summaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2022-07-04[3.2.x] Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) ↵Mariusz Felisiak
against SQL injection. Thanks Takuto Yoshikai (Aeye Security Lab) for the report.
2022-06-27[3.2.x] Bumped minimum Sphinx version to 4.5.0.Mariusz Felisiak
Related Sphinx changes: - https://github.com/sphinx-doc/sphinx/pull/8898 - https://github.com/sphinx-doc/sphinx/issues/8326 Backport of ebf25555bbed3e9112d4b726575d60b242daf48a from main.
2022-06-27[3.2.x] Fixed docs build with sphinxcontrib-spelling 7.5.0+.Mariusz Felisiak
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set of nodes for which the text is checked. Backport of ac90529cc58507d9a07610809a795ec5fc3cbf8c from main.
2022-06-27[3.2.x] Added stub release notes for 3.2.14.Mariusz Felisiak
Backport of b2eff16806057095c7dd3daa9402ad615e51627f from main
2022-06-01[3.2.x] Fixed #33753 -- Fixed docs build on Sphinx 5+.Mariusz Felisiak
Empty language is not supported anymore. Backport of 565ad5ace46aa1e2368450701cba45dd1a95a026 from main
2022-04-11[3.2.x] Added CVE-2022-28346 and CVE-2022-28347 to security archive.Mariusz Felisiak
Backport of 78eeff8d33ead67cfc8603477c95e70f8fbe096a from main
2022-04-11[3.2.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) ↵Mariusz Felisiak
against SQL injection on PostgreSQL. Backport of 6723a26e59b0b5429a0c5873941e01a2e1bdbb81 from main.
2022-04-11[3.2.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), ↵Mariusz Felisiak
and extra() against SQL injection in column aliases. Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main.
2022-04-11[3.2.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ↵Manel Clos
check for template changes. Regression in 68357b2ca9e88c40fc00d848799813241be39129. Backport of 62739b6e2630e37faa68a86a59fad135cc788cd7 from main.
2022-04-04[3.2.x] Added stub release notes for 3.2.13 and 2.2.28.Mariusz Felisiak
Backport of 78277faafd38d8360efc1fd0c9c52d7bb5eec002 from main
2022-02-02[3.2.x] Fixed typo in release notes.David Smith
Backport of 770d3e6a4ce8e0a91a9e27156036c1985e74d4a3 from main.
2022-02-01[3.2.x] Added CVE-2022-22818 and CVE-2022-23833 to security archive.Mariusz Felisiak
Backport of 9e0df0d6dde441dbbad2b548d777e0a01d633286 from main
2022-02-01[3.2.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.Mariusz Felisiak
Thanks Alan Ryan for the report and initial patch. Backport of fc18f36c4ab94399366ca2f2007b3692559a6f23 from main.
2022-02-01[3.2.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.Markus Holtermann
Thanks Keryn Knight for the report. Backport of 394517f07886495efcf79f95c7ee402a9437bd68 from main. Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-25[3.2.x] Added stub release notes for 3.2.12 and 2.2.27.Mariusz Felisiak
Backport of eeca9342381c8583be16f18942774e785ab7e527 from main.
2022-01-04[3.2.x] Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security ↵Carlton Gibson
archive. Backport of 63869ab1f191ab5781cde8b813b838300455f6d6 from main
2022-01-04[3.2.x] Fixed CVE-2021-45452 -- Fixed potential path traversal in storage ↵Florian Apolloner
subsystem. Thanks to Dennis Brinkrolf for the report.
2022-01-04[3.2.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in ↵Florian Apolloner
dictsort template filter. Thanks to Dennis Brinkrolf for the report. Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04[3.2.x] Fixed CVE-2021-45115 -- Prevented DoS vector in ↵Florian Apolloner
UserAttributeSimilarityValidator. Thanks Chris Bailey for the report. Co-authored-by: Adam Johnson <me@adamj.eu>
2021-12-28[3.2.x] Added stub release notes for 3.2.11, and 2.2.26 releases.Carlton Gibson
Backport of b13d920b7b56d3e088e35311f5ee54f25d2779af from main.
2021-12-15[3.2.x] Refs #33365, Refs #30530 -- Doc'd re_path() behavior change in ↵Mariusz Felisiak
Django 2.2.25, 3.1.14, and 3.2.10. Follow up to d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6. Backport of 5de12a369a7b2231e668e0460c551c504718dbf6 from main
2021-12-07[3.2.x] Added CVE-2021-44420 to security archive.Mariusz Felisiak
Backport of 8747052411275d290b2152ffcb8dee11afbb82cd from main
2021-12-07[3.2.x] Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an ↵Florian Apolloner
upstream access control based on URL paths. Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports. Backport of d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6 from main.
2021-12-03[3.2.x] Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField ↵Mariusz Felisiak
on PostgreSQL. This makes models.BinaryField pickleable on PostgreSQL. Regression in 3cf80d3fcf7446afdde16a2be515c423f720e54d. Thanks Adam Zimmerman for the report. Backport of 2c7846d992ca512d36a73f518205015c88ed088c from main.
