Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
27,779 Commits 26 Branches 382 Tags
Commit Graph

27779 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mariusz Felisiak
2a04e24d2d [3.0.x] Added CVE-2021-28658 to security archive. 
Backport of 1eac8468cbde790fecb51dd055a439f4947d01e9 from main
 2021-04-06 09:47:14 +02:00
Mariusz Felisiak
0d71c48106 [3.0.x] Post-release version bump. 2021-04-06 08:37:12 +02:00
Mariusz Felisiak
f528002435 [3.0.x] Bumped version for 3.0.14 release. 3.0.14 2021-04-06 08:34:45 +02:00
Mariusz Felisiak
e7fba62248 [3.0.x] Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files. 
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.

Backport of d4d800ca1addc4141e03c5440a849bb64d1582cd from main.
 2021-04-06 08:33:16 +02:00
Carlton Gibson
232d5f61e6 [3.0.x] Added CVE-2021-23336 to security archive. 
Backport of ab58f072502e86dfe21b2bd5cccdc5e94dce8d26 from master
 2021-02-19 11:06:46 +01:00
Carlton Gibson
cb7e3ff4a1 [3.0.x] Post-release version bump. 2021-02-19 09:43:26 +01:00
Carlton Gibson
04a9b7df3f [3.0.x] Bumped version for 3.0.13 release. 3.0.13 2021-02-19 09:42:24 +01:00
Nick Pope
326a926bee [3.0.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.limited_parse_qsl(). 2021-02-18 10:21:04 +01:00
Nick Pope
ad36388406 [3.0.x] Added documentation extlink for bugs.python.org. 
Backport of d02d60eb0f032c9395199fb73c6cd29ee9bb2646 from master
 2021-02-17 14:27:36 +01:00
Mariusz Felisiak
0194f0be31 [3.0.x] Added CVE-2021-3281 to security archive. 
Backport of f749148d62ece28d208ab66b109f858215ba090a from master
 2021-02-01 10:46:46 +01:00
Mariusz Felisiak
bfe24c3803 [3.0.x] Post-release version bump. 2021-02-01 09:48:38 +01:00
Mariusz Felisiak
81c99e4eb0 [3.0.x] Bumped version for 3.0.12 release. 3.0.12 2021-02-01 09:40:04 +01:00
Mariusz Felisiak
52e409ed17 [3.0.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). 
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.

Backport of 05413afa8c18cdb978fcdf470e09f7a12b234a23 from master.
 2021-02-01 09:14:22 +01:00
Mariusz Felisiak
74ca3cac32 [3.0.x] Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database. 
Backport of 135c800fe6138d7818501a384c0ebbdc5442762c from master
 2021-01-29 11:03:35 +01:00
Tim Graham
f13bedf102 [3.0.x] Updated CVE URL. 
Backport of 656b331b13e08e82bbf0b88d39080c5b1a02109c from master
 2021-01-02 12:50:30 +01:00
Max Smolens
c506639b42 [3.0.x] Fixed #31850 -- Fixed BasicExtractorTests.test_extraction_warning with xgettext 0.21+. 
"format string with unnamed arguments cannot be properly localized"
warning is not raised in xgettext 0.21+.

This patch uses a message that causes an xgettext warning regardless of
the version.

Backport of 07a30f561661efae1691ff45d10ec6014b395b58 from master
 2020-11-02 10:29:51 +01:00
Carlton Gibson
008d49caa2 [3.0.x] Post-release version bump. 2020-11-02 09:02:53 +01:00
Carlton Gibson
f6778c256f [3.0.x] Bumped version for 3.0.11 release. 3.0.11 2020-11-02 08:59:21 +01:00
Carlton Gibson
c3b8a62f63 [3.0.x] Set release date for 3.0.11 and 2.2.17. 
Backport of 7fc07b9b2ba0c5c62a8840325d21b414a099fda0 from master
 2020-11-02 08:37:54 +01:00
Christian Klus
b0a6798de5 [3.0.x] Fixed #32152 -- Fixed grouping by subquery aliases. 
Regression in 42c08ee46539ef44f8658ebb1cbefb408e0d03fe.

