django.git - django

Age	Commit message (Collapse)	Author
2023-10-04	[3.2.x] Bumped version for 3.2.22 release.3.2.22	Natalia

2023-10-04	[3.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in ↵	Natalia
	django.utils.text.Truncator when truncating HTML text. Thanks Wenchao Li of Alibaba Group for the report.
2023-09-27	[3.2.x] Added stub release notes for 3.2.22.	Natalia
	Backport of 24f1a38b37c0af3a5ce0dd7b5392fe4e75d7e1dc from main.
2023-09-04	[3.2.x] Added CVE-2023-41164 to security archive.	Mariusz Felisiak
	Backport of 8a98768868a104ea3ce10d8182590bdd095d9ccb from main
2023-09-04	[3.2.x] Post-release version bump.	Mariusz Felisiak

2023-09-04	[3.2.x] Bumped version for 3.2.21 release.3.2.21	Mariusz Felisiak

2023-09-04	[3.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in ↵	Mariusz Felisiak
	django.utils.encoding.uri_to_iri(). Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-08-28	[3.2.x] Added stub release notes for 3.2.21.	Mariusz Felisiak
	Backport of 24f1a38b37c0af3a5ce0dd7b5392fe4e75d7e1dc from main.
2023-08-03	[3.2.x] Fixed #34756 -- Fixed docs HTML build on Sphinx 7.1+.	David Smith
	Backport of b3e0170ab546a96930ce3114b0a1a560953c0ff4 from main
2023-07-03	[3.2.x] Added CVE-2023-36053 to security archive.	Mariusz Felisiak
	Backport of 1d6fbf16f24200a556beb6dd197439944deb6837 from main
2023-07-03	[3.2.x] Post-release version bump.	Mariusz Felisiak

2023-07-03	[3.2.x] Bumped version for 3.2.20 release.3.2.20	Mariusz Felisiak

2023-07-03	[3.2.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator ↵	Mariusz Felisiak
	and URLValidator. Thanks Seokchan Yoon for reports.
2023-06-26	[3.2.x] Added stub release notes for 3.2.20.	Mariusz Felisiak
	Backport of 2360ba22742c3ee8729697bfe2d508110465af56 from main
2023-05-04	[3.2.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if ↵	Mariusz Felisiak
	Pillow isn't installed. Follow up to fb4c55d9ec4bb812a7fb91fa20510d91645e411b. Backport of fcfbf08abe3e6dc54894df6988024f055abc6c40 from main
2023-05-03	[3.2.x] Added CVE-2023-31047 to security archive.	Mariusz Felisiak
	Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main
2023-05-03	[3.2.x] Post-release version bump.	Mariusz Felisiak

2023-05-03	[3.2.x] Bumped version for 3.2.19 release.3.2.19	Mariusz Felisiak

2023-05-03	[3.2.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of ↵	Mariusz Felisiak
	validation when uploading multiple files using one form field. Thanks Moataz Al-Sharida and nawaik for reports. Co-authored-by: Shai Berger <shai@platonix.com> Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-04-26	[3.2.x] Added missing backticks in docs/releases/1.7.txt.	Mariusz Felisiak

2023-04-26	[3.2.x] Added stub release notes for 3.2.19.	Mariusz Felisiak
	Backport of 18a7f2c711529f8e43c36190a5e2479f13899749 from main
2023-02-14	[3.2.x] Added CVE-2023-24580 to security archive.	Carlton Gibson
	Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
2023-02-14	[3.2.x] Post-release version bump.	Carlton Gibson

2023-02-14	[3.2.x] Bumped version for 3.2.18 release.3.2.18	Carlton Gibson

2023-02-07	[3.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.	Markus Holtermann
	Thanks to Jakob Ackermann for the report.
2023-02-07	[3.2.x] Added stub release notes for 3.2.18.	Carlton Gibson
	Backport of 7e003428f96d616c1f77fed84882a95e63bc3644 from main
2023-02-01	[3.2.x] Added CVE-2023-23969 to security archive.	Mariusz Felisiak
	Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main
2023-02-01	[3.2.x] Post-release version bump.	Mariusz Felisiak

