From e9c5c3963138b86678e90622789a30ced668b3dd Mon Sep 17 00:00:00 2001
From: Claude Paroz <claude@2xlibre.net>
Date: Sat, 8 Aug 2015 13:56:37 +0200
Subject: [PATCH] Updated various links in docs

---
 docs/faq/admin.txt                            |  2 +-
 docs/howto/auth-remote-user.txt               |  2 +-
 docs/howto/jython.txt                         |  2 +-
 docs/howto/upgrade-version.txt                |  2 +-
 docs/howto/windows.txt                        |  4 +-
 .../contributing/committing-code.txt          |  2 +-
 .../contributing/writing-code/unit-tests.txt  |  2 +-
 docs/internals/team.txt                       | 16 ++--
 docs/ref/clickjacking.txt                     |  4 +-
 docs/ref/contrib/gis/gdal.txt                 |  6 +-
 docs/ref/contrib/gis/install/geolibs.txt      |  2 +-
 docs/ref/contrib/gis/install/index.txt        | 13 +--
 docs/ref/contrib/gis/measure.txt              |  2 +-
 docs/ref/contrib/gis/model-api.txt            |  3 +-
 docs/releases/1.0-porting-guide.txt           |  4 +-
 docs/releases/1.9.txt                         |  2 +-
 docs/releases/security.txt                    | 96 +++++++++----------
 docs/topics/install.txt                       |  4 +-
 docs/topics/python3.txt                       |  2 +-
 docs/topics/security.txt                      |  2 +-
 20 files changed, 84 insertions(+), 88 deletions(-)

diff --git a/docs/faq/admin.txt b/docs/faq/admin.txt
index 8deffdf28c..61e84fa974 100644
--- a/docs/faq/admin.txt
+++ b/docs/faq/admin.txt
@@ -106,4 +106,4 @@ There *may* be minor stylistic differences between supported browsers—for
 example, some browsers may not support rounded corners. These are considered
 acceptable variations in rendering.
 
-.. _YUI's A-grade: http://yuilibrary.com/yui/docs/tutorials/gbs/
+.. _YUI's A-grade: https://github.com/yui/yui3/wiki/Graded-Browser-Support
diff --git a/docs/howto/auth-remote-user.txt b/docs/howto/auth-remote-user.txt
index bef562d565..34f17a8084 100644
--- a/docs/howto/auth-remote-user.txt
+++ b/docs/howto/auth-remote-user.txt
@@ -10,7 +10,7 @@ Windows Authentication or Apache and `mod_authnz_ldap`_, `CAS`_, `Cosign`_,
 `WebAuth`_, `mod_auth_sspi`_, etc.
 
 .. _mod_authnz_ldap: http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html
-.. _CAS: https://www.apereo.org/cas
+.. _CAS: https://www.apereo.org/projects/cas
 .. _Cosign: http://weblogin.org
 .. _WebAuth: http://www.stanford.edu/services/webauth/
 .. _mod_auth_sspi: http://sourceforge.net/projects/mod-auth-sspi
diff --git a/docs/howto/jython.txt b/docs/howto/jython.txt
index 0d3baf9e77..e7ff3696f0 100644
--- a/docs/howto/jython.txt
+++ b/docs/howto/jython.txt
@@ -45,7 +45,7 @@ The `django-jython`_ project contains database backends and management commands
 for Django/Jython development. Note that the builtin Django backends won't work
 on top of Jython.
 
-.. _`django-jython`: http://code.google.com/p/django-jython/
+.. _`django-jython`: https://github.com/beachmachine/django-jython
 
 To install it, follow the `installation instructions`_ detailed on the project
 Web site. Also, read the `database backends`_ documentation there.
diff --git a/docs/howto/upgrade-version.txt b/docs/howto/upgrade-version.txt
index 3c9c1b8d78..28c745ef4b 100644
--- a/docs/howto/upgrade-version.txt
+++ b/docs/howto/upgrade-version.txt
@@ -62,7 +62,7 @@ If you use some other installation process, you might have to manually
 :ref:`uninstall the old Django version <removing-old-versions-of-django>` and
 should look at the complete installation instructions.
 
-.. _pip: http://www.pip-installer.org/
+.. _pip: https://pip.pypa.io/
 .. _virtualenv: http://www.virtualenv.org/
 
 Testing
diff --git a/docs/howto/windows.txt b/docs/howto/windows.txt
index 2e92ace34e..d36b62a6a6 100644
--- a/docs/howto/windows.txt
+++ b/docs/howto/windows.txt
@@ -39,7 +39,7 @@ your Python version and follow the installation instructions given there.
 Install PIP
 ===========
 
-`PIP <http://www.pip-installer.org/>`_ is a package manager for Python that
+`PIP <https://pip.pypa.io/>`_ is a package manager for Python that
 uses the `Python Package Index <https://pypi.python.org>`_ to install Python
 packages. PIP will later be used to install Django from PyPI. If you've
 installed Python 3.4, ``pip`` is included so you may skip this section.
@@ -48,7 +48,7 @@ Open a command prompt and execute ``easy_install pip``. This will install
 ``pip`` on your system. This command will work if you have successfully
 installed Setuptools.
 
