mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-04-04 21:46:40 +00:00
Code Issues 32 Releases Wiki Activity
django/docs/releases
History
Simon Charette 764af7a3d6 Fixed #36289 -- Fixed bulk_create() crash with nullable geometry fields on PostGIS. 
Swapped to an allow list instead of a deny list for field types to
determine if the UNNEST optimization can be enabled to avoid further
surprises with other types that would require further specialization to
adapt.

Regression in a16eedcf9c69d8a11d94cac1811018c5b996d491.

Thanks Joshua Goodwin for the report and Sarah Boyce for the test.
2025-04-04 21:33:04 +02:00
..
0.95.txt
Added missing backticks to function names.
2022-03-17 11:10:03 +01:00
0.96.txt
Fixed broken links and redirects in docs.
2024-03-06 08:50:21 +01:00
1.0-porting-guide.txt
Applied Black's 2024 stable style.
2024-01-26 12:45:07 +01:00
1.0.1.txt
1.0.2.txt
1.0.txt
Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.
2023-03-01 13:03:56 +01:00
1.1.2.txt
Updated capitalization in the word "JavaScript" for consistency
2015-05-01 13:26:42 -04:00
1.1.3.txt
Removed hyphen from pre-/re- prefixes.
2022-04-28 10:44:14 +02:00
1.1.4.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.1.txt
Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.
2023-03-01 13:03:56 +01:00
1.2.1.txt
Used 🎫 role in all tickets links.
2019-11-26 14:02:24 +01:00
1.2.2.txt
1.2.3.txt
Refs #32720 -- Used :commit: and :source: role in old release notes.
2021-05-17 07:36:57 +02:00
1.2.4.txt
Removed hyphen from pre-/re- prefixes.
2022-04-28 10:44:14 +02:00
1.2.5.txt
Refs #32720 -- Used :commit: and :source: role in old release notes.
2021-05-17 07:36:57 +02:00
1.2.6.txt
1.2.7.txt
1.2.txt
Applied Black's 2024 stable style.
2024-01-26 12:45:07 +01:00
1.3.1.txt
1.3.2.txt
1.3.3.txt
1.3.4.txt
Refs #34140 -- Corrected rst code-block and various formatting issues in docs.
2023-02-28 12:21:37 +01:00
1.3.5.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.3.6.txt
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
2021-07-29 06:24:12 +02:00
1.3.7.txt
1.3.txt
Used extlinks for PyPI links.
2023-04-17 06:55:32 +02:00
1.4.1.txt
1.4.2.txt
Refs #34140 -- Corrected rst code-block and various formatting issues in docs.
2023-02-28 12:21:37 +01:00
1.4.3.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.4.4.txt
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
2021-07-29 06:24:12 +02:00
1.4.5.txt
1.4.6.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.4.7.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.4.8.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.4.9.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.4.10.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.4.11.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.4.12.txt
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
2015-12-31 14:21:29 -05:00
1.4.13.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.4.14.txt
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
2015-12-31 14:21:29 -05:00
1.4.15.txt
1.4.16.txt
1.4.17.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.4.18.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.4.19.txt
Fixed #25778 -- Updated docs links to use https when available.
2015-12-01 08:01:34 -05:00
1.4.20.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.4.21.txt
Prevented newlines from being accepted in some validators.
2015-07-08 15:23:03 -04:00
1.4.22.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.4.txt
Refs #26029 -- Removed DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings.
2023-09-18 22:12:40 +02:00
1.5.1.txt
Added documentation extlink for bugs.python.org.
2021-02-17 14:24:42 +01:00
1.5.2.txt
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
1.5.3.txt
Changed docs and a code comment to use gender-neutral pronouns.
2020-11-13 22:26:30 +01:00
1.5.4.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.5.5.txt
Fixed #26020 -- Normalized header stylings in docs.
2016-01-22 12:12:17 -05:00
1.5.6.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.5.7.txt
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
2015-12-31 14:21:29 -05:00
1.5.8.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.5.9.txt
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
2015-12-31 14:21:29 -05:00
1.5.10.txt
1.5.11.txt
1.5.12.txt
1.5.txt
Refs #27236 -- Removed Meta.index_together per deprecation timeline.
