Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
31,014 Commits 26 Branches 382 Tags
Commit Graph

13043 Commits

Author SHA1 Message Date
Mariusz Felisiak
44f6bb5652 [4.1.x] Added CVE-2023-36053 to security archive. 
Backport of 1d6fbf16f24200a556beb6dd197439944deb6837 from main
 2023-07-03 10:31:12 +02:00
Mariusz Felisiak
beb3f3d559 [4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator. 
Thanks Seokchan Yoon for reports.
 2023-07-03 08:27:05 +02:00
Mariusz Felisiak
3b48fe413f [4.1.x] Added stub release notes for 4.1.10 and 3.2.20. 
Backport of 2360ba22742c3ee8729697bfe2d508110465af56 from main
 2023-06-26 14:37:24 +02:00
Mariusz Felisiak
66e1e9b006 [4.1.x] Added CVE-2023-31047 to security archive. 
Backport of 49830025c992fbc8d8f213e7c16dba1391c6adf2 from main
 2023-05-03 15:22:12 +02:00
Mariusz Felisiak
e7c3a2ccc3 [4.1.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field. 
Thanks Moataz Al-Sharida and nawaik for reports.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
 2023-05-03 13:54:21 +02:00
Mariusz Felisiak
491dccec1a [4.1.x] Added missing backticks in docs/releases/1.7.txt. 2023-04-26 09:30:14 +02:00
Mariusz Felisiak
6d334a0ca5 [4.1.x] Added stub release notes for 4.1.9 and 3.2.19. 
Backport of 18a7f2c711529f8e43c36190a5e2479f13899749 from main
 2023-04-26 08:51:18 +02:00
Mariusz Felisiak
67a79dcf5b [4.1.x] Added release date for 4.1.8. 
Backport of fdf0a367bdd72c70f91fb3aed77dabbe9dcef69f from main
 2023-04-05 06:19:38 +02:00
David Wobrock
ba1654cb54 [4.1.x] Fixed #34384 -- Fixed session validation when rotation secret keys. 
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7.

Thanks Eric Zarowny for the report.

Backport of 2396933ca99c6bfb53bda9e53968760316646e01 from main
 2023-03-08 11:33:47 +01:00
Mariusz Felisiak
ff3e3eb2bd [4.1.x] Added stub release notes for 4.1.8. 
Backport of 9a07999aef7958c9b5441e368cd90646d0edc5c9 from main
 2023-03-06 17:38:07 +01:00
Mariusz Felisiak
60be5909a2 [4.1.x] Refs #21080, Refs #34322 -- Added warning to ManifestStaticFilesStorage docs about paths in comments. 
Backport of bae053d497ba8a8de7e4f725973924bfb1885fd2 from main.
 2023-02-16 19:24:28 +01:00
David Smith
7fd69e52a5 [4.1.x] Refs #32339 -- Doc'd BaseFormSet.as_div() 
Backport of 4038a8df0b8c20624ba826cf9af8f532e5a51aaa from main.
 2023-02-15 09:26:17 +01:00
Carlton Gibson
991461a3b3 [4.1.x] Added CVE-2023-24580 to security archive. 
Backport of ecafcaf634fcef93f9da8cb12795273dd1c3a576 from main
 2023-02-14 09:53:25 +01:00
Markus Holtermann
628b33a854 [4.1.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. 
Thanks to Jakob Ackermann for the report.
 2023-02-14 08:24:06 +01:00
Sota Tabu
425c75f56f [4.1.x] Fixed #34318 -- Added release note for 4bfe8c0eec835b8eaffcda7dc1e3b203751a790a. 
Backport of 3e9d413231edc29768cc7ca0427e63b19233f562 from main
 2023-02-13 14:13:36 +01:00
Mariusz Felisiak
590a92e456 [4.1.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e6723c6985399803a364848891513cc.
Backport of 2fd755b361d3da2cd0440fc9839feb2bb69b027b from main
 2023-02-08 16:40:38 +01:00
Carlton Gibson
ae53649b38 [4.1.x] Added stub release notes for 4.0.10 and 3.2.18. 
Set date for 4.1.7 release.