-Alternatively, go to `<http://www.pip-installer.org/en/latest/installing.html>`_
+Alternatively, go to `<https://pip.pypa.io/en/latest/installing.html>`_
 for installing/upgrading instructions.
 
 Install Django
diff --git a/docs/internals/contributing/committing-code.txt b/docs/internals/contributing/committing-code.txt
index 4d752b7099..0b07eaa6de 100644
--- a/docs/internals/contributing/committing-code.txt
+++ b/docs/internals/contributing/committing-code.txt
@@ -176,7 +176,7 @@ Django's Git repository:
     commit message, GitHub will close the pull request, but the Trac plugin
     will also close the same numbered ticket in Trac.
 
-.. _Trac plugin: https://github.com/aaugustin/trac-github
+.. _Trac plugin: https://github.com/trac-hacks/trac-github
 
 * If your commit references a ticket in the Django `ticket tracker`_ but
   does *not* close the ticket, include the phrase "Refs #xxxxx", where "xxxxx"
diff --git a/docs/internals/contributing/writing-code/unit-tests.txt b/docs/internals/contributing/writing-code/unit-tests.txt
index 06eaf90b74..8cf2c8d248 100644
--- a/docs/internals/contributing/writing-code/unit-tests.txt
+++ b/docs/internals/contributing/writing-code/unit-tests.txt
@@ -183,7 +183,7 @@ associated tests will be skipped.
 .. _gettext: http://www.gnu.org/software/gettext/manual/gettext.html
 .. _selenium: https://pypi.python.org/pypi/selenium
 .. _sqlparse: https://pypi.python.org/pypi/sqlparse
-.. _pip requirements files: http://www.pip-installer.org/en/latest/user_guide.html#requirements-files
+.. _pip requirements files: https://pip.pypa.io/en/latest/user_guide.html#requirements-files
 