2023-09-18 22:12:40 +02:00
1.6.1.txt
Changed some words to use inline markup.
2022-03-10 10:18:31 +01:00
1.6.2.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.6.3.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.6.4.txt
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
2015-12-31 14:21:29 -05:00
1.6.5.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.6.6.txt
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
1.6.7.txt
1.6.8.txt
1.6.9.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.6.10.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.6.11.txt
Added documentation extlink for bugs.python.org.
2021-02-17 14:24:42 +01:00
1.6.txt
Used extlinks for PyPI links.
2023-04-17 06:55:32 +02:00
1.7.1.txt
Refs #32446 -- Removed SERIALIZE test database setting per deprecation timeline.
2023-01-17 11:49:15 +01:00
1.7.2.txt
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
1.7.3.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.7.4.txt
1.7.5.txt
1.7.6.txt
Refs #24461 -- Added test/release notes for XSS issue in ModelAdmin.readonly_fields
2015-03-09 10:12:21 -04:00
1.7.7.txt
Added documentation extlink for bugs.python.org.
2021-02-17 14:24:42 +01:00
1.7.8.txt
Added dates to release notes.
2015-05-01 16:24:39 -04:00
1.7.9.txt
Prevented newlines from being accepted in some validators.
2015-07-08 15:23:03 -04:00
1.7.10.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.7.11.txt
Added release date for 1.8.7/1.7.11 releases.
2015-11-24 11:20:29 -05:00
1.7.txt
Refs #27236 -- Removed Meta.index_together per deprecation timeline.
2023-09-18 22:12:40 +02:00
1.8.1.txt
Fixed #31534 -- Deprecated django.conf.urls.url().
2020-05-05 07:34:34 +02:00
1.8.2.txt
Added missing backticks in docs.
2023-07-21 12:54:38 +02:00
1.8.3.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.8.4.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.8.5.txt
Added release date for 1.8.5.
2015-10-03 19:31:45 -04:00
1.8.6.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
1.8.7.txt
Refs #23919 -- Removed Python 2 notes in docs.
2017-01-18 11:51:29 -05:00
1.8.8.txt
Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.
2021-05-17 09:46:09 +02:00
1.8.9.txt
Added release dates for 1.9.2 and 1.8.9.
2016-02-01 12:02:16 -05:00
1.8.10.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.8.11.txt
Added safety to URL decoding in is_safe_url() on Python 2
2016-03-04 23:33:35 +01:00
1.8.12.txt
Added release date for 1.9.5 and 1.8.12.
2016-04-01 13:29:43 -04:00
1.8.13.txt
Added release date for 1.9.6/1.8.13.
2016-05-02 18:16:36 -04:00
1.8.14.txt
Fixed XSS in admin's add/change related popup.
2016-07-18 11:17:01 -04:00
1.8.15.txt
Added release notes for 1.9.10 and 1.8.15 releases.
2016-09-26 13:55:21 -04:00
1.8.16.txt
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
1.8.17.txt
Added release dates for 1.10.4, 1.9.12, 1.8.17.
2016-12-01 17:15:04 -05:00
1.8.18.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.8.19.txt
Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
2018-03-06 08:30:40 -05:00
1.8.txt
Used extlinks for PyPI links.
2023-04-17 06:55:32 +02:00
1.9.1.txt
Changed some words to use inline markup.
2022-03-10 10:18:31 +01:00
1.9.2.txt
Added release dates for 1.9.2 and 1.8.9.
2016-02-01 12:02:16 -05:00
1.9.3.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.9.4.txt
Added safety to URL decoding in is_safe_url() on Python 2
2016-03-04 23:33:35 +01:00
1.9.5.txt
Added release date for 1.9.5 and 1.8.12.
2016-04-01 13:29:43 -04:00
1.9.6.txt
Added release date for 1.9.6/1.8.13.
2016-05-02 18:16:36 -04:00
1.9.7.txt
Added release date for 1.9.7.
2016-06-04 19:24:51 -04:00
1.9.8.txt
Fixed XSS in admin's add/change related popup.
