mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-20 14:20:44 +00:00
Code Issues 32 Releases Wiki Activity
15,794 Commits 29 Branches 438 Tags
Commit Graph

16 Commits

Author SHA1 Message Date
Simon Charette
f7c494f250 [1.6.x] Prevented data leakage in contrib.admin via query string manipulation. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:43:43 -04:00
Preston Holmes
0268b855f9 [1.6.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USE change. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:43:43 -04:00
Tim Graham
dd0c3f4ee1 [1.6.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file names. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:43:43 -04:00
Florian Apolloner
da051da8df [1.6.x] Prevented reverse() from generating URLs pointing to other hosts. 
This is a security fix. Disclosure following shortly.
 2014-08-20 11:43:43 -04:00
Tim Graham
52b878d805 [1.6.x] Added release note stubs for 1.5.9 and 1.4.14. 2014-08-20 11:43:43 -04:00
Tim Graham
48368d421c [1.6.x] Added sphinx extension to ease generation of ticket links. 
Backport of fca677fa43 from master
 2014-08-19 17:47:21 -04:00
Claude Paroz
9f9fdc4b0a [1.6.x] Fixed #22996 -- Prevented crash with unencoded query string 
Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham
for the reviews.
Backport of fa02120d36 from master.
 2014-08-19 22:55:35 +02:00
Claude Paroz
f5e8376288 [1.6.x] Fixed multi geometries editing in OpenLayers widget 
Backport of 457c16d0d from master.
 2014-08-15 10:10:35 +02:00
Claude Paroz
99b5567796 [1.6.x] Fixed #23265 -- Used system-specific encoding in runserver 
Thanks SpaceFox for the report.
Backport of 055d95fce066 from master.
 2014-08-14 12:11:42 +02:00
Tim Graham
e4b2bea743 [1.6.x] Fixed #19107 -- Restored bug fix for sending unicode email with Python 2.6.5 and below. 2014-07-30 09:29:08 -04:00
Shai Berger
838b7f8220 [1.6.x] Fixed #20292: Pass datetime objects (not formatted dates) as params to Oracle 
This seems worthwhile in its own right, but also works around an Oracle
bug (in versions 10 -- 11.1) where the use of Unicode would reset the
date/time formats, causing ORA-01843 errors.

Thanks Trac users CarstenF for the report, jtiai for the initial patch,
and everyone who contributed to the discussion on the ticket.

Backport of 6983201 from master.
 2014-07-29 07:00:26 -04:00
Aymeric Augustin
83098dccdf [1.6.x] Fixed #23089 -- Fixed transaction handling in two management commands. 
Previously, when createcachetable and flush operated on non-default
databases, they weren't atomic.

Also avoided transactional DDL and transactional truncates on databases
that don't support them (refs #22308).

Backport of 753a22a635, 0757e0f30d, and 6877a9d415 from master
 2014-07-24 19:27:15 -04:00
Tim Graham
ca44366b15 [1.6.x] Added 1.6.6 release notes for #22998. 2014-07-16 13:36:19 -04:00
Ramiro Morales
609153d2bf [1.6.x] Added release note for issue 13794 fix. 2014-07-14 22:45:41 -03:00
Vlastimil Zíma
ef3ae3d1c9 [1.6.x] Fixed #22514 -- Prevented indexes on virtual fields [postgres]. 
Backport of 78c32f1caa from master
 2014-06-20 19:01:49 -04:00
Tim Graham
ee075c4484 [1.6.x] Added stub release notes for 1.6.6. 
Backport of 79e9da3d1e from master
 2014-05-16 18:19:49 -04:00