 Code coverage
 ~~~~~~~~~~~~~
diff --git a/docs/internals/team.txt b/docs/internals/team.txt
index bdc1e39ec7..f7d48a9830 100644
--- a/docs/internals/team.txt
+++ b/docs/internals/team.txt
@@ -52,7 +52,7 @@ Journal-World`_ of Lawrence, Kansas, USA.
 .. _soundslice: https://www.soundslice.com/
 .. _simon willison: http://simonwillison.net/
 .. _web-development blog: `simon willison`_
-.. _jacob kaplan-moss: http://jacobian.org/
+.. _jacob kaplan-moss: https://jacobian.org/
 .. _revolution systems: http://revsys.com/
 .. _wilson miner: http://wilsonminer.com/
 .. _heroku: https://heroku.com/
@@ -151,7 +151,7 @@ Karen Tracey
     .. _Jannis Leidel: https://jezdez.com/
     .. _Bauhaus-University Weimar: http://www.uni-weimar.de/
     .. _virtualenv: http://www.virtualenv.org/
-    .. _pip: http://www.pip-installer.org/
+    .. _pip: https://pip.pypa.io/
     .. _Mozilla: https://www.mozilla.org/
 
 `Andrew Godwin`_
@@ -232,7 +232,7 @@ Tim Graham
     things Django and Python.
 
     .. _Idan Gazit: http://idan.gazit.me
-    .. _photographer: http://flickr.com/photos/idangazit
+    .. _photographer: https://flickr.com/photos/idangazit
     .. _Pixane: http://pixane.com
     .. _Skills: http://skillsapp.com
 
@@ -421,8 +421,8 @@ Daniele Procida
     that goal in mind. Erik lives in Amsterdam, The Netherlands.
 
     .. _Erik Romijn: http://erik.io/
-    .. _Solid Links: http://solidlinks.nl/
-    .. _Erik's Pony Checkup: http://ponycheckup.com/
+    .. _Solid Links: https://solidlinks.nl/
+    .. _Erik's Pony Checkup: https://ponycheckup.com/
 
 `Loïc Bistuer`_
     Loïc studied telecommunications engineering and works as an independent
@@ -537,7 +537,7 @@ Daniele Procida
 
     .. _Tomek Paczkowski: https://hauru.eu
     .. _DjangoCon Europe 2013: http://love.djangocircus.com
-    .. _Django Girls: http://djangogirls.org
+    .. _Django Girls: https://djangogirls.org
     .. _Squirrel: http://squirrel.me
 
 `Ola Sitarska`_
@@ -558,8 +558,8 @@ Daniele Procida
     .. _Ola Sitarska: http://ola.sitarska.com/
     .. _DjangoCon Europe 2013: http://love.djangocircus.com
     .. _Django Girls Tutorial: http://tutorial.djangogirls.org
-    .. _Django Girls: http://djangogirls.org
-    .. _Potato: http://p.ota.to
+    .. _Django Girls: https://djangogirls.org
+    .. _Potato: https://p.ota.to
 
 Past team members
 =================
diff --git a/docs/ref/clickjacking.txt b/docs/ref/clickjacking.txt
index b26fb211b8..ed51b5ea8f 100644
--- a/docs/ref/clickjacking.txt
+++ b/docs/ref/clickjacking.txt
@@ -35,7 +35,7 @@ load the resource in a frame if the request originated from the same site. If
 the header is set to ``DENY`` then the browser will block the resource from
 loading in a frame no matter which site made the request.
 
-.. _X-Frame-Options: https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
+.. _X-Frame-Options: https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
 
 Django provides a few simple ways to include this header in responses from your
 site:
@@ -127,5 +127,5 @@ See also
 
 A `complete list`_ of browsers supporting ``X-Frame-Options``.
 
-.. _complete list: https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header#Browser_compatibility
+.. _complete list: https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options#Browser_compatibility
 .. _other clickjacking prevention techniques: https://en.wikipedia.org/wiki/Clickjacking#Prevention
diff --git a/docs/ref/contrib/gis/gdal.txt b/docs/ref/contrib/gis/gdal.txt
index 0653edab7a..e04c69c8b4 100644
--- a/docs/ref/contrib/gis/gdal.txt
+++ b/docs/ref/contrib/gis/gdal.txt
@@ -22,7 +22,7 @@ to raster (image) data.
      some of the capabilities of OGR and GDAL's raster features at this time.
 
 __ http://www.gdal.org/
-__ http://www.gdal.org/ogr/
+__ http://www.gdal.org/ogr_arch.html
 
 Overview
 ========
@@ -94,7 +94,7 @@ each feature in that layer.
 
    Returns the name of the data source.
 
-__ http://www.gdal.org/ogr/ogr_formats.html
+__ http://www.gdal.org/ogr_formats.html
 
 ``Layer``
 ---------
@@ -455,7 +455,7 @@ systems and coordinate transformation::
    reading vector data from :class:`Layer` (which is in turn a part of
    a :class:`DataSource`).
 
-   __ http://www.gdal.org/ogr/classOGRGeometry.html
+   __ http://www.gdal.org/classOGRGeometry.html
 
    .. classmethod:: from_bbox(bbox)
 
diff --git a/docs/ref/contrib/gis/install/geolibs.txt b/docs/ref/contrib/gis/install/geolibs.txt
index 6de4af4312..3060194d23 100644
--- a/docs/ref/contrib/gis/install/geolibs.txt
+++ b/docs/ref/contrib/gis/install/geolibs.txt
@@ -263,4 +263,4 @@ the GDAL library.  For example::
        It is easier to install the shifting files now, then to have debug a
        problem caused by their absence later.
 .. [#] Specifically, GeoDjango provides support for the `OGR