2016-07-18 11:17:01 -04:00
1.9.9.txt
Added release dates for 1.10 and 1.9.9
2016-08-01 13:55:08 -04:00
1.9.10.txt
Added release notes for 1.9.10 and 1.8.15 releases.
2016-09-26 13:55:21 -04:00
1.9.11.txt
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
1.9.12.txt
Added release dates for 1.10.4, 1.9.12, 1.8.17.
2016-12-01 17:15:04 -05:00
1.9.13.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.9.txt
Added backticks to setuptools in docs.
2023-10-09 09:55:52 +02:00
1.10.1.txt
Added release date for 1.10.1.
2016-09-01 16:24:46 -04:00
1.10.2.txt
Fixed #27302 -- Fixed ModelAdmin.construct_change_message() changed field detection
2016-10-01 20:14:27 +02:00
1.10.3.txt
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
1.10.4.txt
Added release dates for 1.10.4, 1.9.12, 1.8.17.
2016-12-01 17:15:04 -05:00
1.10.5.txt
Added release date for 1.10.5.
2017-01-04 13:20:01 -05:00
1.10.6.txt
Fixed typo in docs/releases/1.10.6.txt.
2017-03-01 10:11:32 -05:00
1.10.7.txt
Refs #17209 -- Removed login/logout and password reset/change function-based views.
2017-09-22 12:51:17 -04:00
1.10.8.txt
Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page.
2017-09-05 10:58:38 -04:00
1.10.txt
Tweaked docs to avoid reformatting given new black version.
2025-01-30 10:37:14 -03:00
1.11.1.txt
Improved style of n-tuple wording in docs and comments.
2023-06-23 09:29:35 +02:00
1.11.2.txt
Added release date for 1.11.2.
2017-06-01 11:09:51 -04:00
1.11.3.txt
Added release date for 1.11.3.
2017-07-01 19:13:35 -04:00
1.11.4.txt
Added release date for 1.11.4.
2017-08-01 08:08:18 -04:00
1.11.5.txt
Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page.
2017-09-05 10:58:38 -04:00
1.11.6.txt
Added release date for 1.11.6.
2017-10-05 14:13:32 -04:00
1.11.7.txt
Added release date for 1.11.7.
2017-11-01 21:11:38 -04:00
1.11.8.txt
Added release dates for 2.0 and 1.11.8.
2017-12-02 08:55:33 -05:00
1.11.9.txt
Added release date for 2.0.1 and 1.11.9.
2018-01-01 19:34:34 -05:00
1.11.10.txt
Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.
2018-02-01 09:05:14 -05:00
1.11.11.txt
Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
2018-03-06 08:30:40 -05:00
1.11.12.txt
Added release date for 2.0.4 and 1.11.12.
2018-04-02 21:36:23 -04:00
1.11.13.txt
Added release date for 2.0.5 and 1.11.13.
2018-05-01 21:18:44 -04:00
1.11.14.txt
Added release date for 1.11.14.
2018-07-02 10:12:20 +02:00
1.11.15.txt
Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.
2018-08-01 09:28:42 -04:00
1.11.16.txt
Added release date for 1.11.16.
2018-10-01 09:34:57 +02:00
1.11.17.txt
Added release date for 1.11.17.
2018-12-03 15:14:58 +01:00
1.11.18.txt
Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
2019-01-03 21:21:55 -05:00
1.11.19.txt
Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes.
2019-06-21 07:07:23 +02:00
1.11.20.txt
Refs #30175 -- Added release notes for 2.1.7, 2.0.12, and 1.11.20 releases.
2019-02-11 15:46:33 +01:00
1.11.21.txt
Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes.
2019-06-03 14:08:51 +02:00
1.11.22.txt
Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
2019-07-01 07:48:04 +02:00
1.11.23.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
1.11.24.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
1.11.25.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
1.11.26.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
1.11.27.txt
Fixed CVE-2019-19844 -- Used verified user email for password reset requests.
2019-12-18 09:11:39 +01:00
1.11.28.txt
Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter.
2020-02-03 08:49:13 +01:00
1.11.29.txt
Fixed typo in docs/releases/1.11.29.txt.
