1
0
mirror of https://github.com/django/django.git synced 2024-12-27 19:46:22 +00:00
Commit Graph

12 Commits

Author SHA1 Message Date
Tim Graham
97b7dd59bb Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
Thanks James Davis for suggesting the fix.
2018-03-06 08:30:40 -05:00
Tim Graham
8618271caa Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
Thanks Florian Apolloner for assisting with the patch.
2018-03-06 08:30:40 -05:00
Tim Graham
4d2a2c83c7 Added stub release notes for security releases. 2018-03-06 08:30:34 -05:00
Christophe Mehay
40bac28faa Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. 2018-03-02 11:32:53 -05:00
Tomáš Ehrlich
fa352626c2 Fixed #29172 -- Fixed crash with Window expression in a subquery. 2018-03-01 10:24:14 -05:00
Claude Paroz
75527c0f83 Updated translations from Transifex
Forward port of 2126e9317e from stable/2.0.x.
2018-02-28 20:06:52 +01:00
Mariusz Felisiak
54f80430be
Fixed #29166 -- Fixed crash in When() expression with a list argument.
Thanks Matthew Pava for the report and Tim Graham and Carlton Gibson for
reviews.
Regression in 19b2dfd1bf.
2018-02-28 18:05:23 +01:00
Tim Graham
b95c49c954 Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. 2018-02-12 14:52:32 -05:00
Raphael Gaschignard
bf26f66029 Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). 2018-02-10 18:35:57 -05:00
Manatsawin Hanmongkolchai
1a1264f149 Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. 2018-02-10 16:05:41 -05:00
Simon Charette
d61fe24601 Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets.
Regression in 4acae21846.
Thanks Stephen Brooks for the report.
2018-02-08 09:59:25 -05:00
Simon Charette
7515e1f3fc Added stub release notes for 2.0.3. 2018-02-05 10:12:47 -05:00