-       <http://gdal.org/ogr>`_ library, a component of GDAL.
+       <http://gdal.org/ogr_arch.html>`_ library, a component of GDAL.
diff --git a/docs/ref/contrib/gis/install/index.txt b/docs/ref/contrib/gis/install/index.txt
index 5e783b8cdb..2b8347695f 100644
--- a/docs/ref/contrib/gis/install/index.txt
+++ b/docs/ref/contrib/gis/install/index.txt
@@ -234,15 +234,12 @@ Foundation, however, this is not required.
 Python
 ^^^^^^
 
-Although OS X comes with Python installed, users can use framework
-installers (`2.7`__, `3.2`__ and `3.3`__ are available) provided by
-the Python Software Foundation.  An advantage to using the installer is
-that OS X's Python will remain "pristine" for internal operating system
-use.
+Although OS X comes with Python installed, users can use `framework
+installers`__ provided by the Python Software Foundation.  An advantage to
+using the installer is that OS X's Python will remain "pristine" for internal
+operating system use.
 
-__ https://python.org/ftp/python/2.7.5/
-__ https://python.org/ftp/python/3.2.5/
-__ https://python.org/ftp/python/3.3.2/
+__ https://www.python.org/ftp/python/
 
 .. note::
 
diff --git a/docs/ref/contrib/gis/measure.txt b/docs/ref/contrib/gis/measure.txt
index 6572ce5c67..260e7d0276 100644
--- a/docs/ref/contrib/gis/measure.txt
+++ b/docs/ref/contrib/gis/measure.txt
@@ -174,5 +174,5 @@ Measurement API
 
 .. rubric:: Footnotes
 .. [#] `Robert Coup <https://koordinates.com/>`_ is the initial author of the measure objects,
-       and was inspired by Brian Beck's work in `geopy <http://code.google.com/p/geopy/>`_
+       and was inspired by Brian Beck's work in `geopy <https://github.com/geopy/geopy/>`_
        and Geoff Biggs' PhD work on dimensioned units for robotics.
diff --git a/docs/ref/contrib/gis/model-api.txt b/docs/ref/contrib/gis/model-api.txt
index 25bd7756a1..d6fde26c14 100644
--- a/docs/ref/contrib/gis/model-api.txt
+++ b/docs/ref/contrib/gis/model-api.txt
@@ -118,7 +118,7 @@ are not.
 
 Most people are familiar with using latitude and longitude to reference a
 location on the earth's surface.  However, latitude and longitude are angles,
-not distances. [#fnharvard]_  In other words, while the shortest path between two points on
+not distances. In other words, while the shortest path between two points on
 a flat surface is a straight line, the shortest path between two points on a curved
 surface (such as the earth) is an *arc* of a `great circle`__. [#fnthematic]_  Thus,
 additional computation is required to obtain distances in planar units (e.g.,
@@ -281,7 +281,6 @@ for example::
 .. [#fnogc] OpenGIS Consortium, Inc., `Simple Feature Specification For SQL <http://www.opengeospatial.org/standards/sfs>`_.
 .. [#fnogcsrid] *See id.* at Ch. 2.3.8, p. 39 (Geometry Values and Spatial Reference Systems).
 .. [#fnsrid] Typically, SRID integer corresponds to an EPSG (`European Petroleum Survey Group <http://www.epsg.org>`_) identifier.  However, it may also be associated with custom projections defined in spatial database's spatial reference systems table.
-.. [#fnharvard] Harvard Graduate School of Design, `An Overview of Geodesy and Geographic Referencing Systems <http://www.gsd.harvard.edu/gis/manual/projections/fundamentals/>`_.  This is an excellent resource for an overview of principles relating to geographic and Cartesian coordinate systems.
 .. [#fnthematic] Terry A. Slocum, Robert B. McMaster, Fritz C. Kessler, & Hugh H. Howard, *Thematic Cartography and Geographic Visualization* (Prentice Hall, 2nd edition), at Ch. 7.1.3.
 .. [#fndist] This limitation does not apply to PostGIS.
 .. [#fngeography] Please refer to the `PostGIS Geography Type <http://postgis.net/docs/manual-2.1/using_postgis_dbmanagement.html#PostGIS_Geography>`_ documentation for more details.
diff --git a/docs/releases/1.0-porting-guide.txt b/docs/releases/1.0-porting-guide.txt
index d38c14703c..ea3e905b57 100644
--- a/docs/releases/1.0-porting-guide.txt
+++ b/docs/releases/1.0-porting-guide.txt
@@ -79,8 +79,8 @@ see `the admin`_ below for more details.
     A contributor to djangosnippets__ has written a script that'll `scan your
     models.py and generate a corresponding admin.py`__.
 
-    __ http://www.djangosnippets.org/
-    __ http://www.djangosnippets.org/snippets/603/
+    __ https://www.djangosnippets.org/
+    __ https://www.djangosnippets.org/snippets/603/
 
 Example
 ~~~~~~~
diff --git a/docs/releases/1.9.txt b/docs/releases/1.9.txt
index 5d017b3042..4aab9aa070 100644
--- a/docs/releases/1.9.txt
+++ b/docs/releases/1.9.txt
@@ -122,7 +122,7 @@ The admin sports a modern, flat design. It still provides a fully-functional
 experience to `YUI's A-grade`_ browsers. Older browser may experience varying
 levels of graceful degradation.
 
