Commit Graph

14027 Commits

Author SHA1 Message Date
James Bennett a0f60958cf [1.5.x] Add missing disclosure information to security archive. 2014-04-21 18:28:24 -05:00
James Bennett 486b6f398b [1.5.x] Update for 1.5.6 security release. 2014-04-21 17:51:51 -05:00
Erik Romijn cebfbcdb86 [1.5.x] Added information on resolved security issues to release notes.
Backport of c07f3e60c2 from master
2014-04-21 18:31:08 -04:00
Erik Romijn 985434fb1d [1.5.x] Fixed queries that may return unexpected results on MySQL due to typecasting.
This is a security fix. Disclosure will follow shortly.

Backport of 75c0d4ea3a from master
2014-04-21 18:31:08 -04:00
Aymeric Augustin 6872f42757 [1.5.x] Prevented leaking the CSRF token through caching.
This is a security fix. Disclosure will follow shortly.

Backport of c083e3815a from master
2014-04-21 18:31:05 -04:00
Tim Graham 2a5bcb69f4 [1.5.x] Fixed a remote code execution vulnerabilty in URL reversing.
Thanks Benjamin Bach for the report and initial patch.

This is a security fix; disclosure to follow shortly.

Backport of 8b93b31487 from master
2014-04-21 18:30:57 -04:00
Matt Lauber d6c685cc78 [1.5.x] Corrected the section identifier for MySQL unicode reference.
Backport of b2514c02e1 from master
2014-04-21 13:20:56 -04:00
Erik Romijn 1997421f8e [1.5.x] Fixed #22471 -- Corrected misprint in i18n docs
Backport of 54d5c37de6 from master.
2014-04-18 15:16:43 +02:00
Jordi Yeh ec2d456df8 [1.5.x] Fixed #22457 -- Fixed contributing guide w/o github set-up
The published commnand was not working when the user did not have
the git client set-up with the public-key. Changed the contributing
guide to clone it from https instead.

Backport of 2810299117 from master
2014-04-16 09:40:32 -04:00
Tim Graham cbc80eef6d [1.5.x] Fixed #22392 -- Corrected deployment instructions for Apache 2.4.
Thanks zjcheah at yahoo.com for the report.

Backport of 0f37d2e4c0 from master
2014-04-15 17:46:01 -04:00
Tim Graham 5b2d17d910 [1.5.x] Fixed #22419 -- Typo in docs/topics/db/multi-db.txt.
Thanks Josh Kupershmidt.

Backport of c487b1e230 from master
2014-04-10 19:33:50 -04:00
Tim Graham efb0c848ac [1.5.x] Updated six to 1.6.1.
Backport of 2ec82c7387 from master
2014-03-24 07:34:37 -04:00
Claude Paroz 468d06077a [1.5.x] Clarified strip_tags documentation
The fact that strip_tags cannot guarantee to really strip all
non-safe HTML content was not clear enough. Also see:
https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/

Partial backport (doc-only) of 6ca6c36f82 from master.
2014-03-22 11:14:15 +01:00
Dejan Noveski b86ff4ee82 [1.5.x] Fixed #22262 -- Added the correct line in the last example of Translator lines
Backport of 958b511a80 from master.
2014-03-13 14:15:48 +01:00
Tim Graham c888bee836 [1.5.x] Fixed #22062 -- Corrected static files config for Apache >= 2.4
Backport of ffa238c3f7 from master
2014-02-18 09:32:44 -05:00
Ian Foote 4e115af105 [1.5.x] Fix typo CRSF -> CSRF
Backport of af64f829d7 from master
2014-01-29 12:08:55 -05:00
Tim Graham b55d0ebff2 [1.5.x] Added release note stubs for 1.5.6 and 1.4.11.
Backport of dfa28981ce from master
2014-01-26 17:49:04 -05:00
Tim Graham 682420d108 [1.5.x] Fixed #21823 -- Upgraded six to 1.5.2
Backport of 780ae7e9f8 from master.
2014-01-26 15:48:32 -05:00
Tim Graham 60054e6e31 [1.5.x] Fixed #21869 -- Fixed docs building with Sphinx 1.2.1.
Thanks tragiclifestories for the report.

Backport of e1d18b9d2e from master
2014-01-24 09:05:55 -05:00
James Turley c539a4490f [1.5.x] Fixed #21824 -- Added reference to LTS in docs/internals/security.txt
Backport of 4d8209431d from master
2014-01-24 08:14:46 -05:00
Tim Graham 169bee85ea [1.5.x] Fixed some punctuation; thanks Chris Jerdonek.
Backport of 81830ce34f from master
2014-01-23 09:05:14 -05:00
Baptiste Mispelon 7517768134 [1.5.x] Always use parentheses when documenting a method with no arguments.
Backport of 05d36dc06e from master.
2014-01-22 23:28:07 +01:00
Baptiste Mispelon 126af8fa7b [1.5.x] Don't show `self` in the list of arguments of a method.
This is consistent with Python's official documentation
and it's a sphinx recommendation too[1].

[1] http://sphinx-doc.org/markup/desc.html#dir-method

Refs #21855.

Backport of 79e1d6ebd7 from master.
2014-01-22 23:26:05 +01:00
Tim Graham ebed014950 [1.5.x] Fixed #21726 -- Clarified that password should not be included in REQUIRED_FIELDS.
Thanks russellm for the report.

Backport of 6f06c749b7 from master
2014-01-22 10:19:07 -05:00
Tim Graham 45535c8a4c [1.5.x] Fixed #21834 -- Clarifed usage of template_name in tutorial part 4.
Backport of a292ad1105 from stable/1.6.x
2014-01-20 20:08:59 -05:00
Baptiste Mispelon 0946aac61d [1.5.x] Fixed #20659 -- Fixed PublisherDetail in CBV topic documentation.
Thanks to tudor.prodan, susan, and Tim Graham for the report and reviews.

