bdd095d9ccb from main
2023-09-04[4.1.x] Post-release version bump.Mariusz Felisiak
2023-09-04[4.1.x] Bumped version for 4.1.11 release.4.1.11Mariusz Felisiak
2023-09-04[4.1.x] Fixed CVE-2023-41164 -- Fixed potential DoS in ↵Mariusz Felisiak
django.utils.encoding.uri_to_iri(). Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-08-28[4.1.x] Fixed warnings per flake8 6.1.0.Mariusz Felisiak
Backport of 22b0b73c7732ba67db4e69fd9fa75aad84c8e5c4 from main.
2023-08-28[4.1.x] Added stub release notes for 4.1.11 and 3.2.21.Mariusz Felisiak
Backport of 24f1a38b37c0af3a5ce0dd7b5392fe4e75d7e1dc from main.
2023-08-03[4.1.x] Fixed #34756 -- Fixed docs HTML build on Sphinx 7.1+.David Smith
Backport of b3e0170ab546a96930ce3114b0a1a560953c0ff4 from main
2023-07-03[4.1.x] Added CVE-2023-36053 to security archive.Mariusz Felisiak
Backport of 1d6fbf16f24200a556beb6dd197439944deb6837 from main
2023-07-03[4.1.x] Post-release version bump.Mariusz Felisiak
2023-07-03[4.1.x] Bumped version for 4.1.10 release.4.1.10Mariusz Felisiak
2023-07-03[4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator ↵Mariusz Felisiak
and URLValidator. Thanks Seokchan Yoon for reports.
2023-06-26[4.1.x] Added stub release notes for 4.1.10 and 3.2.20.Mariusz Felisiak
Backport of 2360ba22742c3ee8729697bfe2d508110465af56 from main
2023-05-04[4.1.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if ↵Mariusz Felisiak
Pillow isn't installed. Follow up to fb4c55d9ec4bb812a7fb91fa20510d91645e411b. Backport of fcfbf08abe3e6dc54894df6988024f055abc6c40 from main
2023-05-03[4.1.x] Added CVE-2023-31047 to security archive.Mariusz Felisiak
Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main
2023-05-03[4.1.x] Post-release version bump.Mariusz Felisiak
2023-05-03[4.1.x] Bumped version for 4.1.9 release.4.1.9Mariusz Felisiak
2023-05-03[4.1.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of ↵Mariusz Felisiak
validation when uploading multiple files using one form field. Thanks Moataz Al-Sharida and nawaik for reports. Co-authored-by: Shai Berger <shai@platonix.com> Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-04-26[4.1.x] Added missing backticks in docs/releases/1.7.txt.Mariusz Felisiak
2023-04-26[4.1.x] Added stub release notes for 4.1.9 and 3.2.19.Mariusz Felisiak
Backport of 18a7f2c711529f8e43c36190a5e2479f13899749 from main
2023-04-07[4.1.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on ↵Mariusz Felisiak
Python 3.11.4+. https://github.com/python/cpython/commit/5342f5e713e0cc45b6f226d2d053a8cde1b4d68e Follow up to 38e63c9e61152682f3ff982c85a73793ab6d3267. Backport of 2eb1f37260f0e0b71ef3a77eb5522d2bb68d6489 from main
2023-04-05[4.1.x] Post-release version bump.Mariusz Felisiak
2023-04-05[4.1.x] Bumped version for 4.1.8 release.4.1.8Mariusz Felisiak
2023-04-05[4.1.x] Added release date for 4.1.8.Mariusz Felisiak
Backport of fdf0a367bdd72c70f91fb3aed77dabbe9dcef69f from main
2023-03-08[4.1.x] Fixed #34384 -- Fixed session validation when rotation secret keys.David Wobrock
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7. Thanks Eric Zarowny for the report. Backport of 2396933ca99c6bfb53bda9e53968760316646e01 from main
2023-03-06[4.1.x] Added stub release notes for 4.1.8.Mariusz Felisiak
Backport of 9a07999aef7958c9b5441e368cd90646d0edc5c9 from main
2023-02-16[4.1.x] Refs #21080, Refs #34322 -- Added warning to ↵Mariusz Felisiak
ManifestStaticFilesStorage docs about paths in comments. Backport of bae053d497ba8a8de7e4f725973924bfb1885fd2 from main.
