innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
21,788 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Tim Graham 014247ad19 Prevented newlines from being accepted in some validators. 
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
 2015-07-08 15:23:03 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session. 
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
 2015-07-08 15:23:03 -04:00
Tim Graham 125eaa19b2 Added security release note stubs. 2015-07-08 15:23:03 -04:00
Tim Graham 90c59db7a3 Forwardported release notes for refs #24903. 2015-06-09 17:57:21 -04:00
Andriy Sokolovskiy 80ad5472ce Fixed #24817 -- Prevented loss of null info in MySQL field renaming. 2015-05-28 10:07:52 -04:00