mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity
15,918 Commits 30 Branches 460 Tags
b9101fa7a2180f121fc828174149b61e9151e69d
Commit Graph

6 Commits

Author SHA1 Message Date
Tim Graham
f9de1998f9 [1.6.x] Added dates to release notes. 2015-01-13 13:10:25 -05:00
Tim Graham
553779c405 [1.6.x] Prevented views.static.serve() from using large memory on large files. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:10:11 -05:00
Tim Graham
72e0b03366 [1.6.x] Fixed is_safe_url() to handle leading whitespace. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:10:11 -05:00
Carl Meyer
d7597b31d5 [1.6.x] Stripped headers containing underscores to prevent spoofing in WSGI environ. 
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
 2015-01-13 13:10:11 -05:00
Tim Graham
f143e25883 [1.6.x] Added stub release notes for security releases. 2015-01-13 13:10:11 -05:00
Tim Graham
5e45c4f7c2 [1.6.x] Added 1.4.18 release notes. 
Backport of ce17b045bf from master
 2015-01-05 14:25:41 -05:00