2020-03-04 10:46:43 +01:00
1.11.txt
Refs #27236 -- Removed Meta.index_together per deprecation timeline.
2023-09-18 22:12:40 +02:00
2.0.1.txt
Added release date for 2.0.1 and 1.11.9.
2018-01-01 19:34:34 -05:00
2.0.2.txt
Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.
2018-02-01 09:05:14 -05:00
2.0.3.txt
Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
2018-03-06 08:30:40 -05:00
2.0.4.txt
Prevented (and corrected) single backtick usage in docs.
2020-04-01 14:55:11 +02:00
2.0.5.txt
Fixed typo in docs/releases/2.0.5.txt.
2018-08-21 09:48:14 -04:00
2.0.6.txt
Fixed #28462 -- Decreased memory usage with ModelAdmin.list_editable.
2018-06-01 10:41:05 -04:00
2.0.7.txt
Forwardported 2.0.7 release note.
2018-06-28 11:07:37 -04:00
2.0.8.txt
Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.
2018-08-01 09:28:42 -04:00
2.0.9.txt
Added release date for 2.0.9 release.
2018-10-01 09:55:56 +02:00
2.0.10.txt
Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
2019-01-03 21:21:55 -05:00
2.0.11.txt
Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes.
2019-06-21 07:07:23 +02:00
2.0.12.txt
Refs #30175 -- Added release notes for 2.1.7, 2.0.12, and 1.11.20 releases.
2019-02-11 15:46:33 +01:00
2.0.13.txt
Refs #30177 -- Forwardported 2.0.13 release notes.
2019-02-11 15:45:04 -05:00
2.0.txt
Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.
2023-03-01 13:03:56 +01:00
2.1.1.txt
Added release date for 2.1.1.
2018-08-31 10:12:51 +02:00
2.1.2.txt
Added release date for 2.1.2 release.
2018-10-01 10:10:48 +02:00
2.1.3.txt
Added release date for 2.1.2 release.
2018-11-01 15:02:22 +01:00
2.1.4.txt
Added release date for 2.1.4.
2018-12-03 17:29:46 +01:00
2.1.5.txt
Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
2019-01-03 21:21:55 -05:00
2.1.6.txt
Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes.
2019-06-21 07:07:23 +02:00
2.1.7.txt
Refs #30175 -- Added release notes for 2.1.7, 2.0.12, and 1.11.20 releases.
2019-02-11 15:46:33 +01:00
2.1.8.txt
Fixed #30289 -- Prevented admin inlines for a ManyToManyField's implicit through model from being editable if the user only has the view permission.
2019-03-30 16:49:16 -04:00
2.1.9.txt
Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes.
2019-06-03 14:08:51 +02:00
2.1.10.txt
Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
2019-07-01 07:48:04 +02:00
2.1.11.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.1.12.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.1.13.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.1.14.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.1.15.txt
Preferred usage of among/while to amongst/whilst.
2020-06-03 21:02:48 +02:00
2.1.txt
Fixed references to django.core.cache in docs.
2023-05-22 14:02:01 +02:00
2.2.1.txt
Used :envvar: role and .. envvar:: directive in various docs.
2020-05-13 09:14:40 +02:00
2.2.2.txt
Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes.
2019-06-03 14:08:51 +02:00
2.2.3.txt
Added release date for 2.2.3.
2019-07-01 07:48:45 +02:00
2.2.4.txt
Fixed "nulls characters" typo in docs.
2023-01-16 07:54:00 +01:00
2.2.5.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.2.6.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.2.7.txt
Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline.
2021-01-14 17:50:04 +01:00
2.2.8.txt
Preferred usage of among/while to amongst/whilst.
2020-06-03 21:02:48 +02:00
2.2.9.txt
Fixed CVE-2019-19844 -- Used verified user email for password reset requests.
2019-12-18 09:11:39 +01:00
2.2.10.txt
Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter.
2020-02-03 08:49:13 +01:00
2.2.11.txt
Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle.
2020-03-04 09:04:50 +01:00
2.2.12.txt
Added release dates for 2.1.12 and 3.0.5.
2020-04-01 09:14:56 +02:00
2.2.13.txt
Fixed CVE-2020-13254 -- Enforced cache key validation in memcached backends.