2023-02-15[4.1.x] Refs #32339 -- Doc'd BaseFormSet.as_div()David Smith
Backport of 4038a8df0b8c20624ba826cf9af8f532e5a51aaa from main.
2023-02-14[4.1.x] Added CVE-2023-24580 to security archive.Carlton Gibson
Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
2023-02-14[4.1.x] Post-release version bump.Carlton Gibson
2023-02-14[4.1.x] Bumped version for 4.1.7 release.4.1.7Carlton Gibson
2023-02-14[4.1.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.Markus Holtermann
Thanks to Jakob Ackermann for the report.
2023-02-13[4.1.x] Fixed #34318 -- Added release note for ↵Sota Tabu
4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. Backport of 3e9d413231edc29768cc7ca0427e63b19233f562 from main
2023-02-08[4.1.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ↵Mariusz Felisiak
ValidationError with no code. Thanks Mateusz Kurowski for the report. Regression in 667105877e6723c6985399803a364848891513cc. Backport of 2fd755b361d3da2cd0440fc9839feb2bb69b027b from main
2023-02-07[4.1.x] Added stub release notes for 4.0.10 and 3.2.18.Carlton Gibson
Set date for 4.1.7 release. Backport of 7e003428f96d616c1f77fed84882a95e63bc3644 from main
2023-02-01[4.1.x] Added stub release notes for 4.1.7.Mariusz Felisiak
Backport of f3c89744cc801cc7d134bca9958c4a74aa76380f from main
2023-02-01[4.1.x] Added CVE-2023-23969 to security archive.Mariusz Felisiak
Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main
2023-02-01[4.1.x] Ignored a637d0bd22665edfe7af40b4da3297462ec3c9cf formatting changes ↵Mariusz Felisiak
in git blame.
2023-02-01[4.1.x] Refs #33476 -- Applied Black's 2023 stable style.David Smith
Black 23.1.0 is released which, as the first release of the year, introduces the 2023 stable style. This incorporates most of last year's preview style. https://github.com/psf/black/releases/tag/23.1.0 Backport of 097e3a70c1481ee7b042b2edd91b2be86fb7b5b6 from main.
2023-02-01[4.1.x] Post-release version bump.Mariusz Felisiak
2023-02-01[4.1.x] Bumped version for 4.1.6 release.4.1.6Mariusz Felisiak
2023-02-01[4.1.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for ↵Nick Pope
Accept-Language. The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Accept-Language headers are now limited to a maximum length in order to avoid this issue.
2023-01-31[4.1.x] Bumped versions in pre-commit and npm configurations.Mariusz Felisiak
Backport of f825536b5e09b3a047fec0c10aabd91bace0995c from main
2023-01-31[4.1.x] Fixed E501 flake8 error.Mariusz Felisiak
2023-01-31[4.1.x] Fixed #34180 -- Added note about resetting language in test tear-downs.Durval Carvalho
Co-authored-by: Faris Naimi <farisfaris66@gmail.com> Backport of 40217d1a82b0c16cddba377325d12b2c253f402a from main
2023-01-26[4.1.x] Fixed #34291 -- Fixed Meta.constraints validation crash on ↵Mariusz Felisiak
UniqueConstraint with ordered expressions. Thanks Dan F for the report. Bug in 667105877e6723c6985399803a364848891513cc. Backport of 2b1242abb3989f5d74e787b09132d01bcbee5b55 from main.
2023-01-25[4.1.x] Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17.Carlton Gibson
Backport of d8e1442ce2c56282785dd806e5c1147975e8c857 from main
2023-01-25[4.1.x] Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17.Carlton Gibson
Backport of 1df963ad2476726d63be132c0cee47e07b8250d7 from main