mirror of
				https://github.com/django/django.git
				synced 2025-10-25 22:56:12 +00:00 
			
		
		
		
	Added 1.5.5 and 1.4.9 release notes
This commit is contained in:
		
							
								
								
									
										21
									
								
								docs/releases/1.4.9.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								docs/releases/1.4.9.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | |||||||
|  | ========================== | ||||||
|  | Django 1.4.9 release notes | ||||||
|  | ========================== | ||||||
|  |  | ||||||
|  | *October 22, 2013* | ||||||
|  |  | ||||||
|  | Django 1.4.9 fixes a security-related bug in the 1.4 series and one other | ||||||
|  | data corruption bug. | ||||||
|  |  | ||||||
|  | Readdressed denial-of-service via password hashers | ||||||
|  | -------------------------------------------------- | ||||||
|  |  | ||||||
|  | Django 1.4.8 imposes a 4096-byte limit on passwords in order to mitigate a | ||||||
|  | denial-of-service attack through submission of bogus but extremely large | ||||||
|  | passwords. In Django 1.5.5, we've reverted this change and instead improved | ||||||
|  | the speed of our PBKDF2 algorithm by not rehashing the key on every iteration. | ||||||
|  |  | ||||||
|  | Bugfixes | ||||||
|  | ======== | ||||||
|  |  | ||||||
|  | * Fixed a data corruption bug with ``datetime_safe.datetime.combine`` (#21256). | ||||||
							
								
								
									
										33
									
								
								docs/releases/1.5.5.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								docs/releases/1.5.5.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | |||||||
|  | ========================== | ||||||
|  | Django 1.5.5 release notes | ||||||
|  | ========================== | ||||||
|  |  | ||||||
|  | *October 22, 2013* | ||||||
|  |  | ||||||
|  | Django 1.5.5 fixes a couple security-related bugs and several other bugs in the | ||||||
|  | 1.5 series. | ||||||
|  |  | ||||||
|  | Readdressed denial-of-service via password hashers | ||||||
|  | -------------------------------------------------- | ||||||
|  |  | ||||||
|  | Django 1.5.4 imposes a 4096-byte limit on passwords in order to mitigate a | ||||||
|  | denial-of-service attack through submission of bogus but extremely large | ||||||
|  | passwords. In Django 1.5.5, we've reverted this change and instead improved | ||||||
|  | the speed of our PBKDF2 algorithm by not rehashing the key on every iteration. | ||||||
|  |  | ||||||
|  | Properly rotate CSRF token on login | ||||||
|  | ----------------------------------- | ||||||
|  |  | ||||||
|  | This behavior introduced as a security hardening measure in Django 1.5.2 did | ||||||
|  | not work properly and is now fixed. | ||||||
|  |  | ||||||
|  | Bugfixes | ||||||
|  | ======== | ||||||
|  |  | ||||||
|  | * Fixed a data corruption bug with ``datetime_safe.datetime.combine`` (#21256). | ||||||
|  | * Fixed a Python 3 incompatability in ``django.utils.text.unescape_entities()`` | ||||||
|  |   (#21185). | ||||||
|  | * Fixed a couple data corruption issues with ``QuerySet`` edge cases under | ||||||
|  |   Oracle and MySQL (#21203, #21126). | ||||||
|  | * Fixed crashes when using combinations of ``annotate()``, | ||||||
|  |   ``select_related()``, and ``only()`` (#16436). | ||||||
| @@ -36,6 +36,7 @@ Final releases | |||||||
| .. toctree:: | .. toctree:: | ||||||
|    :maxdepth: 1 |    :maxdepth: 1 | ||||||
|  |  | ||||||
|  |    1.5.5 | ||||||
|    1.5.4 |    1.5.4 | ||||||
|    1.5.3 |    1.5.3 | ||||||
|    1.5.2 |    1.5.2 | ||||||
| @@ -47,6 +48,7 @@ Final releases | |||||||
| .. toctree:: | .. toctree:: | ||||||
|    :maxdepth: 1 |    :maxdepth: 1 | ||||||
|  |  | ||||||
|  |    1.4.9 | ||||||
|    1.4.8 |    1.4.8 | ||||||
|    1.4.7 |    1.4.7 | ||||||
|    1.4.6 |    1.4.6 | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user