-.. _YUI's A-grade: http://yuilibrary.com/yui/docs/tutorials/gbs/
+.. _YUI's A-grade: https://github.com/yui/yui3/wiki/Graded-Browser-Support
 
 Minor features
 ~~~~~~~~~~~~~~
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 0c9016ae0b..d70e3b9046 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -42,7 +42,7 @@ issued at the time and CVEs may not have been assigned.
 August 16, 2006 - CVE-2007-0404
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2007-0404 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0404&cid=3>`_: Filename validation issue in translation framework. `Full description <https://www.djangoproject.com/weblog/2006/aug/16/compilemessages/>`__
+`CVE-2007-0404 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0404&cid=3>`_: Filename validation issue in translation framework. `Full description <https://www.djangoproject.com/weblog/2006/aug/16/compilemessages/>`__
 
 Versions affected
 -----------------
@@ -54,7 +54,7 @@ Versions affected
 January 21, 2007 - CVE-2007-0405
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2007-0405 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0405&cid=3>`_: Apparent "caching" of authenticated user. `Full description <https://www.djangoproject.com/weblog/2007/jan/21/0951/>`__
+`CVE-2007-0405 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0405&cid=3>`_: Apparent "caching" of authenticated user. `Full description <https://www.djangoproject.com/weblog/2007/jan/21/0951/>`__
 
 Versions affected
 -----------------
@@ -70,7 +70,7 @@ security process. These are listed below.
 October 26, 2007 - CVE-2007-5712
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2007-5712 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5712&cid=3>`_: Denial-of-service via arbitrarily-large ``Accept-Language`` header. `Full description <https://www.djangoproject.com/weblog/2007/oct/26/security-fix/>`__
+`CVE-2007-5712 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5712&cid=3>`_: Denial-of-service via arbitrarily-large ``Accept-Language`` header. `Full description <https://www.djangoproject.com/weblog/2007/oct/26/security-fix/>`__
 
 Versions affected
 -----------------
@@ -82,7 +82,7 @@ Versions affected
 May 14, 2008 - CVE-2008-2302
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2008-2302 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2302&cid=3>`_: XSS via admin login redirect. `Full description <https://www.djangoproject.com/weblog/2008/may/14/security/>`__
+`CVE-2008-2302 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2302&cid=3>`_: XSS via admin login redirect. `Full description <https://www.djangoproject.com/weblog/2008/may/14/security/>`__
 
 Versions affected
 -----------------
@@ -94,7 +94,7 @@ Versions affected
 September 2, 2008 - CVE-2008-3909
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2008-3909 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3909&cid=3>`_: CSRF via preservation of POST data during admin login. `Full description <https://www.djangoproject.com/weblog/2008/sep/02/security/>`__
+`CVE-2008-3909 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3909&cid=3>`_: CSRF via preservation of POST data during admin login. `Full description <https://www.djangoproject.com/weblog/2008/sep/02/security/>`__
 
 Versions affected
 -----------------
@@ -106,7 +106,7 @@ Versions affected
 July 28, 2009 - CVE-2009-2659
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2009-2659 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2659&cid=3>`_: Directory-traversal in development server media handler. `Full description <https://www.djangoproject.com/weblog/2009/jul/28/security/>`__
+`CVE-2009-2659 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2659&cid=3>`_: Directory-traversal in development server media handler. `Full description <https://www.djangoproject.com/weblog/2009/jul/28/security/>`__
 
 Versions affected
 -----------------
@@ -117,7 +117,7 @@ Versions affected
 October 9, 2009 - CVE-2009-3965
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2009-3965 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3695&cid=3>`_: Denial-of-service via pathological regular expression performance. `Full description <https://www.djangoproject.com/weblog/2009/oct/09/security/>`__
+`CVE-2009-3965 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3695&cid=3>`_: Denial-of-service via pathological regular expression performance. `Full description <https://www.djangoproject.com/weblog/2009/oct/09/security/>`__
 
 Versions affected
 -----------------
@@ -128,7 +128,7 @@ Versions affected
 September 8, 2010 - CVE-2010-3082
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2010-3082 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3082&cid=3>`_: XSS via trusting unsafe cookie value. `Full description <https://www.djangoproject.com/weblog/2010/sep/08/security-release/>`__
+`CVE-2010-3082 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3082&cid=3>`_: XSS via trusting unsafe cookie value. `Full description <https://www.djangoproject.com/weblog/2010/sep/08/security-release/>`__
 
 Versions affected
 -----------------
@@ -138,7 +138,7 @@ Versions affected
 December 22, 2010 - CVE-2010-4534
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2010-4534 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4534&cid=3>`_: Information leakage in administrative interface. `Full description <https://www.djangoproject.com/weblog/2010/dec/22/security/>`__
+`CVE-2010-4534 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4534&cid=3>`_: Information leakage in administrative interface. `Full description <https://www.djangoproject.com/weblog/2010/dec/22/security/>`__
 
 Versions affected
 -----------------
@@ -149,7 +149,7 @@ Versions affected
 December 22, 2010 - CVE-2010-4535
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2010-4535 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4535&cid=2>`_: Denial-of-service in password-reset mechanism. `Full description <https://www.djangoproject.com/weblog/2010/dec/22/security/>`__
+`CVE-2010-4535 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4535&cid=2>`_: Denial-of-service in password-reset mechanism. `Full description <https://www.djangoproject.com/weblog/2010/dec/22/security/>`__
 
 Versions affected
 -----------------
@@ -160,7 +160,7 @@ Versions affected
 February 8, 2011 - CVE-2011-0696
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-0696 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0696&cid=2>`_: CSRF via forged HTTP headers. `Full description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__
+`CVE-2011-0696 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0696&cid=2>`_: CSRF via forged HTTP headers. `Full description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__
 
 Versions affected
 -----------------
@@ -171,7 +171,7 @@ Versions affected
 February 8, 2011 - CVE-2011-0697
