p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
django/docs/releases
History
Mariusz Felisiak b55699968f
Fixed #32718 -- Relaxed file name validation in FileField. 
- Validate filename returned by FileField.upload_to() not a filename
  passed to the FileField.generate_filename() (upload_to() may
  completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.

Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.

Regression in 0b79eb3691.
 		2021-05-13 08:53:44 +02:00
..
0.95.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
0.96.txt Fixed spelling of "nonexistent". 2017-02-03 08:01:45 -05:00
1.0-porting-guide.txt Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments. 2020-05-04 12:10:47 +02:00
1.0.1.txt
1.0.2.txt
1.0.txt Refs #25778 -- Updated some links to HTTPS and new locations. 2020-01-29 09:34:37 +01:00
1.1.2.txt Updated capitalization in the word "JavaScript" for consistency 2015-05-01 13:26:42 -04:00
1.1.3.txt Refs #31670 -- Removed whitelist/blacklist terminology in docs and comments. 2020-06-17 13:15:56 +02:00
1.1.4.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.1.txt Removed extra characters in docs header underlines. 2019-02-08 21:38:30 +01:00
1.2.1.txt Used 🎫 role in all tickets links. 2019-11-26 14:02:24 +01:00
1.2.2.txt
1.2.3.txt
1.2.4.txt Refs #31670 -- Removed whitelist/blacklist terminology in docs and comments. 2020-06-17 13:15:56 +02:00
1.2.5.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.2.6.txt
1.2.7.txt
1.2.txt Used :envvar: role and .. envvar:: directive in various docs. 2020-05-13 09:14:40 +02:00
1.3.1.txt
1.3.2.txt
1.3.3.txt
1.3.4.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.3.5.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.3.6.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.3.7.txt
1.3.txt Fixed #31696 -- Updated OWASP links in docs. 2020-06-15 09:44:08 +02:00
1.4.1.txt
1.4.2.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.4.3.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.4.4.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.4.5.txt
1.4.6.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.4.7.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.4.8.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.4.9.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.4.10.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.4.11.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.4.12.txt Fixed #26013 -- Moved django.core.urlresolvers to django.urls. 2015-12-31 14:21:29 -05:00
1.4.13.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.4.14.txt Fixed #26013 -- Moved django.core.urlresolvers to django.urls. 2015-12-31 14:21:29 -05:00
1.4.15.txt Used the 🎫 syntax more extensively 2014-12-19 18:07:52 +01:00
1.4.16.txt Used the 🎫 syntax more extensively 2014-12-19 18:07:52 +01:00
1.4.17.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.4.18.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.4.19.txt Fixed #25778 -- Updated docs links to use https when available. 2015-12-01 08:01:34 -05:00
1.4.20.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.4.21.txt Prevented newlines from being accepted in some validators. 2015-07-08 15:23:03 -04:00
1.4.22.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.4.txt Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline. 2021-01-14 17:50:04 +01:00
1.5.1.txt Added documentation extlink for bugs.python.org. 2021-02-17 14:24:42 +01:00
1.5.2.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.5.3.txt Changed docs and a code comment to use gender-neutral pronouns. 2020-11-13 22:26:30 +01:00
1.5.4.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.5.5.txt Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
1.5.6.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.5.7.txt Fixed #26013 -- Moved django.core.urlresolvers to django.urls. 2015-12-31 14:21:29 -05:00