Thanks Simon Charette for the review.

Backport of 4ac2d4fa42e1659f328c35b6b8d4761b3419c11a from master
 2020-10-29 11:33:52 +01:00
Claude Paroz
72a17c919b [3.0.x] Fixed #32110 -- Doc'd and tested enumerations for ChoiceField.choices. 
Backport of 7f85498eef1d8fcc52e4fb70df8041f5452d405a from master
 2020-10-17 21:06:57 +02:00
Mariusz Felisiak
301bca9394 [3.0.x] Refs #31040 -- Doc'd Python 3.9 compatibility. 
Backport of e18156b6c35908f2a4026287b5225a6a4da8af1a from master.
 2020-10-13 08:40:39 +02:00
Mariusz Felisiak
9deb850e23 [3.0.x] Skipped GetImageDimensionsTests.test_webp when WEBP is not installed. 
Bumped minimum Pillow version to 4.2.0 in test requirements.

Backport of fce389af7cf95151118c9fc7cafd777a31f94946 from master
 2020-10-06 11:30:21 +02:00
Carlton Gibson
1734484f12 [3.0.x] Added CVE-2020-24583 & CVE-2020-24584 to security archive. 
Backport of d5b526bf78a9e5d9760e0c0f7647622bf47782fe from master
 2020-09-01 11:38:46 +02:00
Carlton Gibson
26323dbcf4 [3.0.x] Post-release version bump. 2020-09-01 10:29:42 +02:00
Carlton Gibson
a208020ecd [3.0.x] Bumped version for 3.0.10 release. 3.0.10 2020-09-01 10:26:20 +02:00
Carlton Gibson
79e6eb3853 [3.0.x] Added release date for 3.0.10, and 2.2.16. 
Backport of 976e2b7420c0f7e3060a13792b97511a9aad31d7 from master
 2020-09-01 09:58:40 +02:00
Mariusz Felisiak
cdb367c92a [3.0.x] Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+. 
Backport of f56b57976133129b0b351a38bba4ac882badabf0 from master.
 2020-08-25 10:45:33 +02:00
Mariusz Felisiak
08892bffd2 [3.0.x] Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+. 
Thanks WhiteSage for the report.

Backport of ea0febbba531a3ecc8c77b570efbfb68ca7155db from master.
 2020-08-25 10:43:50 +02:00
Kaustubh
db8b935730 [3.0.x] Fixed #31925 -- Fixed typo in docs/releases/3.0.txt. 
Backport of 3e753d3de33469493b1f0947a2e0152c4000ed40 from master
 2020-08-21 09:49:13 +02:00
Mariusz Felisiak
ab5491c7cc [3.0.x] Refs #31863 -- Added release notes for 94ea79be137f3cb30949bf82198e96e094f2650d. 
Backport of 21768a99f47ee73a2f93405151550ef7c3d9c8a2 from master
 2020-08-13 16:31:27 +02:00
Gert Burger
c33b6ceff4 [3.0.x] Fixed #31863 -- Prevented mutating model state by copies of model instances. 
Regression in bfb746f983aa741afa3709794e70f1e0ab6040b5.