Backport of 88de53d4a8 from master.
2014-01-20 23:08:03 +01:00
Jacob Kaplan-Moss 267aeabfc7 [1.5.x] Added a note about LTS releases.
Backport of a44cbca2a5 from master.
2014-01-19 18:46:18 +01:00
Tim Graham f746d1fc74 [1.5.x] Fixed #20052 -- Discouraged use of Jython given the current state of django-jython.
Thanks Josh Juneau (maintainer of django-jython) for the review.

Backport of a67e327db5 from master
2014-01-17 09:29:19 -05:00
Tim Graham b83dae688e [1.5.x] Fixed #21768 -- Corrected TemplateView context section.
Thanks nedbatchelder for the report and claudep for the patch.

Backport of c05b2f58e7 from master
2014-01-16 07:59:18 -05:00
Kevin Wood a32680407b [1.5.x] Fixed typo in storage docs
Backport of 82f466b571 from master
2014-01-15 18:45:06 -05:00
Tim Graham 1ccfcbe13e [1.5.x] Fixed a sentence in the session security docs; thanks claudep.
Backport of 4d27d311f6 from master
2014-01-03 12:04:23 -05:00
Frank Tobia ca4cd3fd10 [1.5.x] Fixed typos. Changed grammar.
Backport of 6dd8631617 from master
2014-01-02 16:28:10 -05:00
Nathan Smith 4d05e672bf [1.5.x] Fixed minor typos.
Backport of 44d40ba521 from master
2014-01-02 16:22:26 -05:00
Tim Graham bbcdfb4d69 [1.5.x] Fixed version number in docs/conf.py
Since there are no more alpha/beta/rcs for 1.5
we can set release=version.
2014-01-01 11:54:04 -05:00
Tim Graham f20da28297 [1.5.x] Fixed #21708 -- Added some headings to separate unrelated topics.
Thanks ashley at ashleymills.com for the suggestion.

Backport of 270f7e2167 from master
2013-12-30 17:57:47 -05:00
Tim Graham 3cf9ba5fa3 [1.5.x] Fixed #21710 -- Documented User.get_short_name()
Thanks Keryn Knight for the report.

Backport of 0150830687 from master
2013-12-30 17:46:56 -05:00
Tim Graham 66ada281d5 [1.5.x] Fixed #21582 -- Corrected URL namespace example.
Thanks oubiga for the report.

Backport of 025ec2e7fe from master
2013-12-26 20:06:33 -05:00
Tim Graham fc2c8ee4c8 [1.5.x] Fixed #21663 -- Added missing WSGIPythonPath in mod_wsgi config.
Thanks carrie.hazelton at altamiracorp.com for the report.

Backport of e82e7ae1e8 from master
2013-12-25 06:11:25 -05:00
Tim Graham 6980059af2 [1.5.x] Fixed #21613 -- Removed a hardcoded input id from the tutorial.
Thanks Bruno Brouard for the report.

Backport of cc2d960274 from master
2013-12-18 18:37:14 -05:00
Kevin Christopher Henry 6833773775 [1.5.x] Fixed #21632 -- Docs: Removed example with callable as query parameter
Using callables as query parameters is undocumented and not working,
so this changes an example from the ForeignKey.limit_choices_to
documentation that uses it.

Backport of d34c8c338a from master
2013-12-18 12:38:00 -05:00
Alasdair Nicol e4174da34a [1.5.x] Fixed #21539 -- Added example of modelformset_factory's form argument
Backport of 1fa681ee11 from master
2013-12-14 16:36:27 -05:00
Ben Spaulding a53820b1b1 [1.5.x] Fixed #21594 -- Added note about model formsets deleting objects.
This behavior has been fixed in 65e03a424e. refs #10284.

Backport of de1d5d5df5 from stable/1.6.x.
2013-12-11 14:43:44 -05:00
Aymeric Augustin deeed42253 [1.5.x] Fixed #21558 -- Support building CHM files.
Thanks Michał Pasternak.

Backport of cd9e85ec from master.
2013-12-04 16:52:04 +01:00
Alasdair Nicol 86c5115cad [1.5.x] Fixed #21538 -- Added numpy to test/requirements/base.txt
Thanks Tim Graham for the report

Backport of c75dd664c from master
2013-12-02 13:41:18 -05:00
Baptiste Mispelon 0e98050847 [1.5.x] Fixed #21515 -- Corrected example of template.Context in documentation.
Thanks to trac user oubiga for the report.

Backport of 077af42139 from master.
2013-11-28 01:00:32 +01:00
Ludwik Trammer e19506d14e [1.5.x] Fixed #21507 -- Corrected default widget information for FileField
Backport of 70e61310d6 from master
2013-11-25 08:27:35 -05:00
Tim Graham c0c7795562 [1.5.x] Fixed typo in previous commit; refs #21490.
Backport of 03bc0a8ac5 from master
2013-11-24 16:29:14 -05:00
Tim Graham 0934894976 [1.5.x] Fixed #21490 -- Fixed custom admin URL reverse example.
Thanks glarrain for the report.

Backport of bfe7377adb from master
2013-11-24 15:19:39 -05:00
Aymeric Augustin 01fed9c258 Removed obsolete deprecation notes. 2013-11-23 14:47:41 +01:00
Baptiste Mispelon 0bb05f6b92 [1.5.x] Fix #20054: Removed links to modwsgi.org.
Backport of 957fcd0c9f from master.
2013-11-22 09:15:37 +01:00