1
0
mirror of https://github.com/django/django.git synced 2024-12-24 10:05:46 +00:00
django/docs/releases
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
..
0.95.txt
0.96.txt
1.0-alpha-1.txt
1.0-alpha-2.txt
1.0-beta-2.txt
1.0-beta.txt
1.0-porting-guide.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.0.1.txt
1.0.2.txt
1.0.txt
1.1-alpha-1.txt Consolidated documentation for F() and Q() 2013-09-06 12:57:25 -05:00
1.1-beta-1.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.1-rc-1.txt
1.1.2.txt
1.1.3.txt
1.1.4.txt
1.1.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.2-alpha-1.txt
1.2-beta-1.txt
1.2-rc-1.txt
1.2.1.txt Fixed a number of minor misspellings. 2013-07-27 18:46:03 -07:00
1.2.2.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.2.3.txt
1.2.4.txt
1.2.5.txt
1.2.6.txt
1.2.7.txt
1.2.txt
1.3-alpha-1.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.3-beta-1.txt Fixed #19695 -- Retitle "Form Media" to "Form Assets". 2013-07-08 13:59:54 -04:00
1.3.1.txt
1.3.2.txt
1.3.3.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.3.4.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.3.5.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.3.6.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.3.7.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.3.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.4-alpha-1.txt
1.4-beta-1.txt
1.4.1.txt
1.4.2.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.4.3.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.4.4.txt Fixed #21035 -- Changed docs to treat the acronym SQL phonetically. 2013-09-05 20:14:58 -04:00
1.4.5.txt Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
1.4.6.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.4.7.txt Added 1.4.7/1.5.3 release notes 2013-09-10 21:07:22 -04:00
1.4.txt
1.5-alpha-1.txt Consolidated documentation for F() and Q() 2013-09-06 12:57:25 -05:00
1.5-beta-1.txt Consolidated documentation for F() and Q() 2013-09-06 12:57:25 -05:00
1.5.1.txt
1.5.2.txt Fixed #19885 -- cleaned up the django.test namespace 2013-09-09 16:03:13 -04:00
1.5.3.txt Added 1.4.7/1.5.3 release notes 2013-09-10 21:07:22 -04:00
1.5.txt Consolidated documentation for F() and Q() 2013-09-06 12:57:25 -05:00
1.6.txt Fixed #21100 -- Noted that Create/UpdateViews.fields is new in 1.6 2013-09-13 09:34:12 -04:00
1.7.txt Ensure that passwords are never long enough for a DoS. 2013-09-15 13:42:23 +08:00
index.txt Added 1.4.7/1.5.3 release notes 2013-09-10 21:07:22 -04:00