1.5.8.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.5.9.txt Fixed #26013 -- Moved django.core.urlresolvers to django.urls. 2015-12-31 14:21:29 -05:00
1.5.10.txt Used the 🎫 syntax more extensively 2014-12-19 18:07:52 +01:00
1.5.11.txt Used the 🎫 syntax more extensively 2014-12-19 18:07:52 +01:00
1.5.12.txt Added dates to release notes. 2015-01-02 19:20:18 -05:00
1.5.txt Used :mimetype: role in various docs. 2020-05-13 09:14:04 +02:00
1.6.1.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.6.2.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.6.3.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.6.4.txt Fixed #26013 -- Moved django.core.urlresolvers to django.urls. 2015-12-31 14:21:29 -05:00
1.6.5.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.6.6.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.6.7.txt
1.6.8.txt
1.6.9.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.6.10.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.6.11.txt Added documentation extlink for bugs.python.org. 2021-02-17 14:24:42 +01:00
1.6.txt Fixed typos in assertQuerysetEqual() docs and 1.6 release notes. 2021-02-26 09:10:52 +01:00
1.7.1.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.7.2.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
1.7.3.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.7.4.txt Added 1.4.19 release notes. 2015-01-27 11:48:04 -05:00
1.7.5.txt Added release date for 1.7.5 release. 2015-02-25 08:47:11 -05:00
1.7.6.txt Refs #24461 -- Added test/release notes for XSS issue in ModelAdmin.readonly_fields 2015-03-09 10:12:21 -04:00
1.7.7.txt Added documentation extlink for bugs.python.org. 2021-02-17 14:24:42 +01:00
1.7.8.txt Added dates to release notes. 2015-05-01 16:24:39 -04:00
1.7.9.txt Prevented newlines from being accepted in some validators. 2015-07-08 15:23:03 -04:00
1.7.10.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.7.11.txt Added release date for 1.8.7/1.7.11 releases. 2015-11-24 11:20:29 -05:00
1.7.txt Refs #15902 -- Stopped set_language() storing user's language in the session. 2021-01-14 17:50:04 +01:00
1.8.1.txt Fixed #31534 -- Deprecated django.conf.urls.url(). 2020-05-05 07:34:34 +02:00
1.8.2.txt Added release date for 1.8.2. 2015-05-20 13:48:06 -04:00
1.8.3.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.8.4.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.8.5.txt Added release date for 1.8.5. 2015-10-03 19:31:45 -04:00
1.8.6.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
1.8.7.txt Refs #23919 -- Removed Python 2 notes in docs. 2017-01-18 11:51:29 -05:00
1.8.8.txt Added release date for 1.9.1/1.8.8 releases. 2016-01-02 08:35:54 -05:00
1.8.9.txt Added release dates for 1.9.2 and 1.8.9. 2016-02-01 12:02:16 -05:00
1.8.10.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.8.11.txt Added safety to URL decoding in is_safe_url() on Python 2 2016-03-04 23:33:35 +01:00
1.8.12.txt Added release date for 1.9.5 and 1.8.12. 2016-04-01 13:29:43 -04:00
1.8.13.txt Added release date for 1.9.6/1.8.13. 2016-05-02 18:16:36 -04:00
1.8.14.txt Fixed XSS in admin's add/change related popup. 2016-07-18 11:17:01 -04:00
1.8.15.txt Added release notes for 1.9.10 and 1.8.15 releases. 2016-09-26 13:55:21 -04:00
1.8.16.txt Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
1.8.17.txt Added release dates for 1.10.4, 1.9.12, 1.8.17. 2016-12-01 17:15:04 -05:00
1.8.18.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.8.19.txt Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. 2018-03-06 08:30:40 -05:00
1.8.txt Used :pep: role in various docs. 2020-05-13 09:14:04 +02:00
1.9.1.txt Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
1.9.2.txt Added release dates for 1.9.2 and 1.8.9. 2016-02-01 12:02:16 -05:00
1.9.3.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.9.4.txt Added safety to URL decoding in is_safe_url() on Python 2 2016-03-04 23:33:35 +01:00