2021-11-30[3.2.x] Added requirements.txt to files ignored by Sphinx builds.Mariusz Felisiak
2021-11-30[3.2.x] Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25.Mariusz Felisiak
Backport of ae4077e13ea2e4c460c3f21b9aab93a696590851 from main
2021-11-23[3.2.x] Corrected signatures of QuerySet's methods.Mariusz Felisiak
Backport of a17becf4c7f4e4057e8c94990e4b4999be0aea95 from main
2021-11-22[3.2.x] Corrected isort example in coding style docs.Mariusz Felisiak
Follow up to e74b3d724e5ddfef96d1d66bd1c58e7aae26fc85. Backport of 8b020f2e64f1cbf2b06205a389a13af6623f90ce from main
2021-11-22[3.2.x] Corrected "pip install" call in coding style docs.Paolo Melchiorre
Backport of dd528cb2cefc0db8b91a7ff0a2bc87305b976597 from main
2021-11-18[3.2.x] Fixed crash building HTML docs since Sphinx 4.3.Mariusz Felisiak
See https://github.com/sphinx-doc/sphinx/commit/dd2ff3e911c751c06c81f494128fba56d8ecbafd. Backport of f0480ddd2d3cb04b784cf7ea697f792b45c689cc from main
2021-11-04[3.2.x] Corrected multiply defined labels in docs.Mariusz Felisiak
Backport of 60503cc747eeda7c61bab02b71f8f55a733a6eea from main
2021-11-03[3.2.x] Refs #33247 -- Corrected configuration for Read The Docs.Carlton Gibson
This pins Sphinx version, because the default Sphinx version used by RTD is not compatible with Python 3.8+. This also, sets Python 3.8 for RTD builds which is compatible with all current versions of Django. Thanks to Mariusz Felisiak for the suggestion. Backport of 447b6c866f0741bb68c92dc925a65fb15bfe7995 from main.
2021-11-03[3.2.x] Corrected module reference in contributing tutorial.Adam Johnson
Backport of 9f3bd9dfc42b4e0ff89566763d211ab9e8f50d5e from main
2021-11-03[3.2.x] Fixed typo in docs/topics/logging.txt.Brad
Backport of c7152cb58ea84f51bc2096fb5d3cf03ab31ea985 from main
2021-11-01[3.2.x] Added stub release notes for Django 3.2.10.Mariusz Felisiak
Backport of d811fa1d1012e746719aa3af351f56ad21f92610 from main
2021-11-01[3.2.x] Added release date for 3.2.9.Mariusz Felisiak
Backport of 7ec603ba259083298c9598a41987b4c4f2a5d134 from main
2021-11-01[3.2.x] Added Google Cloud Spanner to list of third-party DB backends.Vikash Singh
Backport of 125f9afc2c42449ee79283fefa778651acfd4aed from main
2021-10-27[3.2.x] Refs #33182 -- Adjusted custom admin theming example to use correct ↵Carlton Gibson
template block. Backport of a754b82dac511475b6276039471ccd17cc64aeb8 from main
2021-10-18[3.2.x] Fixed #33194 -- Fixed migrations when altering a field with ↵Hannes Ljungberg
functional indexes on SQLite. This adjusts Expressions.rename_table_references() to only update alias when needed. Regression in 83fcfc9ec8610540948815e127101f1206562ead. Co-authored-by: Simon Charette <charettes@users.noreply.github.com> Backport of 86971c40909430a798e4e55b140004c4b1fb02ff from main.
2021-10-18[3.2.x] Fixed #33198 -- Corrected BinaryField.max_length docs.Nick Frazier
Backport of 0d4e575c96d408e0efb4dfd0cbfc864219776950 from main
2021-10-15[3.2.x] Refs #32074 -- Removed usage of deprecated asyncore and smtpd modules.Mariusz Felisiak
asyncore and smtpd modules were deprecated in Python 3.10. Backport of 569a33579c3cca5f801c544d9b52a34e3c779424 from main.
2021-10-12[3.2.x] Added 'formatter' to spelling wordlist.Mariusz Felisiak
Backport of e43a131887e2a316d4fb829c3a272ef0cbbeea80 from main
2021-10-05[3.2.x] Refs #32074 -- Doc'd Python 3.10 compatibility in Django 3.2.x.Mariusz Felisiak
Backport of 604df4e0adc71da264f61fe85020a170c98e6f09 from main.
2021-10-05[3.2.x] Added stub release notes for Django 3.2.9.Carlton Gibson
Backport of c113f7fb0dae0dfd066d05acd1032c9f57a5aaf9 from main
2021-10-05[3.2.x] Added release date for 3.2.7.Carlton Gibson
Backport of c5776bfca9e3f35e0ab5aacbdc1a4dbfe92fdfd1 from main
2021-10-04[3.2.x] Refs #27694 -- Doc'd lookups that can be chained with HStoreField ↵Sarah Abderemane
key transforms. Backport of 1953dd02b6719ee89fddbc3098d86968d79f3cd7 from main
2021-09-28[3.2.x] Corrected field and model check messages in docs.Mariusz Felisiak
Follow up to 72d04e03855536cf36090aedbb7aa8f1c4c8b443. Backport of 93f3b7a0ba2969109940775a18515728603afac6 from main
2021-09-24[3.2.x] Removed obsolete GEOS 3.5 requirement note.Claude Paroz
Follow up to ea87a85fad9994dbb0748df25bc9c2d99b24809b. Backport of 8036b53de61f16098a2f22c50621987182bdfaed from main
2021-09-21[3.2.x] Fixed #33083 -- Fixed selecting all items in the admin changelist ↵Carlton Gibson
when actions are both top and bottom. Thanks Benjamin Locher for the report. Regression in 30e59705fc3e3e9e8370b965af794ad6173bf92b. Backport of b0ed619303d2fb723330ca9efa3acf23d49f1d19 from main
2021-09-21[3.2.x] Fixed broken links and redirects in docs.Mariusz Felisiak
Backport of 1d16dbc74563ec9aeb4bdff870d0fe5064667b26 from main