Sarah Boyce
eb665e076c
Cleaned up CVE-2024-53907 and CVE-2024-53908 security archive descriptions.
2024-12-04 16:59:57 +01:00
Sarah Boyce
595cb4a7ae
Added CVE-2024-53907 and CVE-2024-53908 to security archive.
2024-12-04 16:30:03 +01:00
Sarah Boyce
828afd782f
Added stub release notes for 5.1.5.
2024-12-04 16:23:59 +01:00
Simon Charette
8f8dc5a1fc
Fixed CVE-2024-53908 -- Prevented SQL injections in direct HasKeyLookup usage on Oracle.
...
Thanks Seokchan Yoon for the report, and Mariusz Felisiak and Sarah
Boyce for the reviews.
2024-12-04 13:43:13 +01:00
Sarah Boyce
49ff1042aa
Fixed CVE-2024-53907 -- Mitigated potential DoS in strip_tags().
...
Thanks to jiangniao for the report, and Shai Berger and Natalia Bidart
for the reviews.
2024-12-04 13:43:13 +01:00
Adam Johnson
2f6b096b83
Fixed #35950 -- Restored refreshing of relations when fields deferred.
...
Thank you to Simon Charette and Sarah Boyce for the review.
Regression in 73df8b54a2
.
2024-12-02 16:01:37 +01:00
Bendeguz Csirmaz
978aae4334
Fixed #373 -- Added CompositePrimaryKey.
...
Thanks Lily Foote and Simon Charette for reviews and mentoring
this Google Summer of Code 2024 project.
Co-authored-by: Simon Charette <charette.s@gmail.com>
Co-authored-by: Lily Foote <code@lilyf.org>
2024-11-29 11:23:04 +01:00
Jaap Roes
ceecd518b1
Fixed #35530 -- Deprecated request.user fallback in auth.login and auth.alogin.
2024-11-28 17:43:46 +01:00
Salvo Polizzi
b82f80906a
Fixed #35038 -- Created AlterConstraint operation.
2024-11-28 17:40:52 +01:00
Adam Zapletal
e9ed5da3cb
Removed trailing whitespace in docs.
2024-11-27 13:13:28 -03:00
Sarah Boyce
2544c15854
Added stub release notes and release date for 5.1.4, 5.0.10, and 4.2.17.
2024-11-27 15:41:18 +01:00
Tommy Allen
c635decb00
Fixed #35942 -- Fixed createsuperuser crash on Python 3.13+ when username is unavailable.
...
Thanks Mariusz Felisiak and Jacob Tyler Walls for reviews.
2024-11-26 17:15:00 -03:00
Jake Howard
4c452cc377
Fixed #35535 -- Added template tag decorator simple_block_tag().
...
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-11-19 14:35:02 -03:00
Ben Cail
9609b48b91
Fixed #18392 -- Changed default mysql encoding to "utf8mb4".
2024-11-18 15:00:33 +01:00
nessita
2debd018db
Made cosmetic edits to 5.2 release notes, including line wrapping at 79 cols.
2024-11-15 23:30:47 -03:00
Lorenzo Peña
91c879eda5
Fixed #35784 -- Added support for preserving the HTTP request method in HttpResponseRedirectBase.
...
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-11-14 15:53:49 -03:00
sai-ganesh-03
c12bc980e5
Fixed #17905 -- Restricted access to model pages in admindocs.
...
Only users with view or change model permissions can access.
Thank you to Sarah Boyce for the review.
2024-11-11 16:56:03 +01:00
sai-ganesh-03
c2c544cf01
Fixed #27409 -- Made admindocs support custom link text in docstrings.
2024-11-06 14:39:18 +01:00
Mariusz Felisiak
5bd5805811
Added stub release notes for 5.1.4.
2024-11-05 06:30:53 +01:00
Mariusz Felisiak
ecd81ac8b7
Added release date for 5.1.3.
2024-11-05 05:55:58 +01:00
Sarah Boyce
611bf6c2e2
Fixed #35837 -- Added missing alters_data=True to QuerySet and UserManager methods.
...
Thank you to Jason Chambers for the report and to Mariusz Felisiak for the review.
2024-11-01 11:43:49 +01:00
Sarah Boyce
2c029c718f
Fixed #35876 -- Displayed non-ASCII fieldset names when rendering ModelAdmin.fieldsets.
...
Thank you to Namhong Kim for the report, and to Mariusz Felisiak and Marijke Luttekes for the review.
Regression in 01ed59f753
.
2024-10-31 06:38:07 +01:00
Anthony Joseph
3a8f52fbc6
Fixed #35856 -- Added QuerySet.explain() support for MEMORY/SERIALIZE option on PostgreSQL 17+.
2024-10-30 15:54:48 +01:00
Mariusz Felisiak
5cf88dcc57
Refs #35803 -- Added support for __covers GIS lookup on MySQL.
2024-10-25 07:55:55 +02:00
Mariusz Felisiak
c77573716a
Fixed #35803 -- Added support for Collect, GeoHash, and IsValid on MariaDB 11.7+.