2020-06-03 09:24:26 +02:00
2.2.14.txt
Added release date for 2.2.14 and 3.0.8.
2020-07-01 06:16:32 +02:00
2.2.15.txt
Added release date for 2.2.15 and 3.0.9.
2020-08-03 08:52:28 +02:00
2.2.16.txt
Added release date for 3.1.1, 3.0.10, and 2.2.16.
2020-09-01 09:56:42 +02:00
2.2.17.txt
Set release date for 3.1.3, 3.0.11, and 2.2.17.
2020-11-02 08:35:24 +01:00
2.2.18.txt
Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
2021-02-01 09:07:36 +01:00
2.2.19.txt
Refs CVE-2021-23336 -- Updated tests and release notes for affected versions.
2021-02-19 09:03:06 +01:00
2.2.20.txt
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
2021-04-06 08:15:17 +02:00
2.2.21.txt
Refs #32718 -- Corrected CVE-2021-31542 release notes.
2021-05-12 10:42:01 +02:00
2.2.22.txt
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
2021-05-06 08:45:23 +02:00
2.2.23.txt
Fixed #32718 -- Relaxed file name validation in FileField.
2021-05-13 08:53:44 +02:00
2.2.24.txt
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
2021-06-02 10:58:39 +02:00
2.2.25.txt
Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
2021-12-07 06:28:08 +01:00
2.2.26.txt
Corrected merge error in release notes.
2022-01-04 10:50:23 +01:00
2.2.27.txt
Fixed typo in release notes.
2022-02-02 07:17:57 +01:00
2.2.28.txt
Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL.
2022-04-11 08:59:58 +02:00
2.2.txt
Fixed #34688 -- Removed contrib.sitemaps.ping_google() and ping_google management command.
2023-07-10 05:59:35 +02:00
3.0.1.txt
Used :envvar: role and .. envvar:: directive in various docs.
2020-05-13 09:14:40 +02:00
3.0.2.txt
Added release date for 3.0.2.
2020-01-02 07:55:53 +01:00
3.0.3.txt
Added release date for 3.0.3.
2020-02-03 08:52:16 +01:00
3.0.4.txt
Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle.
2020-03-04 09:04:50 +01:00
3.0.5.txt
Added release dates for 2.1.12 and 3.0.5.
2020-04-01 09:14:56 +02:00
3.0.6.txt
Fixed typo in docs/releases/3.0.6.txt.
2020-05-04 07:42:25 +02:00
3.0.7.txt
Fixed CVE-2020-13254 -- Enforced cache key validation in memcached backends.
2020-06-03 09:24:26 +02:00
3.0.8.txt
Added release date for 2.2.14 and 3.0.8.
2020-07-01 06:16:32 +02:00
3.0.9.txt
Added release date for 2.2.15 and 3.0.9.
2020-08-03 08:52:28 +02:00
3.0.10.txt
Added release date for 3.1.1, 3.0.10, and 2.2.16.
2020-09-01 09:56:42 +02:00
3.0.11.txt
Set release date for 3.1.3, 3.0.11, and 2.2.17.
2020-11-02 08:35:24 +01:00
3.0.12.txt
Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
2021-02-01 09:07:36 +01:00
3.0.13.txt
Refs CVE-2021-23336 -- Updated tests and release notes for affected versions.
2021-02-19 09:03:06 +01:00
3.0.14.txt
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
2021-04-06 08:15:17 +02:00
3.0.txt
Replaced "Django test runner" with DiscoverRunner in release notes.
2024-02-05 09:18:53 -03:00
3.1.1.txt
Removed hyphen from pre-/re- prefixes.
2022-04-28 10:44:14 +02:00
3.1.2.txt
Added release date for 3.1.2.
2020-10-01 07:22:28 +02:00
3.1.3.txt
Set release date for 3.1.3, 3.0.11, and 2.2.17.
2020-11-02 08:35:24 +01:00
3.1.4.txt
Added release date for 3.1.4.
2020-12-01 06:24:16 +01:00
3.1.5.txt
Added release date for 3.1.5.