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-0697 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0697&cid=2>`_: XSS via unsanitized names of uploaded files. `Full description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__
+`CVE-2011-0697 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0697&cid=2>`_: XSS via unsanitized names of uploaded files. `Full description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__
 
 Versions affected
 -----------------
@@ -182,7 +182,7 @@ Versions affected
 February 8, 2011 - CVE-2011-0698
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-0698 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0698&cid=2>`_: Directory-traversal on Windows via incorrect path-separator handling. `Full description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__
+`CVE-2011-0698 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0698&cid=2>`_: Directory-traversal on Windows via incorrect path-separator handling. `Full description <https://www.djangoproject.com/weblog/2011/feb/08/security/>`__
 
 Versions affected
 -----------------
@@ -193,7 +193,7 @@ Versions affected
 September 9, 2011 - CVE-2011-4136
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-4136 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4136&cid=2>`_: Session manipulation when using memory-cache-backed session. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
+`CVE-2011-4136 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4136&cid=2>`_: Session manipulation when using memory-cache-backed session. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -204,7 +204,7 @@ Versions affected
 September 9, 2011 - CVE-2011-4137
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-4137 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4137&cid=2>`_: Denial-of-service via via ``URLField.verify_exists``. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
+`CVE-2011-4137 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4137&cid=2>`_: Denial-of-service via via ``URLField.verify_exists``. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -215,7 +215,7 @@ Versions affected
 September 9, 2011 - CVE-2011-4138
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-4138 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4138&cid=2>`_: Information leakage/arbitrary request issuance via ``URLField.verify_exists``. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
+`CVE-2011-4138 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4138&cid=2>`_: Information leakage/arbitrary request issuance via ``URLField.verify_exists``. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -226,7 +226,7 @@ Versions affected
 September 9, 2011 - CVE-2011-4139
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-4139 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4139&cid=2>`_: ``Host`` header cache poisoning. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
+`CVE-2011-4139 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4139&cid=2>`_: ``Host`` header cache poisoning. `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -237,7 +237,7 @@ Versions affected
 September 9, 2011 - CVE-2011-4140
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2011-4140 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4140&cid=2>`_: Potential CSRF via ``Host`` header.  `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
+`CVE-2011-4140 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4140&cid=2>`_: Potential CSRF via ``Host`` header.  `Full description <https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -250,7 +250,7 @@ This notification was an advisory only, so no patches were issued.
 July 30, 2012 - CVE-2012-3442
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2012-3442 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3442&cid=2>`_: XSS via failure to validate redirect scheme. `Full description <https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/>`__
+`CVE-2012-3442 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3442&cid=2>`_: XSS via failure to validate redirect scheme. `Full description <https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -261,7 +261,7 @@ Versions affected
 July 30, 2012 - CVE-2012-3443
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2012-3443 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3443&cid=2>`_: Denial-of-service via compressed image files. `Full description <https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/>`__
+`CVE-2012-3443 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3443&cid=2>`_: Denial-of-service via compressed image files. `Full description <https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -272,7 +272,7 @@ Versions affected
 July 30, 2012 - CVE-2012-3444
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2012-3444 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3444&cid=2>`_: Denial-of-service via large image files. `Full description <https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/>`__
+`CVE-2012-3444 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3444&cid=2>`_: Denial-of-service via large image files. `Full description <https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -283,7 +283,7 @@ Versions affected
 October 17, 2012 - CVE-2012-4520
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2012-4520 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4520&cid=2>`_: ``Host`` header poisoning. `Full description <https://www.djangoproject.com/weblog/2012/oct/17/security/>`__
+`CVE-2012-4520 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4520&cid=2>`_: ``Host`` header poisoning. `Full description <https://www.djangoproject.com/weblog/2012/oct/17/security/>`__
 
 Versions affected
 -----------------
@@ -327,7 +327,7 @@ Versions affected
 February 19, 2013 - CVE-2013-1664/1665
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2013-1664 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1664&cid=2>`_ and `CVE-2013-1665 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1665&cid=2>`_: Entity-based attacks against Python XML libraries. `Full description <https://www.djangoproject.com/weblog/2013/feb/19/security/>`__
+`CVE-2013-1664 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1664&cid=2>`_ and `CVE-2013-1665 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1665&cid=2>`_: Entity-based attacks against Python XML libraries. `Full description <https://www.djangoproject.com/weblog/2013/feb/19/security/>`__
 
 Versions affected
 -----------------
@@ -338,7 +338,7 @@ Versions affected
 February 19, 2013 - CVE-2013-0305
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2013-0305 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0305&cid=2>`_: Information leakage via admin history log.  `Full description <https://www.djangoproject.com/weblog/2013/feb/19/security/>`__
