1
0
mirror of https://github.com/django/django.git synced 2025-03-16 20:30:45 +00:00

6 Commits

Author SHA1 Message Date
Tim Graham
f8aa2aa486 [1.7.x] Added dates to release notes.
Backport of b902be798e from master
2014-08-20 16:32:39 -04:00
Simon Charette
2b31342cdf [1.7.x] Prevented data leakage in contrib.admin via query string manipulation.
This is a security fix. Disclosure following shortly.
2014-08-20 14:42:48 -04:00
Preston Holmes
1a45d059c7 [1.7.x] Fixed -- Modified RemoteUserMiddleware to logout on REMOTE_USER change.
This is a security fix. Disclosure following shortly.
2014-08-20 14:42:48 -04:00
Tim Graham
3123f8452c [1.7.x] Fixed -- Removed O(n) algorithm when uploading duplicate file names.
This is a security fix. Disclosure following shortly.
2014-08-20 14:42:48 -04:00
Florian Apolloner
bf650a2ee7 [1.7.x] Prevented reverse() from generating URLs pointing to other hosts.
This is a security fix. Disclosure following shortly.
2014-08-20 14:42:48 -04:00
Tim Graham
1c00c38b4a [1.7.x] Added release note stubs for 1.5.9 and 1.4.14. 2014-08-20 14:42:48 -04:00