| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-09-02 | [1.4.x] Bump version numbers for bugfix release.1.4.15 | James Bennett | |
| 2014-08-27 | [1.4.x] Fixed #23329 -- Allowed inherited and m2m fields to be referenced in ↵ | Simon Charette | |
| the admin. Thanks to Trac alias Markush2010 and ross for the detailed reports. Backport of 3cbb759 from master | |||
| 2014-08-26 | [1.4.x] Fixed spelling mistake in file docs. | Tim Graham | |
| Backport of a3e88e64a4 from master | |||
| 2014-08-20 | [1.4.x] Added dates to release notes. | Tim Graham | |
| 2014-08-20 | [1.4.x] Bump version numbers for security release.1.4.14 | James Bennett | |
| 2014-08-11 | [1.4.x] Prevented data leakage in contrib.admin via query string manipulation. | Simon Charette | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on ↵ | Preston Holmes | |
| REMOTE_USE change. This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file ↵ | Tim Graham | |
| names. This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Prevented reverse() from generating URLs pointing to other hosts. | Florian Apolloner | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-08-11 | [1.4.x] Added release note stub for 1.4.14. | Tim Graham | |
| 2014-08-11 | [1.4.x] Added a warning that remove_tags() output shouldn't be considered safe. | Tim Graham | |
| Backport of 7efce77de2 from master | |||
| 2014-08-08 | [1.4.x] Noted that django-jython requires Django 1.7. | Tim Graham | |
| Backport of 72e98d5c16 from stable/1.6.x | |||
| 2014-08-06 | [1.4.x] Fixed #23239 -- Clarified a phrase in the contrib.markup docs. | Tim Graham | |
| Backport of e0fb48c254 from stable/1.5.x | |||
| 2014-08-02 | [1.4.x] Fixed #23149 -- Clarified note on HTTPOnly in cookie-based session docs | Erik Romijn | |
| Backport of e26366da44bb343e7a95d01ff0dd18b8026c2802 from master. | |||
| 2014-06-18 | [1.4.x] Fixed #22859 -- Improved crossDomain technique in CSRF example. | Tim Graham | |
| Thanks flisky for the report. Backport of 0be4d64487 from master | |||
| 2014-05-15 | [1.4.x] Minor edits to latest release notes. | Tim Graham | |
| Backport of 860d31ac7a3bdd4b27db8b34b110b3d801ddaf8a from master | |||
| 2014-05-14 | Bumped version numbers for release.1.4.13 | Jacob Kaplan-Moss | |
| 2014-05-14 | Added release notes for 1.4.13. | Jacob Kaplan-Moss | |
| 2014-04-28 | [1.4.x] Added dates to release notes of today's release. | Tim Graham | |
| Backport of 68d264059abb21b96c4fe68bf4d99520268a451c from master | |||
| 2014-04-28 | [1.4.x] Bump version numbers for 1.4.12 bugfix release.1.4.12 | James Bennett | |
| 2014-04-23 | [1.4.x] Fixed #22486 -- Restored the ability to reverse views created using ↵ | Tim Graham | |
| functools.partial. Regression in 8b93b31. Thanks rcoup for the report. Backport of 3c06b2f2a3 from master | |||
| 2014-04-21 | [1.4.x] Bump version numbers for 1.4.11 security release.1.4.11 | James Bennett | |
| 2014-04-21 | [1.4.x] Added information on resolved security issues to release notes. | Erik Romijn | |
| Backport of c07f3e60c2d455e36ba4ac339d4283d32bbc3814 from master | |||
| 2014-04-21 | [1.4.x] Fixed queries that may return unexpected results on MySQL due to ↵ | Erik Romijn | |
| typecasting. This is a security fix. Disclosure will follow shortly. Backport of 75c0d4ea3ae48970f788c482ee0bd6b29a7f1307 from master | |||
| 2014-04-21 | [1.4.x] Corrected the section identifier for MySQL unicode reference. | Matt Lauber | |
| Backport of b2514c02e1 from master | |||
| 2014-03-24 | [1.4.x] Updated six to 1.6.1. | Tim Graham | |
| Backport of 2ec82c7387db071278201796208808de84c90dbf from master | |||
| 2014-03-22 | [1.4.x] Clarified striptags documentation | Claude Paroz | |
| The fact that striptags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/ Partial backport (doc-only) of 6ca6c36f82 from master. | |||
| 2014-03-05 | [1.4.x] Fixed #21195 -- Clarifed usage of template_name in tutorial part 4. | Tim Graham | |
| Backport of b66a51ad545ac726ef98966cbc35ee7aefdff8cd from master. | |||
| 2014-01-26 | [1.4.x] Added release note stub for 1.4.11. | Tim Graham | |
| Backport of dfa28981ce from master. | |||
| 2014-01-24 | [1.4.x] Fixed #21869 -- Fixed docs building with Sphinx 1.2.1. | Tim Graham | |
| Thanks tragiclifestories for the report. Backport of e1d18b9d2e from master | |||
| 2014-01-19 | [1.4.x] Added a note about LTS releases. | Jacob Kaplan-Moss | |
| Backport of a44cbca2a5f1388c6511dad48443877fa660845a from master. | |||
| 2014-01-17 | [1.4.x] Fixed #20052 -- Discouraged use of Jython given the current state of ↵ | Tim Graham | |
| django-jython. Thanks Josh Juneau (maintainer of django-jython) for the review. Backport of a67e327db5 from master | |||
| 2013-12-11 | [1.4.x] Fixed #21594 -- Added note about model formsets deleting objects. | Ben Spaulding | |
| This behavior has been fixed in 65e03a424e. refs #10284. Backport of de1d5d5df5 from stable/1.6.x. | |||
| 2013-12-04 | [1.4.x] Fixed #21558 -- Support building CHM files. | Aymeric Augustin | |
| Thanks Michał Pasternak. Backport of cd9e85ec from master. | |||
| 2013-12-02 | [1.4.x] Fixed #21538 -- Added numpy to test/requirements/base.txt | Alasdair Nicol | |
| Thanks Tim Graham for the report Backport of c75dd664c from master | |||
| 2013-11-23 | [1.4.x] Removed obsolete deprecation notes. | Aymeric Augustin | |
| 2013-11-22 | [1.4.x] Fix #20054: Removed links to modwsgi.org. | Baptiste Mispelon | |
| Backport of 957fcd0c9fc605bbb69e03296aede3b0bac5a8d2 from master. | |||
| 2013-11-07 | [1.4.x] Added 1.4.10 release notes to index. | Tim Graham | |
| 2013-11-06 | [1.4.x] Bump version info and add release notes for 1.4.10.1.4.10 | James Bennett | |
| 2013-10-25 | [1.4.x] Fixed typo in docs/releases/1.4.9.txt. | Paolo Melchiorre | |
| Backport of 3b0293370a from master | |||
| 2013-10-24 | [1.4.x] Bump everything for 1.4.9 bugfix release.1.4.9 | James Bennett | |
| 2013-10-23 | [1.4.x] Bumped release date for 1.5.5 & 1.4.9. | Tim Graham | |
| Backport of 4ce5c119b5 from master | |||
| 2013-10-23 | Fixed #13245: Explained Oracle's behavior w.r.t db_table | Shai Berger | |
| and how to prevent table-name truncation Thanks russellm & timo for discussion, and timo for review. Backported from master 317040a73b77be8f8210801793b2ce6d1a69301e | |||
| 2013-10-22 | [1.4.x] Added 1.4.9 release notes | Tim Graham | |
| Backport of 2eb8f15516 from master | |||
| 2013-09-15 | [1.4.x] Cleaned up 1.4.8 release notes | Tim Graham | |
| Backport of 8d29005524 from master | |||
| 2013-09-14 | [1.4.x] Add release notes and bump version numbers for 1.4.8 security release. | James Bennett | |
| 2013-09-11 | [1.4.x] Fixed #20887 -- Added a warning to GzipMiddleware in light of BREACH. | Tim Graham | |
| Thanks EvilDMP for the report and Russell Keith-Magee for the draft text. Backport of da843e7dba from master | |||
| 2013-09-10 | [1.4.x] Bump version numbers for 1.4.7 security release.1.4.7 | James Bennett | |
| 2013-09-10 | Added 1.4.7 release notes | Tim Graham | |
| Backport of baec6a26dd from master | |||
| 2013-08-13 | [1.4.x] Removed 1.5.2 release notes | Tim Graham | |
