From b113c6adea2e4b1759bc5dc27b6cc5cc339f633a Mon Sep 17 00:00:00 2001
From: Tim Graham <timograham@gmail.com>
Date: Sat, 4 Aug 2018 10:24:22 -0400
Subject: [PATCH] [2.0.x] Fixed #28540 -- Doc'd a change to file upload
 permissions in Django 1.11.

Behavior changed in f734e2d4b2fc4391a4d097b80357724815c1d414
(refs #27334).

Backport of 89d4d412404d31ef34ae3170c0c056eff55b2a17 from master
---
 docs/releases/1.11.txt | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/docs/releases/1.11.txt b/docs/releases/1.11.txt
index 7bcf97a1758..7851e981af0 100644
--- a/docs/releases/1.11.txt
+++ b/docs/releases/1.11.txt
@@ -777,6 +777,13 @@ Miscellaneous
   :data:`~django.core.validators.validate_image_file_extension` validator.
   See the note in :meth:`.Client.post`.
 
+* :class:`~django.db.models.FileField` now moves rather than copies the file
+  it receives. With the default file upload settings, files larger than
+  :setting:`FILE_UPLOAD_MAX_MEMORY_SIZE` now have the same permissions as
+  temporary files (often ``0o600``) rather than the system's standard umask
+  (often ``0o6644``). Set the :setting:`FILE_UPLOAD_PERMISSIONS` if you need
+  the same permission regardless of file size.
+
 .. _deprecated-features-1.11:
 
 Features deprecated in 1.11