mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-14 19:30:46 +00:00
Code Issues 32 Releases Wiki Activity
14,076 Commits 29 Branches 437 Tags
Commit Graph

553 Commits

Author SHA1 Message Date
Simon Charette
3d35ea4300 [1.5.x] Fixed #23754 -- Always allowed reference to the primary key in the admin 
This change allows dynamically created inlines "Add related" button to work
correcly as long as their associated foreign key is pointing to the primary
key of the related model.

Thanks to amorce for the report, Julien Phalip for the initial patch,
and Collin Anderson for the review.

Backport of f9c4e14aeca7df79991bca8ac2d743953cbd095c from master
 2014-11-25 14:00:17 -05:00
Tim Graham
c41f613b75 [1.5.x] Added release dates to release notes. 
Backport of 9dc782b631 from master
 2014-10-22 12:32:18 -04:00
Emmanuelle Delescolle
314e9cd38f [1.5.x] Fixed #23604 -- Allowed related m2m fields to be references in the admin. 
Thanks Simon Charette for review.

Backport of a24cf21722 from master
 2014-10-06 08:54:26 -04:00
Simon Charette
d9d4d62d85 [1.5.x] Fixed #23431 -- Allowed inline and hidden references to admin fields. 
This fixes a regression introduced by the 53ff096982 security fix.

Thanks to @a1tus for the report and Tim for the review.

refs #23329.

Backport of 342ccbd from master
 2014-09-08 14:09:14 -04:00
Tim Graham
b8db1ded5e [1.5.x] Added dates to release notes. 
Backport of 0fd23545db from master
 2014-09-02 21:35:30 -04:00
Simon Charette
20474d5bc7 [1.5.x] Fixed #23375 -- Added missing security issues to the archive. 
Backport of c9c0be3 from master
 2014-08-28 11:10:11 -04:00
Simon Charette
4c96bd8fb3 Fixed #23329 -- Allowed inherited and m2m fields to be referenced in the admin. 
Thanks to Trac alias Markush2010 and ross for the detailed reports.

Backport of 3cbb759 from master
 2014-08-27 22:05:30 -04:00
Tim Graham
ed4cf3b450 [1.5.x] Added dates to release notes. 2014-08-20 16:33:23 -04:00
Simon Charette
2a446c896e [1.5.x] Prevented data leakage in contrib.admin via query string manipulation. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:44:02 -04:00
Preston Holmes
dd68f319b3 [1.5.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USE change. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:44:02 -04:00
Tim Graham
26cd48e166 [1.5.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file names. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:44:02 -04:00
Florian Apolloner
45ac9d4fb0 [1.5.x] Prevented reverse() from generating URLs pointing to other hosts. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:44:02 -04:00
Tim Graham
25d9ae5214 [1.5.x] Added release note stubs for 1.5.9 and 1.4.14. 2014-08-20 11:44:02 -04:00
Tim Graham
ddc715edd3 [1.5.x] Fixed #22966 -- Clarified which release notes appear for each doc version. 
Thanks haimunt at yahoo.com for the suggestion.

Backport of e6b3d6c22f from master
 2014-07-07 15:31:57 -04:00
Tim Graham
d57cf88c1e [1.5.x] Improved deprecation plan links in release notes. 
Backport of 7ff326928a08d4c51141768bd305a44ca5ecb2e7 from master
 2014-05-29 18:59:56 -04:00
Tim Graham
5c65aa9243 [1.5.x] Minor edits to latest release notes. 
Backport of 860d31ac7a3bdd4b27db8b34b110b3d801ddaf8a from master
 2014-05-15 07:17:17 -04:00
Jacob Kaplan-Moss
ffcb009178 Added release notes for 1.4.13, 1.5.8. 2014-05-14 18:26:26 +02:00
Tim Graham
73136a887d [1.5.x] Added dates to release notes of today's release. 
Backport of 68d264059abb21b96c4fe68bf4d99520268a451c from master
 2014-04-28 19:07:17 -04:00
Tim Graham
19bd6b9477 [1.5.x] Fixed #22486 -- Restored the ability to reverse views created using functools.partial. 
Regression in 8b93b31487d6d3b0fcbbd0498991ea0db9088054.

Thanks rcoup for the report.

Backport of 3c06b2f2a3 from master
 2014-04-23 09:01:38 -04:00
James Bennett
a0f60958cf [1.5.x] Add missing disclosure information to security archive. 2014-04-21 18:28:24 -05:00
James Bennett
486b6f398b [1.5.x] Update for 1.5.6 security release. 2014-04-21 17:51:51 -05:00
Erik Romijn
cebfbcdb86 [1.5.x] Added information on resolved security issues to release notes. 
Backport of c07f3e60c2d455e36ba4ac339d4283d32bbc3814 from master
 2014-04-21 18:31:08 -04:00
Tim Graham
efb0c848ac [1.5.x] Updated six to 1.6.1. 
Backport of 2ec82c7387db071278201796208808de84c90dbf from master
 2014-03-24 07:34:37 -04:00
Tim Graham
b55d0ebff2 [1.5.x] Added release note stubs for 1.5.6 and 1.4.11. 
Backport of dfa28981ce from master
 2014-01-26 17:49:04 -05:00
Tim Graham
402967f49c [1.5.x] Fixed #21240 -- Added 1.5 release note for OneToOneField/select_related change. 
Thanks marcin at sokrates.pl.