Backport of 94ea79be137f3cb30949bf82198e96e094f2650d from master
 2020-08-13 15:27:52 +02:00
Daniel Hillier
784ed4ada1 [3.0.x] Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()). 
Backport of 60626162f76f26d32a38d18151700cb041201fb3 from master
 2020-08-11 12:31:50 +02:00
Mariusz Felisiak
9f74a24803 [3.0.x] Added stub release notes for 2.2.16 and 3.0.10. 
Backport of 8a5683b6b2aede38edcff070686ed1fce470dec5 from master
 2020-08-11 11:13:20 +02:00
Mariusz Felisiak
8f8edec6c4 [3.0.x] Post-release version bump. 2020-08-03 09:06:21 +02:00
Mariusz Felisiak
39716e4578 [3.0.x] Bumped version for 3.0.9 release. 3.0.9 2020-08-03 09:02:29 +02:00
Mariusz Felisiak
b1ae5d015b [3.0.x] Added release date for 2.2.15 and 3.0.9. 
Backport of b68b8cb89abb35ff2152175ea540619ec384b1f4 from master
 2020-08-03 08:56:37 +02:00
Mariusz Felisiak
d70ed9439d [3.0.x] Corrected signing.dumps()/loads() signatures in docs. 
Backport of 8703680ebee47bfa9e912a30a0509798500bf42a from master
 2020-07-31 11:34:32 +02:00
Andrzej Bartosiński
8f8d4b3d52 [3.0.x] Corrected admin.register() signature in docs. 
Backport of eb215da363e6cf0e8f3405db3c4392398c8777cb from master
 2020-07-29 12:55:00 +02:00
Claude Paroz
e0397e11b5 [3.0.x] Refs #30165 -- Removed leftover 'u' prefix. 
Backport of bac5777bff8e8d8189193438b5af52f158a3f2a4 from master
 2020-07-29 10:20:44 +02:00
Harpreet Sharma
08063f0122 [3.0.x] Fixed #31821 -- Removed outdated note in FILE_UPLOAD_PERMISSIONS docs. 
Follow up to 22aab8662f0368b63f91f2526bdd0532524bc0fe

Backport of 248d03fbe932b0844c628e56dafba334f9e028e4 from master
 2020-07-23 21:01:10 +02:00
LincolnPuzey
6fc4445cff [3.0.x] Fixed #31816 -- Corrected the expected content type in StreamingHttpResponse docs. 
Backport of d75436109694c286d9af48ae94ca39759d080214 from master
 2020-07-23 13:13:44 +02:00
Ramiro Morales
b732afe30a [3.0.x] Fixed typo in docs/ref/models/querysets.txt. 
Backport of 51e536178cba9489b9d759f69f72f442af16ba32 from master
 2020-07-22 23:37:44 +02:00
Buk Bukowski
f4b7996e9b [3.0.x] Fixed #31814 -- Fixed typo in docs/ref/settings.txt. 
Backport of f65454801bfa13fc043fee0aca8f49af41380683 from master
 2020-07-22 22:39:55 +02:00
Adam Johnson
76b7b3a778 [3.0.x] Doc'd Model.MultipleObjectsReturned docs and improved documentation related with models exceptions. 
Backport of bc4fea92b296a7eacbd5f89263ca67515feeb53f from master
 2020-07-22 20:22:09 +02:00
Adam Johnson
f026d761d6 [3.0.x] Refs #24763 -- Moved DoesNotExist to Model class docs. 
Backport of b5f0efa19c82d274082bcde8a8acae5038667614 from master
 2020-07-22 20:22:06 +02:00
Mariusz Felisiak
dcb27ead84 [3.0.x] Fixed #31805 -- Fixed SchemaTests.tearDown() when table names are case-insensitive. 
Backport of fd53db842c35c994dbd54196dd38a908f3676b1a from master
 2020-07-22 12:51:43 +02:00
Mariusz Felisiak
1a81d34e70 [3.0.x] Fixed #31797 -- Skipped schema tests on specific MariaDB versions. 
test_alter_not_unique_field_to_primary_key() test is affected by
https://jira.mariadb.org/browse/MDEV-19598 on MariaDB 10.4.4 to 10.5.1.

test_alter_pk_with_self_referential_field() test is affected by
https://jira.mariadb.org/browse/MDEV-22775 on MariaDB 10.4 series
from 10.4.13.
Backport of c071c408d72330b422c124a6bdd85a68acae9566 from master
 2020-07-22 10:58:47 +02:00
David Chorpash
0a3c1272f2 [3.0.x] Refs #31720 -- Added examples to BoolAnd() and BoolOr() documentation. 
Backport of a2e621b14e85836362b7fc0e6b1bf7d7ff98e42b from master
 2020-07-21 07:02:29 +02:00
Adam Johnson
bcb511f9d8 [3.0.x] Improved description of USE_THOUSAND_SEPARATOR setting. 
Backport of 80f92177eb2a175579f4a6907ef5a358863bddca from master
 2020-07-20 12:56:11 +02:00