e8e28e747f
[2.2.x] Updated CVE URL.
...
Backport of 656b331b13
2021-01-02 12:51:06 +01:00
e893c0ad8b
[2.2.x] Fixed #31850 -- Fixed BasicExtractorTests.test_extraction_warning with xgettext 0.21+.
...
"format string with unnamed arguments cannot be properly localized"
warning is not raised in xgettext 0.21+.
This patch uses a message that causes an xgettext warning regardless of
the version.
Backport of 07a30f5616
2020-11-02 10:30:40 +01:00
3da29a30c6
[2.2.x] Post-release version bump.
2020-11-02 08:55:25 +01:00
c769f65c98
[2.2.x] Bumped version for 2.2.17 release.
2020-11-02 08:49:01 +01:00
3db9a7aa8b
[2.2.x] Set release date for 2.2.17.
...
Backport of 7fc07b9b2b
2020-11-02 08:39:12 +01:00
b4b8ca4895
[2.2.x] Refs #31040 -- Doc'd Python 3.9 compatibility.
...
Backport of e18156b6c3
2020-10-13 08:45:37 +02:00
01742aa932
[2.2.x] Refs #31040 -- Fixed Python PendingDeprecationWarning in select_for_update.tests.
...
Backport of 0dd2308cf6
2020-10-12 12:21:33 +02:00
87b9a8b4de
[2.2.x] Refs #31040 -- Fixed crypt.crypt() call in test_hashers.py.
...
An empty string is invalid salt in Python 3 and raises exception since
Python 3.9, see https://bugs.python.org/issue38402 .
Backport of 1960d55f8b
2020-10-07 09:16:58 +02:00
657fea55cb
[2.2.x] Skipped GetImageDimensionsTests.test_webp when WEBP is not installed.
...
Bumped minimum Pillow version to 4.2.0 in test requirements.
Backport of fce389af7c
2020-10-06 11:32:34 +02:00
0f6e73e567
[2.2.x] Added CVE-2020-24583 & CVE-2020-24584 to security archive.
...
Backport of d5b526bf78
2020-09-01 11:39:59 +02:00
65078cf060
[2.2.x] Added CVE-2020-13254 and CVE-2020-13596 to security archive.
...
Backport of 54975780ee
2020-09-01 11:39:57 +02:00
0696540e23
[2.2.x] Post-release version bump.
2020-09-01 10:43:21 +02:00
bf07047f45
[2.2.x] Bumped version for 2.2.16 release.
2020-09-01 10:30:56 +02:00
dfcecb6e6c
[2.2.x] Added release date for 2.2.16.
...
Backport of 976e2b7420
2020-09-01 10:00:28 +02:00
a3aebfdc81
[2.2.x] Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+.
...
Backport of f56b57976133129b0b351a38bba4ac882badabf0 from master.
2020-08-25 11:09:40 +02:00
375657a71c
[2.2.x] Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
...
Thanks WhiteSage for the report.
Backport of ea0febbba531a3ecc8c77b570efbfb68ca7155db from master.
2020-08-25 10:59:42 +02:00
dc39e62e6b
[2.2.x] Refs #31863 -- Added release notes for 94ea79be13.
...
Backport of 21768a99f4
2020-08-13 16:32:58 +02:00
0a7d321bf7
[2.2.x] Fixed #31863 -- Prevented mutating model state by copies of model instances.
...
Regression in bfb746f98394ea79be13
2020-08-13 15:28:21 +02:00
839f906a23
[2.2.x] Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()).
...
Backport of 60626162f7
2020-08-11 12:33:18 +02:00
30706246e7
[2.2.x] Added stub release notes for 2.2.16.
...
Backport of 8a5683b6b2
2020-08-11 11:14:35 +02:00
337dd0221e
[2.2.x] Post-release version bump.
2020-08-03 09:12:12 +02:00
bf6c58435d
[2.2.x] Bumped version for 2.2.15 release.
2020-08-03 09:10:01 +02:00
b70595c94c
[2.2.x] Added release date for 2.2.15.
...
Backport of b68b8cb89a
2020-08-03 08:58:00 +02:00
d74e1c0521
[2.2.x] Pinned geoip2 < 4.0.0 in test requirements.
...
geoip2 4+ doesn't support Python 3.5.
2020-07-23 10:07:35 +02:00
eb81593875
[2.2.x] Fixed #31805 -- Fixed SchemaTests.tearDown() when table names are case-insensitive.
...
Backport of fd53db842c
2020-07-22 12:52:45 +02:00
1a3835fdf3
[2.2.x] Fixed #31784 -- Fixed crash when sending emails on Python 3.6.11+, 3.7.8+, and 3.8.4+.
...
Fixed sending emails crash on email addresses with display names longer
then 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+.
