mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-29 12:36:08 +00:00
Code Issues 30 Releases Wiki Activity
20,389 Commits 28 Branches 426 Tags 680 MiB
f32bb3adf0
Commit Graph

5 Commits

Author SHA1 Message Date
Tim Graham
574dd5e0b0 [1.8.x] Prevented newlines from being accepted in some validators. 
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
 2015-07-08 15:23:18 -04:00
Carl Meyer
66d12d1aba [1.8.x] Fixed #19324 -- Avoided creating a session record when loading the session. 
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
 2015-07-08 15:23:18 -04:00
Tim Graham
64e8a5f1bb [1.8.x] Added security release note stubs. 2015-07-08 15:23:18 -04:00
Tim Graham
8bc18ebf0f [1.8.x] Fixed #24903 -- Fixed assertRaisesMessage on Python 2.7.10. 
A regression in Python 2.7.10 rc1 wasn't reverted in the final
release: https://bugs.python.org/issue24134

Backport of two commits from master:
* c2bc1cefdc
* e89c3a4603
 2015-06-09 17:54:33 -04:00
Andriy Sokolovskiy
f65d4db8a8 [1.8.x] Fixed #24817 -- Prevented loss of null info in MySQL field renaming. 
Backport of 80ad5472ce from master
 2015-05-28 10:08:14 -04:00