diff --git a/docs/releases/3.0.txt b/docs/releases/3.0.txt index 1c39980a91e..06109b924e5 100644 --- a/docs/releases/3.0.txt +++ b/docs/releases/3.0.txt @@ -501,7 +501,8 @@ Django 3.0, we're removing these APIs at this time. ``six.python_2_unicode_compatible()``. * ``django.utils.functional.curry()`` - Use :func:`functools.partial` or - :class:`functools.partialmethod`. See :commit:`5b1c389603a353625ae1603`. + :class:`functools.partialmethod`. See + :commit:`5b1c389603a353625ae1603ba345147356336afb`. * ``django.utils.safestring.SafeBytes`` - Unused since Django 2.0. diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 0af341fe4ca..d6f979663a8 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -999,8 +999,8 @@ September 9, 2011 - :cve:`2011-4139` Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.2 :commit:`(patch) ` -* Django 1.3 :commit:`(patch) <2f7fadc38e>` +* Django 1.2 :commit:`(patch) ` +* Django 1.3 :commit:`(patch) <2f7fadc38efa58ac0a8f93f936b82332a199f396>` September 9, 2011 - :cve:`2011-4138` ------------------------------------ @@ -1012,8 +1012,8 @@ Information leakage/arbitrary request issuance via ``URLField.verify_exists``. Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.2: :commit:`(patch) <7268f8af86>` -* Django 1.3: :commit:`(patch) <1a76dbefdf>` +* Django 1.2: :commit:`(patch) <7268f8af86186518821d775c530d5558fd726930>` +* Django 1.3: :commit:`(patch) <1a76dbefdfc60e2d5954c0ba614c3d054ba9c3f0>` September 9, 2011 - :cve:`2011-4137` ------------------------------------ @@ -1024,8 +1024,8 @@ Denial-of-service via ``URLField.verify_exists``. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.2 :commit:`(patch) <7268f8af86>` -* Django 1.3 :commit:`(patch) <1a76dbefdf>` +* Django 1.2 :commit:`(patch) <7268f8af86186518821d775c530d5558fd726930>` +* Django 1.3 :commit:`(patch) <1a76dbefdfc60e2d5954c0ba614c3d054ba9c3f0>` September 9, 2011 - :cve:`2011-4136` ------------------------------------ @@ -1036,8 +1036,8 @@ Session manipulation when using memory-cache-backed session. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.2 :commit:`(patch) ` -* Django 1.3 :commit:`(patch) ` +* Django 1.2 :commit:`(patch) ` +* Django 1.3 :commit:`(patch) ` February 8, 2011 - :cve:`2011-0698` ----------------------------------- @@ -1048,8 +1048,8 @@ description `__ Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.1 :commit:`(patch) <570a32a047>` -* Django 1.2 :commit:`(patch) <194566480b>` +* Django 1.1 :commit:`(patch) <570a32a047ea56265646217264b0d3dab1a14dbd>` +* Django 1.2 :commit:`(patch) <194566480b15cf4e294d3f03ff587019b74044b2>` February 8, 2011 - :cve:`2011-0697` ----------------------------------- @@ -1060,8 +1060,8 @@ XSS via unsanitized names of uploaded files. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.1 :commit:`(patch) <1966786d2d>` -* Django 1.2 :commit:`(patch) <1f814a9547>` +* Django 1.1 :commit:`(patch) <1966786d2dde73e17f39cf340eb33fcb5d73904e>` +* Django 1.2 :commit:`(patch) <1f814a9547842dcfabdae09573055984af9d3fab>` February 8, 2011 - :cve:`2011-0696` ----------------------------------- @@ -1072,8 +1072,8 @@ CSRF via forged HTTP headers. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.1 :commit:`(patch) <408c5c873c>` -* Django 1.2 :commit:`(patch) <818e70344e>` +* Django 1.1 :commit:`(patch) <408c5c873ce1437c7eee9544ff279ecbad7e150a>` +* Django 1.2 :commit:`(patch) <818e70344e7193f6ebc73c82ed574e6ce3c91afc>` December 22, 2010 - :cve:`2010-4535` ------------------------------------ @@ -1084,8 +1084,8 @@ Denial-of-service in password-reset mechanism. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.1 :commit:`(patch) <7f8dd9cbac>` -* Django 1.2 :commit:`(patch) ` +* Django 1.1 :commit:`(patch) <7f8dd9cbac074389af8d8fd235bf2cb657227b9a>` +* Django 1.2 :commit:`(patch) ` December 22, 2010 - :cve:`2010-4534` ------------------------------------ @@ -1096,8 +1096,8 @@ Information leakage in administrative interface. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.1 :commit:`(patch) <17084839fd>` -* Django 1.2 :commit:`(patch) <85207a245b>` +* Django 1.1 :commit:`(patch) <17084839fd7e267da5729f2a27753322b9d415a0>` +* Django 1.2 :commit:`(patch) <85207a245bf09fdebe486b4c7bbcb65300f2a693>` September 8, 2010 - :cve:`2010-3082` ------------------------------------ @@ -1108,7 +1108,7 @@ XSS via trusting unsafe cookie value. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.2 :commit:`(patch) <7f84657b6b>` +* Django 1.2 :commit:`(patch) <7f84657b6b2243cc787bdb9f296710c8d13ad0bd>` October 9, 2009 - :cve:`2009-3965` ---------------------------------- @@ -1119,8 +1119,8 @@ description `__ Versions affected ~~~~~~~~~~~~~~~~~ -* Django 1.0 :commit:`(patch) <594a28a904>` -* Django 1.1 :commit:`(patch) ` +* Django 1.0 :commit:`(patch) <594a28a9044120bed58671dde8a805c9e0f6c79a>` +* Django 1.1 :commit:`(patch) ` July 28, 2009 - :cve:`2009-2659` -------------------------------- @@ -1131,8 +1131,8 @@ Directory-traversal in development server media handler. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 0.96 :commit:`(patch) ` -* Django 1.0 :commit:`(patch) ` +* Django 0.96 :commit:`(patch) ` +* Django 1.0 :commit:`(patch) ` September 2, 2008 - :cve:`2008-3909` ------------------------------------ @@ -1157,8 +1157,8 @@ Versions affected ~~~~~~~~~~~~~~~~~ * Django 0.91 :commit:`(patch) <6e657e2c404a96e744748209e896d8a69c15fdf2>` -* Django 0.95 :commit:`(patch) <50ce7fb57d>` -* Django 0.96 :commit:`(patch) <7791e5c050>` +* Django 0.95 :commit:`(patch) <50ce7fb57d79e8940ccf6e2781f2f01df029b5c5>` +* Django 0.96 :commit:`(patch) <7791e5c050cebf86d868c5dab7092185b125fdc9>` October 26, 2007 - :cve:`2007-5712` ----------------------------------- @@ -1189,7 +1189,7 @@ Apparent "caching" of authenticated user. `Full description Versions affected ~~~~~~~~~~~~~~~~~ -* Django 0.95 :commit:`(patch) ` +* Django 0.95 :commit:`(patch) ` August 16, 2006 - :cve:`2007-0404` ---------------------------------- @@ -1202,4 +1202,5 @@ Versions affected * Django 0.90 :commit:`(patch) <6eefa521be3c658dc0b38f8d62d52e9801e198ab>` * Django 0.91 :commit:`(patch) ` -* Django 0.95 :commit:`(patch) ` (released January 21 2007) +* Django 0.95 :commit:`(patch) ` + (released January 21 2007)