1
0
mirror of https://github.com/django/django.git synced 2024-12-27 03:25:58 +00:00
Commit Graph

6 Commits

Author SHA1 Message Date
Tom Hacohen
1ecc0a395b Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
Co-Authored-By: Tim Graham <timograham@gmail.com>
2019-01-03 21:21:55 -05:00
Simon Charette
315357ad25 Fixed #30023 -- Prevented SQLite schema alterations while foreign key checks are enabled.
Prior to this change foreign key constraint references could be left pointing
at tables dropped during operations simulating unsupported table alterations
because of an unexpected failure to disable foreign key constraint checks.

SQLite3 does not allow disabling such checks while in a transaction so they
must be disabled beforehand.

Thanks ezaquarii for the report and Carlton and Tim for the review.
2018-12-15 18:51:59 -05:00
Simon Charette
c8ffdbe514 Fixed #29182 -- Fixed schema table alteration on SQLite 3.26+.
SQLite 3.26 repoints foreign key constraints on table renames even when
foreign_keys pragma is off which breaks every operation that requires
a table rebuild to simulate unsupported ALTER TABLE statements.

The newly introduced legacy_alter_table pragma disables this behavior
and restores the previous schema editor assumptions.

Thanks Florian Apolloner, Christoph Trassl, Chris Lamb for the report and
troubleshooting assistance.
2018-12-07 13:32:37 -05:00
Claude Paroz
e7e5505902 Fixed #29959 -- Cached GEOS version in WKBWriter class.
Regression in f185d929fa.
2018-11-16 14:45:21 -05:00
Tim Graham
97cec6f75d Removed release date for 2.0.10 and 1.11.17. 2018-11-16 09:34:10 -05:00
Carlton Gibson
2e86710dac Added stub release notes for 2.0.10 release. 2018-10-01 11:46:38 +02:00