2021-01-04 08:31:51 +01:00
3.1.6.txt
Removed trailing whitespace in docs.
2024-11-27 13:13:28 -03:00
3.1.7.txt
Refs CVE-2021-23336 -- Updated tests and release notes for affected versions.
2021-02-19 09:03:06 +01:00
3.1.8.txt
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
2021-04-06 08:15:17 +02:00
3.1.9.txt
Refs #32718 -- Corrected CVE-2021-31542 release notes.
2021-05-12 10:42:01 +02:00
3.1.10.txt
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
2021-05-06 08:45:23 +02:00
3.1.11.txt
Fixed #32718 -- Relaxed file name validation in FileField.
2021-05-13 08:53:44 +02:00
3.1.12.txt
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
2021-06-02 10:58:39 +02:00
3.1.13.txt
Fixed typo in docs/releases/3.1.13.txt.
2021-07-16 20:30:21 +02:00
3.1.14.txt
Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
2021-12-07 06:28:08 +01:00
3.1.txt
Refs #35234 -- Deprecated CheckConstraint.check in favor of .condition.
2024-03-01 07:15:32 +01:00
3.2.1.txt
Fixed typo in docs/releases/3.2.1.txt.
2022-09-19 05:19:01 +02:00
3.2.2.txt
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
2021-05-06 08:45:23 +02:00
3.2.3.txt
Fixed #32718 -- Relaxed file name validation in FileField.
2021-05-13 08:53:44 +02:00
3.2.4.txt
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
2021-06-02 10:58:39 +02:00
3.2.5.txt
Forwardported release notes for CVE-2021-35042.
2021-07-01 09:42:54 +02:00
3.2.6.txt
Confirmed release date for Django 3.2.6.
2021-08-02 06:55:40 +02:00
3.2.7.txt
Added release date for 3.2.7.
2021-09-01 07:40:01 +02:00
3.2.8.txt
Added release date for 3.2.7.
2021-10-05 09:07:26 +02:00
3.2.9.txt
Added release date for 3.2.9.
2021-11-01 10:18:49 +01:00
3.2.10.txt
Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
2021-12-07 06:28:08 +01:00
3.2.11.txt
Corrected merge error in release notes.
2022-01-04 10:50:23 +01:00
3.2.12.txt
Fixed typo in release notes.
2022-02-02 07:17:57 +01:00
3.2.13.txt
Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL.
2022-04-11 08:59:58 +02:00
3.2.14.txt
Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
2022-07-04 08:13:41 +02:00
3.2.15.txt
Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.
2022-08-03 08:46:31 +02:00
3.2.16.txt
Fixed CVE-2022-41323 -- Prevented locales being interpreted as regular expressions.
2022-10-04 09:10:04 +02:00
3.2.17.txt
Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
2023-02-01 09:44:04 +01:00
3.2.18.txt
Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.
2023-02-14 08:18:40 +01:00
3.2.19.txt
Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field.
2023-05-03 13:42:00 +02:00
3.2.20.txt
Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.
2023-07-03 08:16:55 +02:00
3.2.21.txt
Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri().
2023-09-04 11:58:37 +02:00
3.2.22.txt
Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text.
2023-10-04 09:22:26 -03:00
3.2.23.txt
Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows.
2023-11-01 06:10:30 +01:00
3.2.24.txt
Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.
2024-02-06 09:07:31 -03:00
3.2.25.txt
Refs CVE-2024-27351 -- Forwardported release notes and tests.
2024-03-04 08:22:00 +01:00
3.2.txt
Refs #35444 -- Deprecated contrib.postgres aggregates ordering for order_by.
2025-01-06 09:39:21 +01:00
4.0.1.txt
Refs #33990 -- Renamed SimpleTestCase.assertFormsetError() to assertFormSetError().
2022-10-07 11:22:16 +02:00
4.0.2.txt
Fixed typo in release notes.
2022-02-02 07:17:57 +01:00
4.0.3.txt
Used extlinks for PyPI links.
2023-04-17 06:55:32 +02:00
4.0.4.txt
Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL.
2022-04-11 08:59:58 +02:00
4.0.5.txt
Updated release date for Django 4.0.5.
