django

Commit Graph

Author	SHA1	Message	Date
Dmitry Dygalo	5155c2b458	Fixed typo in 1.9.3/1.8.10 release date.	2016-03-02 07:08:36 -05:00
Florian Apolloner	67b46ba701	Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login. This is a security fix.	2016-03-01 11:25:28 -05:00
Mark Striemer	c5544d2892	Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth. This is a security fix.	2016-03-01 11:25:28 -05:00
Tim Graham	f43291639b	Added stub release notes for security issues.	2016-03-01 11:25:28 -05:00
Simon Charette	3938b3ccaa	Fixed #26286 -- Prevented content type managers from sharing their cache. This should prevent managers methods from returning content type instances registered to foreign apps now that these managers are also attached to models created during migration phases. Thanks Tim for the review. Refs #23822.	2016-02-26 16:18:16 -05:00
Jon Dufresne	b412681359	Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets.	2016-02-24 07:02:51 -05:00
Tim Graham	b1afebf882	Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator. Thanks Shai Berger for the review.	2016-02-18 19:06:49 -05:00
Claude Paroz	928c12eb1a	Fixed #26215 -- Fixed RangeField/ArrayField serialization with None values Also added tests for HStoreField and JSONField. Thanks Aleksey Bukin for the report and Tim Graham for the initial patch and the review.	2016-02-16 21:07:05 +01:00
Alexey Kotlyarov	b59f963ad2	Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable.	2016-02-15 11:44:29 -05:00
Simon Charette	a325fb1f9b	Fixed #26162 -- Checked query name clashes of hidden relationships. Although reverse accessor clashes should be skipped query name can't be hidden. Thanks to Ian Foote and Tim Graham for the review.	2016-02-08 09:59:27 -05:00
Tim Graham	97eb3356b2	Fixed #26177 -- Fixed a PostgreSQL crash with TIME_ZONE=None and USE_TZ=False.	2016-02-08 07:21:54 -05:00
Tim Graham	d6337e65ed	Added stub release notes for 1.8.10.	2016-02-06 09:24:20 -05:00

12 Commits