| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-10-04 | [4.1.x] Bumped version for 4.1.12 release.4.1.12 | Natalia | |
| 2023-10-04 | [4.1.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in ↵ | Natalia | |
| django.utils.text.Truncator when truncating HTML text. Thanks Wenchao Li of Alibaba Group for the report. | |||
| 2023-09-27 | [4.1.x] Added stub release notes for 4.1.12 and 3.2.22. | Natalia | |
| 2023-09-04 | [4.1.x] Added CVE-2023-41164 to security archive. | Mariusz Felisiak | |
| Backport of 8a98768868a104ea3ce10d8182590bdd095d9ccb from main | |||
| 2023-09-04 | [4.1.x] Post-release version bump. | Mariusz Felisiak | |
| 2023-09-04 | [4.1.x] Bumped version for 4.1.11 release.4.1.11 | Mariusz Felisiak | |
| 2023-09-04 | [4.1.x] Fixed CVE-2023-41164 -- Fixed potential DoS in ↵ | Mariusz Felisiak | |
| django.utils.encoding.uri_to_iri(). Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com> | |||
| 2023-08-28 | [4.1.x] Fixed warnings per flake8 6.1.0. | Mariusz Felisiak | |
| Backport of 22b0b73c7732ba67db4e69fd9fa75aad84c8e5c4 from main. | |||
| 2023-08-28 | [4.1.x] Added stub release notes for 4.1.11 and 3.2.21. | Mariusz Felisiak | |
| Backport of 24f1a38b37c0af3a5ce0dd7b5392fe4e75d7e1dc from main. | |||
| 2023-08-03 | [4.1.x] Fixed #34756 -- Fixed docs HTML build on Sphinx 7.1+. | David Smith | |
| Backport of b3e0170ab546a96930ce3114b0a1a560953c0ff4 from main | |||
| 2023-07-03 | [4.1.x] Added CVE-2023-36053 to security archive. | Mariusz Felisiak | |
| Backport of 1d6fbf16f24200a556beb6dd197439944deb6837 from main | |||
| 2023-07-03 | [4.1.x] Post-release version bump. | Mariusz Felisiak | |
| 2023-07-03 | [4.1.x] Bumped version for 4.1.10 release.4.1.10 | Mariusz Felisiak | |
| 2023-07-03 | [4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator ↵ | Mariusz Felisiak | |
| and URLValidator. Thanks Seokchan Yoon for reports. | |||
| 2023-06-26 | [4.1.x] Added stub release notes for 4.1.10 and 3.2.20. | Mariusz Felisiak | |
| Backport of 2360ba22742c3ee8729697bfe2d508110465af56 from main | |||
| 2023-05-04 | [4.1.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if ↵ | Mariusz Felisiak | |
| Pillow isn't installed. Follow up to fb4c55d9ec4bb812a7fb91fa20510d91645e411b. Backport of fcfbf08abe3e6dc54894df6988024f055abc6c40 from main | |||
| 2023-05-03 | [4.1.x] Added CVE-2023-31047 to security archive. | Mariusz Felisiak | |
| Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main | |||
| 2023-05-03 | [4.1.x] Post-release version bump. | Mariusz Felisiak | |
| 2023-05-03 | [4.1.x] Bumped version for 4.1.9 release.4.1.9 | Mariusz Felisiak | |
| 2023-05-03 | [4.1.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of ↵ | Mariusz Felisiak | |
| validation when uploading multiple files using one form field. Thanks Moataz Al-Sharida and nawaik for reports. Co-authored-by: Shai Berger <shai@platonix.com> Co-authored-by: nessita <124304+nessita@users.noreply.github.com> | |||
| 2023-04-26 | [4.1.x] Added missing backticks in docs/releases/1.7.txt. | Mariusz Felisiak | |
| 2023-04-26 | [4.1.x] Added stub release notes for 4.1.9 and 3.2.19. | Mariusz Felisiak | |
| Backport of 18a7f2c711529f8e43c36190a5e2479f13899749 from main | |||
| 2023-04-07 | [4.1.x] Refs #34118 -- Fixed CustomChoicesTests.test_uuid_unsupported on ↵ | Mariusz Felisiak | |
| Python 3.11.4+. https://github.com/python/cpython/commit/5342f5e713e0cc45b6f226d2d053a8cde1b4d68e Follow up to 38e63c9e61152682f3ff982c85a73793ab6d3267. Backport of 2eb1f37260f0e0b71ef3a77eb5522d2bb68d6489 from main | |||
| 2023-04-05 | [4.1.x] Post-release version bump. | Mariusz Felisiak | |
| 2023-04-05 | [4.1.x] Bumped version for 4.1.8 release.4.1.8 | Mariusz Felisiak | |
| 2023-04-05 | [4.1.x] Added release date for 4.1.8. | Mariusz Felisiak | |
| Backport of fdf0a367bdd72c70f91fb3aed77dabbe9dcef69f from main | |||
| 2023-03-08 | [4.1.x] Fixed #34384 -- Fixed session validation when rotation secret keys. | David Wobrock | |
| Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7. Thanks Eric Zarowny for the report. Backport of 2396933ca99c6bfb53bda9e53968760316646e01 from main | |||