2024-10-25 07:55:55 +02:00
Mariusz Felisiak
0b7edb9fcd
Refs #35803 -- Added support for __coveredby GIS lookup on MySQL and MariaDB 11.7+.
2024-10-25 07:55:55 +02:00
David Smith
04adff9f98
Refs #34406 -- Added support for GDAL curved geometries.
...
Co-authored-by: Fabien Le Frapper <contact@fabienlefrapper.me>
2024-10-22 17:24:36 -03:00
Nick Pope
3fad712a91
Fixed #35841 -- Restored support for DB-IP databases in GeoIP2.
...
Thanks Felix Farquharson for the report and Claude Paroz for the
review.
Regression in 40b5b1596f
.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-10-17 21:40:53 -03:00
Justin Thurman
99dcc59237
Fixed #35845 -- Updated DomainNameValidator to require entire string to be a valid domain name.
...
Bug in 4971a9afe5
.
Thank you to kazet for the report and Claude Paroz for the review.
2024-10-17 16:45:44 +02:00
SaJH
4a685bc0dc
Fixed #35727 -- Added HttpResponse.text property.
...
Signed-off-by: SaJH <wogur981208@gmail.com>
2024-10-16 11:52:22 +02:00
Ben Cail
ec7d69035a
Fixed #35782 -- Allowed overriding password validation error messages.
2024-10-15 17:23:39 +02:00
leondaz
06bf06a911
Fixed #35656 -- Added an autodetector attribute to the makemigrations and migrate commands.
2024-10-15 16:39:12 +02:00
gabn88
e970bb7ca7
Fixed #35103 -- Used provided error code and message when fields is set without a condition on UniqueConstraint.
2024-10-10 09:20:37 +02:00
Mariusz Felisiak
6db89aa6c4
Fixed typo in docs/releases/5.2.txt.
2024-10-10 09:13:12 +02:00
Mariusz Felisiak
2e3bc59fd3
Refs #34900 -- Doc'd Python 3.13 compatibility.
2024-10-09 09:27:33 +02:00
Natalia
4d11402932
Added stub release notes for 5.1.3.
2024-10-08 12:03:23 -03:00
Natalia
5bb433e99b
Added release date for 5.1.2.
2024-10-08 11:37:30 -03:00
nessita
679d57816d
Fixed #35809 -- Set background color for selected rows in the admin's form select widget.
...
Regression in b47bdb4cd9
.
Thank you Giannis Terzopoulos for the review, and Tom Carrick and Sarah Boyce
for the review.
2024-10-08 10:01:28 -03:00
nessita
7d9dd7b68f
Updated translations from Transifex.
...
Forwardport of e245f62d00
from stable/5.1.x.
2024-10-07 17:37:36 -03:00
Jon Janzen
50f89ae850
Fixed #35303 -- Implemented async auth backends and utils.
2024-10-07 14:19:41 +02:00
Marc Gibbons
6765b6adf9
Fixed #35797 -- Removed debug context processor from default project template.
2024-09-30 16:52:28 -03:00
John Parton
f22ff4561a
Fixed #35734 -- Used JSONB_BUILD_OBJECT database function on PostgreSQL when using server-side bindings.
...
Regression in 81ccf92f15
.
2024-09-26 10:19:34 -04:00
David Smith
1857b6663b
Fixed #35776 -- Dropped support for GDAL 3.0.
2024-09-19 17:26:30 +02:00
Amir Karimi
ee5147cfd7
Fixed #29522 -- Refactored the Deserializer functions to classes.
...
Co-authored-by: Emad Mokhtar <emad.mokhtar@veneficus.nl>
2024-09-17 11:00:49 +02:00
Jacob Walls
a060a22ee2
Fixed #35660 -- Made serialized_rollback and fixture data available in TransactionTestCase.setUpClass().
2024-09-17 09:53:46 +02:00
saJaeHyukc
fd92f24789
Fixed #34887 -- Added support for unlimited models.CharField on SQLite.
...
Signed-off-by: saJaeHyukc <wogur981208@gmail.com>
2024-09-16 13:31:06 +02:00
Gastón Avila
c3ca6075cc
Fixed #35732 -- Wrapped ConcatPair expression in parentheses to ensure operator precedence.
...
When ConcatPair was updated to use || this lost the implicit wrapping from CONCAT(...).
This broke the WHERE clauses when used in combination with PostgreSQL trigram similarity.
Regression in 6364b6ee10
.
Co-authored-by: Emiliano Cuenca <106986074+emicuencac@users.noreply.github.com>
2024-09-11 14:36:56 +02:00
Csirmaz Bendegúz
5865ff5adc
Refs #373 -- Added Model._is_pk_set() abstraction to check if a Model's PK is set.
2024-09-09 17:46:50 -03:00
Jake Howard
e161bd4657
Fixed #35631 -- Added HttpRequest.get_preferred_type().
2024-09-09 12:02:18 +02:00
Natalia
aa52930687
Added CVE-2024-45230 and CVE-2024-45231 to security archive.
2024-09-03 11:19:02 -03:00