Wrapped display names were passed to email.headerregistry.Address()
what caused raising an exception because address parts cannot contain
CR or LF.
See https://bugs.python.org/issue39073
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Backport of 96a3ea39ef
2020-07-20 08:11:30 +02:00
f1a6e6c817
[2.2.x] Fixed #31790 -- Fixed setting SameSite cookies flag in HttpResponse.delete_cookie().
...
Cookies with the "SameSite" flag set to None and without the "secure"
flag will be soon rejected by latest browser versions.
This affects sessions and messages cookies.
Backport of 331324ecce
2020-07-16 09:35:35 +02:00
6f09ee2be3
[2.2.x] Fixed #30945 -- Doc'd plural equations changes in 2.2. release notes.
...
Backport of 392036be29
2020-07-03 09:39:49 +02:00
5968a23e15
[2.2.x] Fixed ForeignKeyRawIdWidgetTest.test_render_unsafe_limit_choices_to on Python 3.5.
2020-07-02 10:59:15 +02:00
202ac0b2a1
[2.2.x] Post-release version bump.
2020-07-01 06:42:42 +02:00
74934f7e43
[2.2.x] Bumped version for 2.2.14 release.
2020-07-01 06:37:55 +02:00
ee9bd41a72
[2.2.x] Added release date for 2.2.14.
...
Backport of 0f3aecf581
2020-07-01 06:19:44 +02:00
fc2a3682f6
[2.2.x] Refs #31751 -- Doc'd that cx_Oracle < 8 is required.
2020-06-30 09:47:50 +02:00
9ecce34afe
[2.2.x] Refs #31682 -- Doc'd minimal sqlparse version in Django 2.2.
...
Support for sqlparse < 0.2.2 was broken in
40b0a58f5f4339f2aff2
2020-06-10 06:55:55 +02:00
cdad78e6ee
[2.2.x] Refs #30183 -- Doc'd dropping support for sqlparse < 0.2.2.
...
Support for sqlparse < 0.2.2 was broken in
782d85b6df4b6db766ba
2020-06-10 06:18:44 +02:00
b2b2723512
[2.2.x] Fixed #31654 -- Fixed cache key validation messages.
...
Backport of 926148ef01
2020-06-05 07:24:04 +02:00
b87719034a
[2.2.x] Fixed ForeignKeyRawIdWidgetTest.test_render_unsafe_limit_choices_to on Python 3.5.
2020-06-04 07:37:40 +02:00
ea9bc392c4
[2.2.x] Refs CVE-2020-13254 -- Fixed cache.tests when KEY_PREFIX is defined.
...
Follow up to 2c82414914229c9c6653
2020-06-03 13:01:31 +02:00
2661c22eb1
[2.2.x] Post-release version bump.
2020-06-03 10:50:32 +02:00
8093aaa8ff
[2.2.x] Bumped version for 2.2.13 release.
2020-06-03 10:49:41 +02:00
07e59caa02
[2.2.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached backends.
2020-06-03 09:34:29 +02:00
6d61860b22
[2.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdWidget.
2020-06-03 09:33:38 +02:00
7e1084ead0
[2.2.x] Added release date for 2.2.13.
...
Backport of 81dc710571
2020-06-03 09:16:04 +02:00
2b69680264
[2.2.x] Refs #31485 -- Backported jQuery upgrade to 3.5.1.
2020-06-02 14:35:54 +02:00
8301bc9cfa
[2.2.x] Fixed E128, E741 flake8 warnings.
...
Backport of 0668164b4a
2020-06-02 11:04:23 +02:00
c7bab8d2b7
[2.2.x] Fixed term warning on Sphinx 3.0.1+.
...
"term" role became case sensitive in Sphinx 3.0.1.
Backport of cc70a0343e
2020-06-02 10:57:46 +02:00
79baf338ae
[2.2.x] Fixed highlightlang deprecation warning on Sphinx 1.8+.
...
Backport of 678f958ef9
2020-06-02 10:57:25 +02:00
151a83e92c
[2.2.x] Fixed CodeBlock deprecation warning on Sphinx 2.1+.
...
Backport of a4e4737cf3
2020-06-02 10:56:22 +02:00
b0d810a77b
[2.2.x] Fixed Sphinx warnings on duplicate object descriptions.
...
Backport of 69e2cd6fed
2020-06-02 10:47:40 +02:00
027840d7de
[2.2.x] Fixed #31570 -- Corrected translation loading for apps providing territorial language variants with different plural equations.
...
Regression in e3e48b0012dd1ca50b09
2020-06-01 09:29:03 +02:00
Tim Graham
Max Smolens
Carlton Gibson
Mariusz Felisiak
Jon Dufresne
Gert Burger
Daniel Hillier
Florian Apolloner
David Smith
Stephen Rauch
Dan Palmer
Carlton Gibson