Backport of ba63b9895b from master
 2013-11-18 09:35:21 -05:00
Tim Graham
2d09f368f3 [1.5.x] Added 1.4.10 release notes. 
Backport of c29dd76f40 from master
 2013-11-07 09:42:52 -05:00
Tim Graham
9074d2f5f9 [1.5.x] Fixed #21337 -- Documented removal of django.core.servers.basehttp.WSGIServerException 
refs 2ca00faa913754cd5860f6e1f23c8da2529c691a

Backport of b47a052eb5 from master
 2013-10-30 07:48:16 -04:00
Paolo Melchiorre
cd59b6f2f3 [1.5.x] Fixed typo in docs/releases/1.4.9.txt. 
Backport of 3b0293370a from master
 2013-10-25 07:55:45 -04:00
James Bennett
c30516e9cc [1.5.x] Bump everything for 1.5.5 bugfix release. 2013-10-24 23:31:51 -05:00
Tim Graham
f571345ef7 [1.5.x] Bumped release date for 1.5.5 & 1.4.9. 
Backport of 4ce5c119b5 from master
 2013-10-23 18:29:16 -04:00
Tim Graham
6e41392838 [1.5.x] Added 1.5.5 and 1.4.9 release notes 
Backport of 2eb8f15516 from master
 2013-10-22 20:24:30 -04:00
Russell Keith-Magee
75c0aa43d3 [1.5.x] Fixed #21121: Added archive of security issues. 
Backport of 9d3e60a, 8e134c2, 8b3bae9, c65ae7c, bbabc53,
and a2e25e8 from master.
 2013-09-19 15:07:29 +08:00
Tim Graham
12a30e9221 [1.5.x] Cleaned up 1.5.4/1.4.8 release notes 
Backport of 8d29005524 from master
 2013-09-15 14:25:34 -04:00
James Bennett
4607c7325d [1.5.x] Add release notes and bump version numbers for 1.5.4 security release. 2013-09-15 00:29:31 -06:00
Tim Graham
42e8fabb59 [1.5.x] Added 1.4.7/1.5.3 release notes 
Backport of baec6a26dd from master
 2013-09-10 21:08:34 -04:00
Tim Graham
cb2fee567f [1.5.x] Fixed link in 1.5.2 release notes 2013-08-14 13:11:58 -04:00
Tim Graham
5fdd6af1eb Added 1.4.6/1.5.2 release notes. 2013-08-13 11:17:17 -05:00
Tim Graham
a2286ac964 [1.5.x] Added missing release notes for older versions of Django 
Backport of 3f6cc33cff from master
 2013-08-12 14:10:21 -04:00
Tim Graham
0a91a8dbe3 [1.5.x] Fixed #18944 -- Documented PasswordResetForm's from_email argument as a backwards incompatible change for 1.3 
Thanks DrMeers for the report.

Backport of dab921751d from master
 2013-07-08 15:06:37 -04:00
Jaap Roes
60353458ae [1.5.x] Warned that request_finished isn't sent by some buggy setups. 
Older versions of uWSGI and Sentry's middleware do not adhere to
the WSGI spec and cause the `request_finished` signal to never
fire. Added notes to the appropriate places in the docs.

Fixed #20537.

Backport of 3ce1d30.

Conflicts:
	docs/howto/deployment/wsgi/index.txt
 2013-06-12 20:57:21 +02:00
Tim Graham
1add64684c [1.5.x] Fixed #17048 - Added docs for upgrading Django. 
Thanks Donald Stufft for the suggestion and
Susan Tan and Brian Fabian Crain for the patch.

Backport of ef8a9bc7fa from master.
 2013-05-22 08:57:57 -04:00
Baptiste Mispelon
9c49e64b66 [1.5.x] Fixed #20211: Document backwards-incompatible change in BoundField.label_tag 
Also cleaned up label escaping and consolidated the test suite regarding
label_tag.
Backport of ab686022f from master.
 2013-04-12 10:25:44 +02:00
Tim Graham
c3779d4214 [1.5.x] Fixed #19897 - Updated static files howto. 
Thanks Jan Murre, Reinout van Rees and Wim Feijen,
plus Remco Wendt for reviewing.

Backport of i6c730da1f from master.
 2013-03-30 07:12:37 -04:00
Jacob Kaplan-Moss
d7eaadb4f8 [1.5.x] Added 1.5.1 release notes. 
Backport of ae5247cb from master.
 2013-03-28 15:07:43 -05:00
Tim Graham
f7ca464039 [1.5.x] Added missing markup to docs. 
Backport of 93cffc3b37 from master.
 2013-03-22 14:08:55 -04:00
James Bennett
61283a8208 [1.5.x] Add release date to 1.5 release notes. 2013-02-26 13:12:27 -06:00
James Bennett
e7f2c6f2d7 [1.5.x] Bump version numbers for Django 1.5 release. 2013-02-26 13:06:35 -06:00
Carl Meyer
c7f80b428b Don't characterize XML vulnerabilities as DoS-only. 2013-02-19 18:20:08 -07:00
Carl Meyer
84ce990c07 [1.5.x] Update 1.5 release notes for XML and formset fixes. 2013-02-19 10:39:04 -07:00
Carl Meyer
a7e33c5bf3 [1.5.x] Added a new required ALLOWED_HOSTS setting for HTTP host header validation. 
This is a security fix; disclosure and advisory coming shortly.
 2013-02-19 10:39:03 -07:00