+`CVE-2013-0305 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0305&cid=2>`_: Information leakage via admin history log.  `Full description <https://www.djangoproject.com/weblog/2013/feb/19/security/>`__
 
 Versions affected
 -----------------
@@ -349,7 +349,7 @@ Versions affected
 February 19, 2013 - CVE-2013-0306
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2013-0306 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0306&cid=2>`_: Denial-of-service via formset ``max_num`` bypass. `Full description <https://www.djangoproject.com/weblog/2013/feb/19/security/>`__
+`CVE-2013-0306 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0306&cid=2>`_: Denial-of-service via formset ``max_num`` bypass. `Full description <https://www.djangoproject.com/weblog/2013/feb/19/security/>`__
 
 Versions affected
 -----------------
@@ -360,7 +360,7 @@ Versions affected
 August 13, 2013 - CVE-2013-4249
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2013-4249 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4249&cid=2>`_: XSS via admin trusting ``URLField`` values. `Full description <https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/>`__
+`CVE-2013-4249 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4249&cid=2>`_: XSS via admin trusting ``URLField`` values. `Full description <https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -370,7 +370,7 @@ Versions affected
 August 13, 2013 - CVE-2013-6044
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2013-6044 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6044&cid=2>`_: Possible XSS via unvalidated URL redirect schemes. `Full description <https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/>`__
+`CVE-2013-6044 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6044&cid=2>`_: Possible XSS via unvalidated URL redirect schemes. `Full description <https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -381,7 +381,7 @@ Versions affected
 September 10, 2013 - CVE-2013-4315
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2013-4315 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4315&cid=2>`_ Directory-traversal via ``ssi`` template tag. `Full description <https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/>`__
+`CVE-2013-4315 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4315&cid=2>`_ Directory-traversal via ``ssi`` template tag. `Full description <https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -403,7 +403,7 @@ Versions affected
 April 21, 2014 - CVE-2014-0472
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0472 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0472&cid=2>`_: Unexpected code execution using ``reverse()``. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`__
+`CVE-2014-0472 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0472&cid=2>`_: Unexpected code execution using ``reverse()``. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`__
 
 Versions affected
 -----------------
@@ -416,7 +416,7 @@ Versions affected
 April 21, 2014 - CVE-2014-0473
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0473 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0473&cid=2>`_: Caching of anonymous pages could reveal CSRF token. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`__
+`CVE-2014-0473 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0473&cid=2>`_: Caching of anonymous pages could reveal CSRF token. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`__
 
 Versions affected
 -----------------
@@ -429,7 +429,7 @@ Versions affected
 April 21, 2014 - CVE-2014-0474
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0474 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0474&cid=2>`_: MySQL typecasting causes unexpected query results. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`__
+`CVE-2014-0474 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0474&cid=2>`_: MySQL typecasting causes unexpected query results. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`__
 
 Versions affected
 -----------------
@@ -442,7 +442,7 @@ Versions affected
 May 18, 2014 - CVE-2014-1418
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-1418 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1418&cid=2>`_: Caches may be allowed to store and serve private data. `Full description <https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/>`__
+`CVE-2014-1418 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1418&cid=2>`_: Caches may be allowed to store and serve private data. `Full description <https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -455,7 +455,7 @@ Versions affected
 May 18, 2014 - CVE-2014-3730
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-3730 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3730&cid=2>`_: Malformed URLs from user input incorrectly validated. `Full description <https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/>`__
+`CVE-2014-3730 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3730&cid=2>`_: Malformed URLs from user input incorrectly validated. `Full description <https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/>`__
 
 Versions affected
 -----------------
@@ -468,7 +468,7 @@ Versions affected
 August 20, 2014 - CVE-2014-0480
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0480 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0480&cid=2>`_: reverse() can generate URLs pointing to other hosts. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
+`CVE-2014-0480 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0480&cid=2>`_: reverse() can generate URLs pointing to other hosts. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
 
 Versions affected
 -----------------
@@ -481,7 +481,7 @@ Versions affected
 August 20, 2014 - CVE-2014-0481
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0481 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0481&cid=2>`_: File upload denial of service. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
+`CVE-2014-0481 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0481&cid=2>`_: File upload denial of service. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
 
 Versions affected
 -----------------
@@ -494,7 +494,7 @@ Versions affected
 August 20, 2014 - CVE-2014-0482
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0482 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0482&cid=2>`_: RemoteUserMiddleware session hijacking. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
+`CVE-2014-0482 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0482&cid=2>`_: RemoteUserMiddleware session hijacking. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
 
 Versions affected
 -----------------
@@ -507,7 +507,7 @@ Versions affected
 August 20, 2014 - CVE-2014-0483
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2014-0483 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0483&cid=2>`_: Data leakage via querystring manipulation in admin. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
