summaryrefslogtreecommitdiff
path: root/django
AgeCommit message (Expand)Author
2014-08-20[1.4.x] Bump version numbers for security release.1.4.14James Bennett
2014-08-11[1.4.x] Prevented data leakage in contrib.admin via query string manipulation.Simon Charette
2014-08-11[1.4.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USE...Preston Holmes
2014-08-11[1.4.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file ...Tim Graham
2014-08-11[1.4.x] Prevented reverse() from generating URLs pointing to other hosts.Florian Apolloner
2014-07-14[1.4.x] Revert "Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet."Ramiro Morales
2014-07-14[1.4.x] Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet.Tim Graham
2014-05-14Bumped version numbers post-release.Jacob Kaplan-Moss
2014-05-14Bumped version numbers for release.1.4.13Jacob Kaplan-Moss
2014-05-12[1.4.x] Added additional checks in is_safe_url to account for flexible parsing.Tim Graham
2014-05-12[1.4.x] Dropped fix_IE_for_vary/attach.Aymeric Augustin
2014-04-28[1.4.x] Post release version bump.Tim Graham
2014-04-28[1.4.x] Bump version numbers for 1.4.12 bugfix release.1.4.12James Bennett
2014-04-23[1.4.x] Fixed #22486 -- Restored the ability to reverse views created using f...Tim Graham
2014-04-22[1.4.x] Post release version bump.Tim Graham
2014-04-21[1.4.x] Bump version numbers for 1.4.11 security release.1.4.11James Bennett
2014-04-21[1.4.x] Fixed queries that may return unexpected results on MySQL due to type...Erik Romijn
2014-04-21[1.4.x] Prevented leaking the CSRF token through caching.Aymeric Augustin
2014-04-21[1.4.x] Fixed a remote code execution vulnerabilty in URL reversing.Tim Graham
2014-03-24[1.4.x] Updated six to 1.6.1.Tim Graham
2014-01-26[1.4.x] Fixed #21823 -- Upgraded six to 1.5.2Tim Graham
2014-01-02Updated six to version 1.4.1Luke Plant
2013-11-06[1.4.x] Bump version info and add release notes for 1.4.10.1.4.10James Bennett
2013-11-02Fixed #21362 -- Restored Python 2.5 compatibility.Florian Apolloner
2013-10-25[1.4.x] Bump version post-release.Tim Graham
2013-10-24[1.4.x] Bump everything for 1.4.9 bugfix release.1.4.9James Bennett
2013-10-21[1.4.x] Fixed #21253 -- PBKDF2 with cached HMAC keyFlorian Apolloner
2013-10-13[1.4.x] Fixed #21256 -- Error in datetime_safe.datetime.combine.Aymeric Augustin
2013-10-09[1.4.x] Fixed #21248 -- Skipped test_bcrypt if no py-bcrypt foundAnssi Kääriäinen
2013-09-24[1.4.x] Fixed #21138 -- Increased the performance of our PBKDF2 implementation.Florian Apolloner
2013-09-24Revert "[1.4.x] Ensure that passwords are never long enough for a DoS."Florian Apolloner
2013-09-15[1.4.x] Bump version post-release.Tim Graham
2013-09-15[1.4.x] Fixed geos test to prevent random failureClaude Paroz
2013-09-15[1.4.x] Removed usage of b"" string syntax for Python 2.5 compatibility.1.4.8Russell Keith-Magee
2013-09-14[1.4.x] Add release notes and bump version numbers for 1.4.8 security release.James Bennett
2013-09-15[1.4.x] Ensure that passwords are never long enough for a DoS.Russell Keith-Magee
2013-09-13Fixed #18923 -- Corrected usage of sensitive_post_parameters in contrib.authTim Graham
2013-09-11[1.4.x] Bump version post-release.Tim Graham
2013-09-10[1.4.x] Bump version numbers for 1.4.7 security release.1.4.7James Bennett
2013-09-10[1.4.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative pa...Tim Graham
2013-09-09[1.4.x] Fixed #20707 -- Added explicit quota assignment to Oracle test userСадовский Николай
2013-08-18[1.4.x] Fixed #20907 - Test failure on OracleShai Berger
2013-08-13Bump version post-release.Jacob Kaplan-Moss
2013-08-13Bumped version numbers for 1.4.6.Jacob Kaplan-Moss
2013-08-13Fixed is_safe_url() to reject URLs that use a scheme other than HTTP/S.Jacob Kaplan-Moss
2013-06-24[1.4.x] Fixed oversight in e3b6fed3. Refs #20636.Aymeric Augustin
2013-06-24[1.4.x] Fixed #20636 -- Stopped stuffing values in the settings.Aymeric Augustin
2013-03-28[1.4.x] Bump version to no longer claim to be 1.4.5 final.Carl Meyer
2013-02-25[1.4.x] Fixed #18144 -- Restored compatibility with SHA1 hashes with empty salt.Aymeric Augustin
2013-02-21[1.4.x] Made a couple of selenium tests wait for page loadedAnssi Kääriäinen