django

mirror of https://github.com/django/django.git synced 2024-12-23 17:46:27 +00:00

History

Natalia bf4888d317 [4.2.x] Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails. On successful submission of a password reset request, an email is sent to the accounts known to the system. If sending this email fails (due to email backend misconfiguration, service provider outage, network issues, etc.), an attacker might exploit this by detecting which password reset requests succeed and which ones generate a 500 error response. Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam Johnson, and Sarah Boyce for the reviews.		2024-09-03 09:42:25 -03:00
..
auth	[4.2.x] Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails.	2024-09-03 09:42:25 -03:00
class-based-views
db	[4.2.x] Refs #30601 -- Fixed typos in docs/topics/db/transactions.txt.	2023-10-30 13:50:20 -03:00
forms	[4.2.x] Improved formset docs by using a set instead of a list in the custom validation example.	2023-08-23 22:26:05 -03:00
http
i18n
testing	[4.2.x] Avoided counting exceptions in AsyncClient docs.	2023-08-24 05:21:00 +02:00
async.txt
cache.txt	[4.2.x] Fixed references to django.core.cache in docs.	2023-05-22 14:02:28 +02:00
checks.txt
conditional-view-processing.txt
email.txt
external-packages.txt
files.txt
index.txt
install.txt
logging.txt
migrations.txt	[4.2.x] Refs #23528 -- Made cosmetic edits to swappable_dependency() docs.	2023-06-03 12:02:08 +02:00
pagination.txt
performance.txt
security.txt
serialization.txt
settings.txt
signals.txt
signing.txt
templates.txt