+`CVE-2014-0483 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0483&cid=2>`_: Data leakage via querystring manipulation in admin. `Full description <https://www.djangoproject.com/weblog/2014/aug/20/security/>`__
 
 Versions affected
 -----------------
@@ -520,7 +520,7 @@ Versions affected
 January 13, 2015 - CVE-2015-0219
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-0219 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0219&cid=2>`_:
+`CVE-2015-0219 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0219&cid=2>`_:
 WSGI header spoofing via underscore/dash conflation.
 `Full description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__
 
@@ -534,7 +534,7 @@ Versions affected
 January 13, 2015 - CVE-2015-0220
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-0220 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0220&cid=2>`_: Mitigated possible XSS attack via user-supplied redirect URLs. `Full description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__
+`CVE-2015-0220 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0220&cid=2>`_: Mitigated possible XSS attack via user-supplied redirect URLs. `Full description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__
 
 Versions affected
 -----------------
@@ -546,7 +546,7 @@ Versions affected
 January 13, 2015 - CVE-2015-0221
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-0221 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0221&cid=2>`_:
+`CVE-2015-0221 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0221&cid=2>`_:
 Denial-of-service attack against ``django.views.static.serve()``.
 `Full description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__
 
@@ -560,7 +560,7 @@ Versions affected
 January 13, 2015 - CVE-2015-0222
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-0222 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0222&cid=2>`_:
+`CVE-2015-0222 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0222&cid=2>`_:
 Database denial-of-service with ``ModelMultipleChoiceField``.
 `Full description <https://www.djangoproject.com/weblog/2015/jan/13/security/>`__
 
@@ -573,7 +573,7 @@ Versions affected
 March 9, 2015 - CVE-2015-2241
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-2241 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2241&cid=2>`_:
+`CVE-2015-2241 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2241&cid=2>`_:
 XSS attack via properties in ``ModelAdmin.readonly_fields``.
 `Full description <https://www.djangoproject.com/weblog/2015/mar/09/security-releases/>`__
 
@@ -586,7 +586,7 @@ Versions affected
 March 18, 2015 - CVE-2015-2316
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-2316 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2316&cid=2>`_:
+`CVE-2015-2316 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2316&cid=2>`_:
 Denial-of-service possibility with ``strip_tags()``.
 `Full description <https://www.djangoproject.com/weblog/2015/mar/18/security-releases/>`__
 
@@ -600,7 +600,7 @@ Versions affected
 March 18, 2015 - CVE-2015-2317
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-2317 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2317&cid=2>`_:
+`CVE-2015-2317 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2317&cid=2>`_:
 Mitigated possible XSS attack via user-supplied redirect URLs.
 `Full description <https://www.djangoproject.com/weblog/2015/mar/18/security-releases/>`__
 
@@ -615,7 +615,7 @@ Versions affected
 May 20, 2015 - CVE-2015-3982
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-3982 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3982&cid=2>`_:
+`CVE-2015-3982 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3982&cid=2>`_:
 Fixed session flushing in the cached_db backend.
 `Full description <https://www.djangoproject.com/weblog/2015/may/20/security-release/>`__
 
@@ -627,7 +627,7 @@ Versions affected
 July 8, 2015 - CVE-2015-5143
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-5143 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5143&cid=2>`_:
+`CVE-2015-5143 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5143&cid=2>`_:
 Denial-of-service possibility by filling session store.
 `Full description <https://www.djangoproject.com/weblog/2015/jul/08/security-releases/>`__
 
@@ -641,7 +641,7 @@ Versions affected
 July 8, 2015 - CVE-2015-5144
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-5144 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5144&cid=2>`_:
+`CVE-2015-5144 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5144&cid=2>`_:
 Header injection possibility since validators accept newlines in input.
 `Full description <https://www.djangoproject.com/weblog/2015/jul/08/security-releases/>`__
 
@@ -655,7 +655,7 @@ Versions affected
 July 8, 2015 - CVE-2015-5145
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-`CVE-2015-5145 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5145&cid=2>`_:
+`CVE-2015-5145 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5145&cid=2>`_:
 Denial-of-service possibility in URL validation.
 `Full description <https://www.djangoproject.com/weblog/2015/jul/08/security-releases/>`__
 
diff --git a/docs/topics/install.txt b/docs/topics/install.txt
index 549b07ec9a..48c78c9e7c 100644
--- a/docs/topics/install.txt
+++ b/docs/topics/install.txt
@@ -184,10 +184,10 @@ This is the recommended way to install Django.
    privileges, and this will install Django in the virtualenv's
    ``site-packages`` directory.
 
-.. _pip: http://www.pip-installer.org/
+.. _pip: https://pip.pypa.io/
 .. _virtualenv: http://www.virtualenv.org/
 .. _virtualenvwrapper: http://virtualenvwrapper.readthedocs.org/en/latest/
-.. _standalone pip installer: http://www.pip-installer.org/en/latest/installing.html#install-pip
+.. _standalone pip installer: https://pip.pypa.io/en/latest/installing.html#install-pip
 
 Installing an official release manually
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/docs/topics/python3.txt b/docs/topics/python3.txt
index 9520d5c764..dfe19c0a37 100644
--- a/docs/topics/python3.txt
+++ b/docs/topics/python3.txt
@@ -245,7 +245,7 @@ consequence, the following pattern is sometimes necessary::
 
 Be cautious if you have to `index bytestrings`_.
 
-.. _index bytestrings: https://docs.python.org/3/howto/pyporting.html#indexing-bytes-objects
+.. _index bytestrings: https://docs.python.org/3/howto/pyporting.html#text-versus-binary-data
 
 Exceptions
 ~~~~~~~~~~
diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index b080979812..84e60644f8 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -271,4 +271,4 @@ security protection of the Web server, operating system and other components.
 * It is a good idea to limit the accessibility of your caching system and
   database using a firewall.
 
-.. _LimitRequestBody: http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestbody
+.. _LimitRequestBody: http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody