summaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2019-07-29[2.2.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in ↵Florian Apolloner
django.utils.encoding.uri_to_iri(). Thanks to Guido Vranken for initial report.
2019-07-29[2.2.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and ↵Mariusz Felisiak
index lookups against SQL injection. Thanks to Sage M. Abdullah for the report and initial patch. Thanks Florian Apolloner for reviews.
2019-07-29[2.2.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in ↵Florian Apolloner
strip_tags() when handling incomplete HTML entities. Thanks to Guido Vranken for initial report.
2019-07-29[2.2.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues ↵Florian Apolloner
when truncating HTML. Thanks to Guido Vranken for initial report.
2019-07-29[2.2.x] Fixed #30656 -- Added QuerySet.bulk_update() to the database ↵daniel a rios
optimization docs. Backport of 68aeb9016084290aac4f82860e17a9f4e941676e from master
2019-07-29[2.2.x] Refs #30656 -- Reorganized bulk methods in the database optimization ↵daniel a rios
docs. Backport of fe33fdc049df75f9dd8e2eecc8c94aefc0132cb8 from master
2019-07-25[2.2.x] Added stub release notes for security releases.Carlton Gibson
Backport of f13147c8de725eed7038941758469aeb9bd66503 from master
2019-07-24[2.2.x] Fixed #30647 -- Fixed crash of autoreloader when extra directory ↵Tom Forbes
cannot be resolved. Backport of fc75694257b5bceab82713f84fe5a1b23d641c3f from master.
2019-07-23[2.2.x] Fixed typo in docs/topics/http/sessions.txt.terminator14
Backport of 8323691de0ba120dbdc8055063574df2b0c0afa4 from master
2019-07-23[2.2.x] Fixed #30506 -- Fixed crash of autoreloader when path contains null ↵Tom Forbes
characters. Backport of 2ff517ccb6116c1be6338e6bdcf08a313defc5c7 from master.
2019-07-19[2.2.x] Refs #30083 -- Added a warning about performing queries in ↵Mariusz Felisiak
pre/post_init receivers. Thanks Carlton Gibson the review. Backport of fc1182af01c391ce33d7fcf51c756829c6a11d5b from master
2019-07-19[2.2.x] Refs #30083 -- Clarified database state of instances in ↵Mariusz Felisiak
signals.pre_init docs. Backport of a2e1c17f193f5017e1f6fac7d860f1f9e34d7892 from master
2019-07-18[2.2.x] Fixed #30648 -- Removed unnecessary overriding get_context_data() ↵Davit Gachechiladze
from mixins with CBVs docs. Backport of 7f612eda80db1c1c8e502aced54c2062080eae46 from master
2019-07-18[2.2.x] Refs #30547 -- Clarified that partial UniqueConstraints don't affect ↵Mariusz Felisiak
model validation. Backport of 230d75f59c43b9731465c4ec92ad714e301637b8 from master
2019-07-16[2.2.x] Fixed heading level typo in docs/ref/contrib/postgres/fields.txt.Mariusz Felisiak
Backport of ad4e83a6d1c0a212fae751a3125dff6e28b2390a from master
2019-07-16[2.2.x] Updated WSGI servers ordering according to the more commonly used.Frank Wiles
Backport of fa65b90a96f27dced8cfa89126d28186b4c80fbf from master
2019-07-15[2.2.x] Fixed explanation of how to automatically create tables in database.Frank Wiles
Backport of c1b94e32fb3df25d72b5e9973da7928dddbc3a2e from master
2019-07-11[2.2.x] Doc'd --no-input option for createsuperuser.Hasan Ramezani
Backport of 8dd5877f58f84f2b11126afbd0813e24545919ed from master
2019-07-10[2.2.x] Fixed #30621 -- Fixed crash of __contains lookup for ↵Mariusz Felisiak
Date/DateTimeRangeField when the right hand side is the same type. Thanks Tilman Koschnick for the report and initial patch. Thanks Carlton Gibson for the review. Regression in 6b048b364ca1e0e56a0d3815bf2be33ac9998355. Backport of 7991111af12056ec9a856f35935d273526338c1f from master
2019-07-10[2.2.x] Fixed #30628 -- Adjusted expression identity to differentiate bound ↵Simon Charette
fields. Expressions referring to different bound fields should not be considered equal. Thanks Julien Enselme for the detailed report. Regression in bc7e288ca9554ac1a0a19941302dea19df1acd21. Backport of ee6e93ec8727d0f5ed33190a3c354867669ed72f from master
2019-07-09[2.2.x] Fixed typos in docs/ref/django-admin.txt.Mariusz Felisiak
Backport of 24e8f7f7d3063a3bbfe14774080bc89035b4a3e2 from master
2019-07-09[2.2.x] Added stub release notes for 2.2.4.Mariusz Felisiak
Backport of 08e69cad9ccb18738b66388b0d0ee4660470710e from master
2019-07-04[2.2.x] Fixed #30600 -- Clarified that ValueError raised by ↵sp1rs
converter.to_python() means no match. Backport of f197c3dd9130b18397022605c27ffe5755f329d7 from master
2019-07-04[2.2.x] Fixed #28667 -- Clarified how to override list of forms fields for ↵swatantra
custom UserAdmin with a custom user model. Backport of c13e3715f5f46f2ee4ddba357e2589a45e831813 from master