2022-06-01 12:25:33 +02:00
4.0.6.txt
Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) against SQL injection.
2022-07-04 08:13:41 +02:00
4.0.7.txt
Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.
2022-08-03 08:46:31 +02:00
4.0.8.txt
Fixed CVE-2022-41323 -- Prevented locales being interpreted as regular expressions.
2022-10-04 09:10:04 +02:00
4.0.9.txt
Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
2023-02-01 09:44:04 +01:00
4.0.10.txt
Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.
2023-02-14 08:18:40 +01:00
4.0.txt
Replaced "Django test runner" with DiscoverRunner in release notes.
2024-02-05 09:18:53 -03:00
4.1.1.txt
Added release date for 4.1.1.
2022-09-05 05:21:23 +02:00
4.1.2.txt
Fixed CVE-2022-41323 -- Prevented locales being interpreted as regular expressions.
2022-10-04 09:10:04 +02:00
4.1.3.txt
Added release date for 4.1.3.
2022-11-01 06:54:19 +01:00
4.1.4.txt
Added release date for 4.1.4.
2022-12-06 09:56:43 +01:00
4.1.5.txt
Added release date for 4.1.5.
2023-01-02 08:10:59 +01:00
4.1.6.txt
Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language.
2023-02-01 09:44:04 +01:00
4.1.7.txt
Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.
2023-02-14 08:18:40 +01:00
4.1.8.txt
Added release date for 4.1.8.
2023-04-05 06:09:31 +02:00
4.1.9.txt
Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field.
2023-05-03 13:42:00 +02:00
4.1.10.txt
Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.
2023-07-03 08:16:55 +02:00
4.1.11.txt
Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri().
2023-09-04 11:58:37 +02:00
4.1.12.txt
Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text.
2023-10-04 09:22:26 -03:00
4.1.13.txt
Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows.
2023-11-01 06:10:30 +01:00
4.1.txt
Replaced "Django test runner" with DiscoverRunner in release notes.
2024-02-05 09:18:53 -03:00
4.2.1.txt
Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field.
2023-05-03 13:42:00 +02:00
4.2.2.txt
Added release date for 4.2.2.
2023-06-05 08:21:56 -03:00
4.2.3.txt
Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.
2023-07-03 08:16:55 +02:00
4.2.4.txt
Added release date for 4.2.4.
2023-08-01 13:30:05 -03:00
4.2.5.txt
Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri().
2023-09-04 11:58:37 +02:00
4.2.6.txt
Refs #34840 -- Improved release note describing index regression.
2023-10-15 10:27:11 +02:00
4.2.7.txt
Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows.
2023-11-01 06:10:30 +01:00
4.2.8.txt
Added release date for 4.2.8.
2023-12-04 09:24:31 +01:00
4.2.9.txt
Added release date for 5.0.1 and 4.2.9.
2024-01-02 09:57:41 +01:00
4.2.10.txt
Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.
2024-02-06 09:07:31 -03:00
4.2.11.txt
Refs CVE-2024-27351 -- Forwardported release notes and tests.
2024-03-04 08:22:00 +01:00
4.2.12.txt
Added release date for 5.0.5 and 4.2.12.
2024-05-06 14:35:57 +02:00
4.2.13.txt
Added release notes for 5.0.6 and 4.2.13.
2024-05-07 17:21:21 +02:00
4.2.14.txt
Fixed CVE-2024-39614 -- Mitigated potential DoS in get_supported_language_variant().
2024-07-09 09:21:19 -03:00
4.2.15.txt
Fixed CVE-2024-42005 -- Mitigated QuerySet.values() SQL injection attacks against JSON fields.
2024-08-06 08:50:08 +02:00
4.2.16.txt
Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails.
2024-09-03 09:22:32 -03:00
4.2.17.txt
Fixed CVE-2024-53908 -- Prevented SQL injections in direct HasKeyLookup usage on Oracle.
2024-12-04 13:43:13 +01:00
4.2.18.txt
Fixed CVE-2024-56374 -- Mitigated potential DoS in IPv6 validation.
2025-01-14 08:42:24 -03:00
4.2.19.txt
Added release date for 5.1.6, 5.0.12, and 4.2.19.
