1
0
mirror of https://github.com/django/django.git synced 2024-12-26 19:16:11 +00:00
Commit Graph

14 Commits

Author SHA1 Message Date
Tim Graham
dd0b487872 Fixed typo in path to is_safe_url() 2015-02-20 09:21:39 -05:00
Tim Graham
cbbe6a6abb Added dates to release notes. 2015-01-13 13:08:57 -05:00
Tim Graham
baf2542c4f Fixed DoS possibility in ModelMultipleChoiceField.
This is a security fix. Disclosure following shortly.

Thanks Keryn Knight for the report and initial patch.
2015-01-13 13:03:06 -05:00
Tim Graham
a3bebfdc34 Ensured views.static.serve() doesn't use large memory on large files.
This issue was fixed in master by refs #24072.
2015-01-13 13:03:06 -05:00
Tim Graham
69b5e66738 Fixed is_safe_url() to handle leading whitespace.
This is a security fix. Disclosure following shortly.
2015-01-13 13:03:06 -05:00
Carl Meyer
316b8d4974 Stripped headers containing underscores to prevent spoofing in WSGI environ.
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
2015-01-13 13:03:05 -05:00
Tim Graham
958aeda4b5 Added stub release notes for security releases. 2015-01-13 13:03:05 -05:00
Markus Holtermann
be158e3625 Refs #24110 -- Added a more descriptive release note and fixed a spelling mistake. 2015-01-11 00:30:47 +01:00
Markus Holtermann
fdc2cc9487 Fixed #24110 -- Rewrote migration unapply to preserve intermediate states 2015-01-10 23:14:15 +01:00
Serafeim Papastefanos
74f02557e0 Fixed #23967 -- Added formats for Greek 2015-01-10 11:10:26 -05:00
Claude Paroz
d7bc37d611 Fixed #24097 -- Prevented AttributeError in redirect_to_login
Thanks Peter Schmidt for the report and the initial patch.
Thanks to ​Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
2015-01-10 10:05:02 +01:00
Claude Paroz
27dd7e7271 Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
2015-01-06 08:42:58 +01:00
Tim Graham
d94fe42ae5 Forwardported release note for 4aed731154. 2015-01-05 10:55:48 -05:00
Tim Graham
439f15beab Added 1.7.3 release notes stub. 2015-01-03 13:27:08 -05:00