mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-20 22:30:45 +00:00
Code Issues 32 Releases Wiki Activity
18,588 Commits 29 Branches 438 Tags
Commit Graph

13 Commits

Author SHA1 Message Date
Tim Graham
c231ec1af0 [1.7.x] Fixed typo in path to is_safe_url() 
Backport of dd0b487872de4e3ff966da51e3610bac996e44f0 from master
 2015-02-20 09:22:24 -05:00
Tim Graham
9b403a108c [1.7.x] Added dates to release notes. 2015-01-13 13:09:34 -05:00
Tim Graham
bcfb47780c [1.7.x] Fixed DoS possibility in ModelMultipleChoiceField. 
This is a security fix. Disclosure following shortly.

Thanks Keryn Knight for the report and initial patch.
 2015-01-13 13:02:56 -05:00
Tim Graham
818e59a3f0 [1.7.x] Prevented views.static.serve() from using large memory on large files. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:02:56 -05:00
Tim Graham
de67dedc77 [1.7.x] Fixed is_safe_url() to handle leading whitespace. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:02:56 -05:00
Carl Meyer
41b4bc73ee [1.7.x] Stripped headers containing underscores to prevent spoofing in WSGI environ. 
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
 2015-01-13 13:02:56 -05:00
Tim Graham
33f1ccf5b1 [1.7.x] Added stub release notes for security releases. 2015-01-13 13:02:55 -05:00
Markus Holtermann
ef5889409b [1.7.x] Fixed #24110 -- Rewrote migration unapply to preserve intermediate states 
Backport of fdc2cc948725866212a9bcc97b9b7cf21bb49b90 and be158e36251df0b07556657da47cdaf10913c57a from master
 2015-01-11 00:35:49 +01:00
Serafeim Papastefanos
1a352fe175 [1.7.x] Fixed #23967 -- Added formats for Greek 
Backport of 74f02557e0183812d6d60e2548985c5c40b3d27b from master
 2015-01-10 11:11:57 -05:00
Claude Paroz
7e65876b7c [1.7.x] Fixed #24097 -- Prevented AttributeError in redirect_to_login 
Thanks Peter Schmidt for the report and the initial patch.
Thanks to Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
Backport of d7bc37d61 from master.
 2015-01-10 10:13:50 +01:00
Claude Paroz
d8fb557a51 [1.7.x] Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware 
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
Backport of 27dd7e7271 from master.
 2015-01-06 08:45:10 +01:00
Tim Graham
4aed731154 [1.7.x] Increased the default PBKDF2 iterations. 2015-01-03 13:36:13 -05:00
Tim Graham
0a06ae9ef3 [1.7.x] Added 1.7.3 release notes stub. 
Backport of 439f15beabe2e4d21232798f805ba69367611276 from master
 2015-01-03 13:27:46 -05:00