1.9.5.txt Added release date for 1.9.5 and 1.8.12. 2016-04-01 13:29:43 -04:00
1.9.6.txt Added release date for 1.9.6/1.8.13. 2016-05-02 18:16:36 -04:00
1.9.7.txt Added release date for 1.9.7. 2016-06-04 19:24:51 -04:00
1.9.8.txt Fixed XSS in admin's add/change related popup. 2016-07-18 11:17:01 -04:00
1.9.9.txt Added release dates for 1.10 and 1.9.9 2016-08-01 13:55:08 -04:00
1.9.10.txt Added release notes for 1.9.10 and 1.8.15 releases. 2016-09-26 13:55:21 -04:00
1.9.11.txt Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
1.9.12.txt Added release dates for 1.10.4, 1.9.12, 1.8.17. 2016-12-01 17:15:04 -05:00
1.9.13.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.9.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
1.10.1.txt Added release date for 1.10.1. 2016-09-01 16:24:46 -04:00
1.10.2.txt Fixed #27302 -- Fixed ModelAdmin.construct_change_message() changed field detection 2016-10-01 20:14:27 +02:00
1.10.3.txt Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
1.10.4.txt Added release dates for 1.10.4, 1.9.12, 1.8.17. 2016-12-01 17:15:04 -05:00
1.10.5.txt Added release date for 1.10.5. 2017-01-04 13:20:01 -05:00
1.10.6.txt Fixed typo in docs/releases/1.10.6.txt. 2017-03-01 10:11:32 -05:00
1.10.7.txt Refs #17209 -- Removed login/logout and password reset/change function-based views. 2017-09-22 12:51:17 -04:00
1.10.8.txt Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page. 2017-09-05 10:58:38 -04:00
1.10.txt Updated links to DEPs. 2021-02-25 17:22:07 +01:00
1.11.1.txt Corrected docs spelling of PgBouncer. 2020-04-01 14:55:11 +02:00
1.11.2.txt Added release date for 1.11.2. 2017-06-01 11:09:51 -04:00
1.11.3.txt Added release date for 1.11.3. 2017-07-01 19:13:35 -04:00
1.11.4.txt Added release date for 1.11.4. 2017-08-01 08:08:18 -04:00
1.11.5.txt Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page. 2017-09-05 10:58:38 -04:00
1.11.6.txt Added release date for 1.11.6. 2017-10-05 14:13:32 -04:00
1.11.7.txt Added release date for 1.11.7. 2017-11-01 21:11:38 -04:00
1.11.8.txt Added release dates for 2.0 and 1.11.8. 2017-12-02 08:55:33 -05:00
1.11.9.txt Added release date for 2.0.1 and 1.11.9. 2018-01-01 19:34:34 -05:00
1.11.10.txt Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. 2018-02-01 09:05:14 -05:00
1.11.11.txt Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. 2018-03-06 08:30:40 -05:00
1.11.12.txt Added release date for 2.0.4 and 1.11.12. 2018-04-02 21:36:23 -04:00
1.11.13.txt Added release date for 2.0.5 and 1.11.13. 2018-05-01 21:18:44 -04:00
1.11.14.txt Added release date for 1.11.14. 2018-07-02 10:12:20 +02:00
1.11.15.txt Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. 2018-08-01 09:28:42 -04:00
1.11.16.txt Added release date for 1.11.16. 2018-10-01 09:34:57 +02:00
1.11.17.txt Added release date for 1.11.17. 2018-12-03 15:14:58 +01:00
1.11.18.txt Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page. 2019-01-03 21:21:55 -05:00
1.11.19.txt Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes. 2019-06-21 07:07:23 +02:00
1.11.20.txt Refs #30175 -- Added release notes for 2.1.7, 2.0.12, and 1.11.20 releases. 2019-02-11 15:46:33 +01:00
1.11.21.txt Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes. 2019-06-03 14:08:51 +02:00
1.11.22.txt Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. 2019-07-01 07:48:04 +02:00
1.11.23.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
1.11.24.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
1.11.25.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
1.11.26.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
1.11.27.txt Fixed CVE-2019-19844 -- Used verified user email for password reset requests. 2019-12-18 09:11:39 +01:00
1.11.28.txt Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter. 2020-02-03 08:49:13 +01:00
1.11.29.txt Fixed typo in docs/releases/1.11.29.txt. 2020-03-04 10:46:43 +01:00
1.11.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.0.1.txt Added release date for 2.0.1 and 1.11.9. 2018-01-01 19:34:34 -05:00
2.0.2.txt Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. 2018-02-01 09:05:14 -05:00
2.0.3.txt Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. 2018-03-06 08:30:40 -05:00
2.0.4.txt Prevented (and corrected) single backtick usage in docs. 2020-04-01 14:55:11 +02:00
2.0.5.txt Fixed typo in docs/releases/2.0.5.txt. 2018-08-21 09:48:14 -04:00
2.0.6.txt Fixed #28462 -- Decreased memory usage with ModelAdmin.list_editable. 2018-06-01 10:41:05 -04:00
2.0.7.txt Forwardported 2.0.7 release note. 2018-06-28 11:07:37 -04:00
2.0.8.txt Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. 2018-08-01 09:28:42 -04:00
2.0.9.txt Added release date for 2.0.9 release. 2018-10-01 09:55:56 +02:00
2.0.10.txt Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page. 2019-01-03 21:21:55 -05:00
2.0.11.txt Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes. 2019-06-21 07:07:23 +02:00
2.0.12.txt Refs #30175 -- Added release notes for 2.1.7, 2.0.12, and 1.11.20 releases. 2019-02-11 15:46:33 +01:00
2.0.13.txt Refs #30177 -- Forwardported 2.0.13 release notes. 2019-02-11 15:45:04 -05:00
2.0.txt Capitalized Unicode in docs, strings, and comments. 2020-04-20 12:10:33 +02:00
2.1.1.txt Added release date for 2.1.1. 2018-08-31 10:12:51 +02:00
2.1.2.txt Added release date for 2.1.2 release. 2018-10-01 10:10:48 +02:00
2.1.3.txt Added release date for 2.1.2 release. 2018-11-01 15:02:22 +01:00
2.1.4.txt Added release date for 2.1.4. 2018-12-03 17:29:46 +01:00
2.1.5.txt Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page. 2019-01-03 21:21:55 -05:00
2.1.6.txt Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes. 2019-06-21 07:07:23 +02:00
2.1.7.txt Refs #30175 -- Added release notes for 2.1.7, 2.0.12, and 1.11.20 releases. 2019-02-11 15:46:33 +01:00
2.1.8.txt Fixed #30289 -- Prevented admin inlines for a ManyToManyField's implicit through model from being editable if the user only has the view permission. 2019-03-30 16:49:16 -04:00
2.1.9.txt Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes. 2019-06-03 14:08:51 +02:00
2.1.10.txt Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. 2019-07-01 07:48:04 +02:00
2.1.11.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.1.12.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.1.13.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.1.14.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.1.15.txt Preferred usage of among/while to amongst/whilst. 2020-06-03 21:02:48 +02:00
2.1.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.2.1.txt Used :envvar: role and .. envvar:: directive in various docs. 2020-05-13 09:14:40 +02:00
2.2.2.txt Fixed typos in 1.11.21, 2.1.9, 2.2.2 release notes. 2019-06-03 14:08:51 +02:00
2.2.3.txt Added release date for 2.2.3. 2019-07-01 07:48:45 +02:00
2.2.4.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.2.5.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.2.6.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.2.7.txt Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
2.2.8.txt Preferred usage of among/while to amongst/whilst. 2020-06-03 21:02:48 +02:00
2.2.9.txt Fixed CVE-2019-19844 -- Used verified user email for password reset requests. 2019-12-18 09:11:39 +01:00
2.2.10.txt Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter. 2020-02-03 08:49:13 +01:00
2.2.11.txt Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle. 2020-03-04 09:04:50 +01:00
2.2.12.txt Added release dates for 2.1.12 and 3.0.5. 2020-04-01 09:14:56 +02:00
2.2.13.txt Fixed CVE-2020-13254 -- Enforced cache key validation in memcached backends. 2020-06-03 09:24:26 +02:00
2.2.14.txt Added release date for 2.2.14 and 3.0.8. 2020-07-01 06:16:32 +02:00
2.2.15.txt Added release date for 2.2.15 and 3.0.9. 2020-08-03 08:52:28 +02:00
2.2.16.txt Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
2.2.17.txt Set release date for 3.1.3, 3.0.11, and 2.2.17. 2020-11-02 08:35:24 +01:00
2.2.18.txt Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 2021-02-01 09:07:36 +01:00
2.2.19.txt Refs CVE-2021-23336 -- Updated tests and release notes for affected versions. 2021-02-19 09:03:06 +01:00
2.2.20.txt Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files. 2021-04-06 08:15:17 +02:00
2.2.21.txt Refs #32718 -- Corrected CVE-2021-31542 release notes. 2021-05-12 10:42:01 +02:00
2.2.22.txt Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+. 2021-05-06 08:45:23 +02:00
2.2.23.txt Fixed #32718 -- Relaxed file name validation in FileField. 2021-05-13 08:53:44 +02:00
2.2.txt Refs #31040 -- Doc'd Python 3.9 compatibility. 2020-10-13 08:35:01 +02:00
3.0.1.txt Used :envvar: role and .. envvar:: directive in various docs. 2020-05-13 09:14:40 +02:00
3.0.2.txt Added release date for 3.0.2. 2020-01-02 07:55:53 +01:00
3.0.3.txt Added release date for 3.0.3. 2020-02-03 08:52:16 +01:00
3.0.4.txt Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS functions and aggregates on Oracle. 2020-03-04 09:04:50 +01:00
3.0.5.txt Added release dates for 2.1.12 and 3.0.5. 2020-04-01 09:14:56 +02:00
3.0.6.txt Fixed typo in docs/releases/3.0.6.txt. 2020-05-04 07:42:25 +02:00
3.0.7.txt Fixed CVE-2020-13254 -- Enforced cache key validation in memcached backends. 2020-06-03 09:24:26 +02:00
3.0.8.txt Added release date for 2.2.14 and 3.0.8. 2020-07-01 06:16:32 +02:00
3.0.9.txt Added release date for 2.2.15 and 3.0.9. 2020-08-03 08:52:28 +02:00
3.0.10.txt Added release date for 3.1.1, 3.0.10, and 2.2.16. 2020-09-01 09:56:42 +02:00
3.0.11.txt Set release date for 3.1.3, 3.0.11, and 2.2.17. 2020-11-02 08:35:24 +01:00
3.0.12.txt Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 2021-02-01 09:07:36 +01:00
3.0.13.txt Refs CVE-2021-23336 -- Updated tests and release notes for affected versions. 2021-02-19 09:03:06 +01:00
3.0.14.txt Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files. 2021-04-06 08:15:17 +02:00
3.0.txt Refs #31040 -- Doc'd Python 3.9 compatibility. 2020-10-13 08:35:01 +02:00
3.1.1.txt Refs #31956 -- Doc'd consequences of disabling psycopg2's JSONB typecaster. 2020-09-10 11:00:13 +02:00
3.1.2.txt Added release date for 3.1.2. 2020-10-01 07:22:28 +02:00
3.1.3.txt Set release date for 3.1.3, 3.0.11, and 2.2.17. 2020-11-02 08:35:24 +01:00
3.1.4.txt Added release date for 3.1.4. 2020-12-01 06:24:16 +01:00
3.1.5.txt Added release date for 3.1.5. 2021-01-04 08:31:51 +01:00
3.1.6.txt Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 2021-02-01 09:07:36 +01:00
3.1.7.txt Refs CVE-2021-23336 -- Updated tests and release notes for affected versions. 2021-02-19 09:03:06 +01:00
3.1.8.txt Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files. 2021-04-06 08:15:17 +02:00
3.1.9.txt Refs #32718 -- Corrected CVE-2021-31542 release notes. 2021-05-12 10:42:01 +02:00
3.1.10.txt Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+. 2021-05-06 08:45:23 +02:00
3.1.11.txt Fixed #32718 -- Relaxed file name validation in FileField. 2021-05-13 08:53:44 +02:00
3.1.txt Fixed #32348, Refs #29087 -- Corrected tutorial for updated deleting inlines UI. 2021-01-27 08:44:36 +01:00
3.2.1.txt Refs #32718 -- Corrected CVE-2021-31542 release notes. 2021-05-12 10:42:01 +02:00
3.2.2.txt Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+. 2021-05-06 08:45:23 +02:00
3.2.3.txt Fixed #32718 -- Relaxed file name validation in FileField. 2021-05-13 08:53:44 +02:00
3.2.txt Refs #32674 -- Noted that auto-created through table PKs cannot be automatically migrated. 2021-04-29 13:53:56 +02:00
4.0.txt Fixed #32031 -- Added model class for each model to AdminSite.each_context(). 2021-05-13 06:57:09 +02:00
index.txt Fixed #32718 -- Relaxed file name validation in FileField. 2021-05-13 08:53:44 +02:00
security.txt Added CVE-2021-32052 to security archive. 2021-05-06 09:58:24 +02:00