| 2023-03-06 | [4.1.x] Added stub release notes for 4.1.8. | Mariusz Felisiak | |
| Backport of 9a07999aef7958c9b5441e368cd90646d0edc5c9 from main | |||
| 2023-02-16 | [4.1.x] Refs #21080, Refs #34322 -- Added warning to ↵ | Mariusz Felisiak | |
| ManifestStaticFilesStorage docs about paths in comments. Backport of bae053d497ba8a8de7e4f725973924bfb1885fd2 from main. | |||
| 2023-02-15 | [4.1.x] Refs #32339 -- Doc'd BaseFormSet.as_div() | David Smith | |
| Backport of 4038a8df0b8c20624ba826cf9af8f532e5a51aaa from main. | |||
| 2023-02-14 | [4.1.x] Added CVE-2023-24580 to security archive. | Carlton Gibson | |
| Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main | |||
| 2023-02-14 | [4.1.x] Post-release version bump. | Carlton Gibson | |
| 2023-02-14 | [4.1.x] Bumped version for 4.1.7 release.4.1.7 | Carlton Gibson | |
| 2023-02-14 | [4.1.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. | Markus Holtermann | |
| Thanks to Jakob Ackermann for the report. | |||
| 2023-02-13 | [4.1.x] Fixed #34318 -- Added release note for ↵ | Sota Tabu | |
| 4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. Backport of 3e9d413231edc29768cc7ca0427e63b19233f562 from main | |||
| 2023-02-08 | [4.1.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ↵ | Mariusz Felisiak | |
| ValidationError with no code. Thanks Mateusz Kurowski for the report. Regression in 667105877e6723c6985399803a364848891513cc. Backport of 2fd755b361d3da2cd0440fc9839feb2bb69b027b from main | |||
| 2023-02-07 | [4.1.x] Added stub release notes for 4.0.10 and 3.2.18. | Carlton Gibson | |
| Set date for 4.1.7 release. Backport of 7e003428f96d616c1f77fed84882a95e63bc3644 from main | |||
| 2023-02-01 | [4.1.x] Added stub release notes for 4.1.7. | Mariusz Felisiak | |
| Backport of f3c89744cc801cc7d134bca9958c4a74aa76380f from main | |||
| 2023-02-01 | [4.1.x] Added CVE-2023-23969 to security archive. | Mariusz Felisiak | |
| Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main | |||
| 2023-02-01 | [4.1.x] Ignored a637d0bd22665edfe7af40b4da3297462ec3c9cf formatting changes ↵ | Mariusz Felisiak | |
| in git blame. | |||
| 2023-02-01 | [4.1.x] Refs #33476 -- Applied Black's 2023 stable style. | David Smith | |
| Black 23.1.0 is released which, as the first release of the year, introduces the 2023 stable style. This incorporates most of last year's preview style. https://github.com/psf/black/releases/tag/23.1.0 Backport of 097e3a70c1481ee7b042b2edd91b2be86fb7b5b6 from main. | |||
| 2023-02-01 | [4.1.x] Post-release version bump. | Mariusz Felisiak | |
| 2023-02-01 | [4.1.x] Bumped version for 4.1.6 release.4.1.6 | Mariusz Felisiak | |
| 2023-02-01 | [4.1.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for ↵ | Nick Pope | |
| Accept-Language. The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Accept-Language headers are now limited to a maximum length in order to avoid this issue. | |||
| 2023-01-31 | [4.1.x] Bumped versions in pre-commit and npm configurations. | Mariusz Felisiak | |
| Backport of f825536b5e09b3a047fec0c10aabd91bace0995c from main | |||
| 2023-01-31 | [4.1.x] Fixed E501 flake8 error. | Mariusz Felisiak | |
| 2023-01-31 | [4.1.x] Fixed #34180 -- Added note about resetting language in test tear-downs. | Durval Carvalho | |
| Co-authored-by: Faris Naimi <farisfaris66@gmail.com> Backport of 40217d1a82b0c16cddba377325d12b2c253f402a from main | |||
| 2023-01-26 | [4.1.x] Fixed #34291 -- Fixed Meta.constraints validation crash on ↵ | Mariusz Felisiak | |
| UniqueConstraint with ordered expressions. Thanks Dan F for the report. Bug in 667105877e6723c6985399803a364848891513cc. Backport of 2b1242abb3989f5d74e787b09132d01bcbee5b55 from main. | |||
| 2023-01-25 | [4.1.x] Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. | Carlton Gibson | |
| Backport of d8e1442ce2c56282785dd806e5c1147975e8c857 from main | |||
| 2023-01-25 | [4.1.x] Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. | Carlton Gibson | |
| Backport of 1df963ad2476726d63be132c0cee47e07b8250d7 from main | |||