2023-02-01	[3.2.x] Bumped version for 3.2.17 release.3.2.17	Mariusz Felisiak

2023-02-01	[3.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for ↵	Nick Pope
	Accept-Language. The parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Accept-Language headers are now limited to a maximum length in order to avoid this issue.
2023-01-31	[3.2.x] Fixed inspectdb.tests.InspectDBTestCase.test_custom_fields() on ↵	Mariusz Felisiak
	SQLite 3.37+. Use FlexibleFieldLookupDict which is case-insensitive mapping because SQLite 3.37+ returns some data type names upper-cased e.g. TEXT. Backport of 974e3b8750fe96c16c9c0b115a72ee4a2171df34 from main
2023-01-31	[3.2.x] Removed 'tests' path prefix in a couple tests.	Tim Graham
	Backport of 694cf458f16b8d340a3195244196980b2dec34fd from main.
2023-01-25	[3.2.x] Adjusted release notes for 3.2.17.	Carlton Gibson
	Backport of d8e1442ce2c56282785dd806e5c1147975e8c857 from main
2023-01-25	[3.2.x] Added stub release notes for 3.2.17.	Carlton Gibson
	Backport of 1df963ad2476726d63be132c0cee47e07b8250d7 from main
2023-01-25	[3.2.x] Corrected passenv value for tox 4.0.6+.	Stephen
	Backport of 34b328814976a2e2f7907361a494202763649f3f from main
2022-12-29	[3.2.x] Disabled auto-created table of contents entries on Sphinx 5.2+.	Mariusz Felisiak
	Auto-created table of contents entries for all domain objects (e.g. functions, classes, attributes, etc.) were added in Sphinx 5.2, see https://github.com/sphinx-doc/sphinx/issues/6316. An option to control new table of contents entries was added in Sphinx 5.2.3, see https://github.com/sphinx-doc/sphinx/pull/10886. Backport of 279967ec859a9a5240318cf29a077539b0e3139f from main
2022-10-29	[3.2.x] Removed obsolete doc reference to asyncio.iscoroutinefunction.	Nick Pope
	Backport of 970f61fefb148284fb2af63b5cc844279254111a from main
2022-10-04	[3.2.x] Added CVE-2022-36359 to security archive.	Carlton Gibson
	Backport of 93d4c9ea1de24eb391cb2b3561b6703fd46374df from main
2022-10-04	[3.2.x] Post-release version bump.	Carlton Gibson

2022-10-04	[3.2.x] Bumped version for 3.2.16 release.3.2.16	Carlton Gibson

2022-09-27	[3.2.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as ↵	Adam Johnson
	regular expressions. Thanks to Benjamin Balder Bach for the report.
2022-09-27	[3.2.x] Added stub notes 3.2.16 release.	Carlton Gibson
	Backport of 57c7220280db19dc9dda0910b90cf1ceac50c66f from main
2022-08-03	[3.2.x] Added CVE-2022-36359 to security archive.	Carlton Gibson
	Backport of 57c7220280db19dc9dda0910b90cf1ceac50c66f from main
2022-08-03	[3.2.x] Post-release version bump.	Carlton Gibson

2022-08-03	[3.2.x] Bumped version for 3.2.15 release.3.2.15	Carlton Gibson

2022-08-03	[3.2.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.	Carlton Gibson
	Thanks to Motoyasu Saburi for the report.
2022-08-01	[3.2.x] Fixed collation tests on MySQL 8.0.30+.	Mariusz Felisiak
	The utf8_ collations are renamed to utf8mb3_* on MySQL 8.0.30+. Backport of 88dba2e3fd64b64bcf4fae83b256b4f6f492558f from main.
2022-08-01	[3.2.x] Fixed inspectdb and schema tests on MariaDB 10.6+.	Mariusz Felisiak
	The utf8 character set (and related collations) is by default an alias for utf8mb3 on MariaDB 10.6+. Backport of 355ecd141671e34853d1ff99ffdb1a7fb95b4276 from main
2022-07-27	Adjusted release notes for 3.2.15.	Carlton Gibson
	Backport of cadd864f6878c1c02a014589876ece166befdeb3 from main
2022-07-27	[3.2.x] Added stub release notes for 3.2.15 release.	Carlton Gibson
	Backport of 0c1675781ec5944132fe5a475ca6064edc71bd81 from main