2019-07-02[2.2.x] Fixed #28588 -- Doc'd User.has_perm() & co. behavior for active ↵Carlton Gibson
superusers. Equivalent note for PermissionsMixin was added in d33864ed138f65070049a3ac20ee98e03a1442b9. Backport of 4b32d039dbb59b3c3e76587df5c58150e752d9ac from master
2019-07-01[2.2.x] Fixed #30589 -- Clarified that urlize should be applied only to ↵aitoehigie
email addresses without single quotes. Backport of c2f381ef17058e5cfea58ae507983d2e459a2888 from master
2019-07-01[2.2.x] Added CVE-2019-12781 to the security release archive.Mariusz Felisiak
Backport of 868cd56f058ca203419ad0886353173b74c3bcf1 from master
2019-07-01[2.2.x] Updated man page for Django 2.2.Mariusz Felisiak
2019-07-01[2.2.x] Added release date for 2.2.3.Mariusz Felisiak
Backport of fc41401f33045d2015dd92e735a13e5ee4af3afd from master
2019-07-01[2.2.x] Fixed CVE-2019-12781 -- Made HttpRequest always trust ↵Carlton Gibson
SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review. Backport of 54d0f5e62f54c29a12dd96f44bacd810cbe03ac8 from master
2019-07-01[2.2.x] Added stub release notes for security releases.Mariusz Felisiak
Backport of 30b3ee9d0b33bb440f9c73d1ce9e0e7303887a9f from master
2019-06-29[2.2.x] Updated translations from TransifexClaude Paroz
2019-06-26[2.2.x] Fixed #30588 -- Fixed crash of autoreloader when __main__ module ↵Tom Forbes
doesn't have __file__ attribute. Backport of 8454f6dea49dddb821bfcb7569ea222bb487dfd1 from master
2019-06-24[2.2.x] Fixed typo in docs/topics/db/models.txt.Meysam
Backport of 833878411c35e1d47abfb77c23863a9dc9bb6d27 from master
2019-06-24[2.2.x] Fixed typo in docs/ref/models/indexes.txt.Alexey Opalev
Backport of 2f91e7832fd2e51dfb75f6027b673a943e736ef0 from master
2019-06-22[2.2.x] Removed unneeded non-breaking spaces added in 00169bc36Claude Paroz
Backport of 8590726a5dd3087d40b549580703cd8c74f3d7b1 from master.
2019-06-21[2.2.x] Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes.Jon Dufresne
Backport of 2ef6f209f79b0bd27d53405f0d46bb9ab82b2a52 from master
2019-06-20[2.2.x] Refs #30565 -- Doc'd HttpResponse.close() method.Chris Jerdonek
Backport of 533311782fd0c974208490ec9d11da3bbe179dea from master
2019-06-20[2.2.x] Fixed #30547 -- Doc'd how Meta.constraints affect model validation.Swat009
Backport of 00169bc36156d4a32546229bf39de91213709eaf from master
2019-06-19[2.2.x] Fixed typos in signals and custom management commands docs.Hasan Ramezani
Backport of a7038adbd02c916315b16939b835f021c2ee8880 from master
2019-06-18[2.2.x] Fixed typos and example in signals.pre_init docs.Hasan Ramezani
Backport of 036362e0cfe74e4ab8a65b99eb2aa9c35371fc04 from master
2019-06-13[2.2.x] Fixed an example of email with display name in EmailMessage.from_email.Joachim Jablon
Backport of 0c2ffdd526ff0f0015628821c77fbee15960eaef from master
2019-06-11[2.2.x] Fixed intword example in docs/ref/contrib/humanize.txt.Jon Dufresne
Backport of 175656e166712db019a4704c4031510b9fd6b00a from master
2019-06-11[2.2.x] Fixed #30486 -- Fixed the default value of Aggregate.distinct and ↵Vyacheslav Ver
updated example of custom aggregate functions. Backport of 76b3fc5c8d8dffb441aaa08f75833888be2107af from master
2019-06-11[2.2.x] Changed charset and collation link to MySQL docs.Mykola Nicholas
Backport of f3a03d5b61bbf6a47c9aaf8113cff5b1befbcbc5 from master
2019-06-10[2.2.x] Removed redundant object descriptions to prevent warnings with ↵Mariusz Felisiak
Sphinx 2.1.0. Backport of 5ab75adb900ca3fce50e65e60b11f2eb3ce9fd25 from master
2019-06-10[2.2.x] Fixed #30553 -- Clarified the default value of disable_existing_loggers.swatantra
Backport of 03cd3d137e2c29484b020b9768a4741f1096be97 from master
2019-06-05[2.2.x] Fixed #30542 -- Fixed crash of numerical aggregations with filter.Étienne Beaulé
Filters in annotations crashed when used with numerical-type aggregations (i.e. Avg, StdDev, and Variance). This was caused as the source expressions no not necessarily have an output_field (such as the filter field), which lead to an AttributeError: 'WhereNode' object has no attribute output_field. Thanks to Chuan-Zheng Lee for the report. Regression in c690afb873cac8035a3cb3be7c597a5ff0e4b261 and two following commits. Backport of 4b6dfe16226a81fea464ac5f77942f4d6ba266e8 from master.
2019-06-05[2.2.x] Added stub release notes for 2.2.3.Mariusz Felisiak
Backport of 1f81e2df69c0f62f9bd85bca5b3876a2d8229fde from master
2019-06-04[2.2.x] Fixed #30505 -- Doc'd how changes in the order of Field.choices ↵Caio Ariede
affect migrations. Backport of 5248abe9b0425c1fc989c60a55860cdb4d135bcf from master