2025-02-05 10:38:24 -03:00
4.2.20.txt
Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template filter.
2025-03-06 09:38:40 +01:00
4.2.txt
Fixed #34978, Refs #31331 -- Added backward incompatibility note about raw aggregations on MySQL.
2023-11-27 11:57:07 +01:00
5.0.1.txt
Added release date for 5.0.1 and 4.2.9.
2024-01-02 09:57:41 +01:00
5.0.2.txt
Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.
2024-02-06 09:07:31 -03:00
5.0.3.txt
Refs CVE-2024-27351 -- Forwardported release notes and tests.
2024-03-04 08:22:00 +01:00
5.0.4.txt
Added release date for 5.0.4.
2024-04-03 11:12:03 -03:00
5.0.5.txt
Added release date for 5.0.5 and 4.2.12.
2024-05-06 14:35:57 +02:00
5.0.6.txt
Added release notes for 5.0.6 and 4.2.13.
2024-05-07 17:21:21 +02:00
5.0.7.txt
Made cosmetic edits to 5.0.7 release notes.
2024-07-09 09:36:54 -03:00
5.0.8.txt
Fixed CVE-2024-42005 -- Mitigated QuerySet.values() SQL injection attacks against JSON fields.
2024-08-06 08:50:08 +02:00
5.0.9.txt
Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails.
2024-09-03 09:22:32 -03:00
5.0.10.txt
Fixed CVE-2024-53908 -- Prevented SQL injections in direct HasKeyLookup usage on Oracle.
2024-12-04 13:43:13 +01:00
5.0.11.txt
Fixed CVE-2024-56374 -- Mitigated potential DoS in IPv6 validation.
2025-01-14 08:42:24 -03:00
5.0.12.txt
Added release date for 5.1.6, 5.0.12, and 4.2.19.
2025-02-05 10:38:24 -03:00
5.0.13.txt
Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template filter.
2025-03-06 09:38:40 +01:00
5.0.14.txt
Fixed CVE-2025-27556 -- Mitigated potential DoS in url_has_allowed_host_and_scheme() on Windows.
2025-04-02 10:21:33 +02:00
5.0.txt
Refs #34380 -- Changed the URLField default scheme to https and removed FORMS_URLFIELD_ASSUME_HTTPS per deprecation timeline.
2025-01-15 22:28:37 +01:00
5.1.1.txt
Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails.
2024-09-03 09:22:32 -03:00
5.1.2.txt
Added release date for 5.1.2.
2024-10-08 11:37:30 -03:00
5.1.3.txt
Added release date for 5.1.3.
2024-11-05 05:55:58 +01:00
5.1.4.txt
Fixed CVE-2024-53908 -- Prevented SQL injections in direct HasKeyLookup usage on Oracle.
2024-12-04 13:43:13 +01:00
5.1.5.txt
Fixed CVE-2024-56374 -- Mitigated potential DoS in IPv6 validation.
2025-01-14 08:42:24 -03:00
5.1.6.txt
Added release date for 5.1.6, 5.0.12, and 4.2.19.
2025-02-05 10:38:24 -03:00
5.1.7.txt
Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template filter.
2025-03-06 09:38:40 +01:00
5.1.8.txt
Fixed CVE-2025-27556 -- Mitigated potential DoS in url_has_allowed_host_and_scheme() on Windows.
2025-04-02 10:21:33 +02:00
5.1.txt
Fixed #36217 -- Restored pre_save/post_save signal emission via LogEntry.save() for single-object deletion in the admin.
2025-03-04 10:34:15 +01:00
5.2.1.txt
Fixed #36289 -- Fixed bulk_create() crash with nullable geometry fields on PostGIS.
2025-04-04 21:33:04 +02:00
5.2.txt
Finalized release notes for Django 5.2.
2025-04-02 14:43:00 +02:00
6.0.txt
Fixed #36265 -- Added support for serialization of ZoneInfo instances in migrations.
2025-03-31 13:44:54 +02:00
index.txt
Added stub release notes for 5.2.1.
2025-04-02 15:24:48 +02:00
security.txt
Added CVE-2025-27556 to security archive.
2025-04-02 13:31:24 +02:00