Backport of 7e003428f96d616c1f77fed84882a95e63bc3644 from main
 2023-02-07 10:12:12 +01:00
Mariusz Felisiak
83c88af9f8 [4.1.x] Added stub release notes for 4.1.7. 
Backport of f3c89744cc801cc7d134bca9958c4a74aa76380f from main
 2023-02-01 13:22:50 +01:00
Mariusz Felisiak
9ac634ff26 [4.1.x] Added CVE-2023-23969 to security archive. 
Backport of 36e3eef7d5a4c88671d20a561788679d0d9c334c from main
 2023-02-01 12:10:18 +01:00
Nick Pope
9d7bd5a56b [4.1.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:46:23 +01:00
Durval Carvalho
f586c12f01 [4.1.x] Fixed #34180 -- Added note about resetting language in test tear-downs. 
Co-authored-by: Faris Naimi <farisfaris66@gmail.com>

Backport of 40217d1a82b0c16cddba377325d12b2c253f402a from main
 2023-01-31 07:29:55 +01:00
Mariusz Felisiak
26b7a25632 [4.1.x] Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e6723c6985399803a364848891513cc.

Backport of 2b1242abb3989f5d74e787b09132d01bcbee5b55 from main.
 2023-01-26 09:34:15 +01:00
Carlton Gibson
bc48c7dfd6 [4.1.x] Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of d8e1442ce2c56282785dd806e5c1147975e8c857 from main
 2023-01-25 12:27:07 +01:00
Carlton Gibson
bb59ef749f [4.1.x] Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of 1df963ad2476726d63be132c0cee47e07b8250d7 from main
 2023-01-25 11:58:50 +01:00
noFFENSE
2a32d3963c [4.1.x] Fixed #34242 -- Doc'd that primary key is set to None when deleting objects. 
Backport of 5cd1385356d4b275133ddb0f8c78b2f37c5901eb from main
 2023-01-20 10:57:47 +01:00
sarahboyce
d550e3cccd [4.1.x] Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase. 
Co-authored-by: Christian Bundy <me@christianbundy.com>

Backport of 0fbdb9784da915fce5dcc1fe82bac9b4785749e5 from main
 2023-01-16 10:04:03 +01:00
Steven
d805010d68 [4.1.x] Fixed "nulls characters" typo in docs. 
Backport of 4b7016866a80ec8582f55fc7eedfa692039e9648 from main
 2023-01-16 08:24:21 +01:00
Raj Desai
420f3230a2 [4.1.x] Fixed #34232 -- Fixed typo in docs/intro/tutorial07.txt. 
Backport of d2310f6473593d28c14b63a72253408b568e100a from main
 2023-01-04 19:32:08 +01:00
Mariusz Felisiak
f6d138eeff [4.1.x] Added stub release notes for 4.1.6. 
Backport of 75500feecddcb27b6ab65c9057e7317024cef761 from main
 2023-01-02 08:51:44 +01:00
Mariusz Felisiak
7bcf84d363 [4.1.x] Added release date for 4.1.5. 
Backport of 174d8157b5700f6451ac0bdc3eef7e73121bc4a4 from main
 2023-01-02 08:11:41 +01:00
Mariusz Felisiak
a9ed890837 [4.1.x] Disabled auto-created table of contents entries on Sphinx 5.2+. 
Auto-created table of contents entries for all domain objects (e.g.
functions, classes, attributes, etc.) were added in Sphinx 5.2, see
https://github.com/sphinx-doc/sphinx/issues/6316.

An option to control new table of contents entries was added in Sphinx
5.2.3, see https://github.com/sphinx-doc/sphinx/pull/10886.
Backport of 279967ec859a9a5240318cf29a077539b0e3139f from main
 2022-12-29 06:09:17 +01:00
Mariusz Felisiak
46b28bbe15
[4.1.x] Updated translations from Transifex. 
Updated Bulgarian, Esperanto, Hungarian, Japanese, Macedonian, Persian,
Portuguese (Brazil), Russian, Spanish, and Turkmen translations.
 2022-12-20 19:33:28 +01:00
Andrew Godwin
f92ecd5134 [4.1.x] Refs DEP 12 -- Renamed TB to Steering Council wherever mentioned. 
Backport of a09d39f28609c707a62dbbbdc4e55489fae1631f from main
 2022-12-20 09:12:41 +01:00
Mariusz Felisiak
78bb8f95f8 [4.1.x] Fixed typo in docs/topics/async.txt. 
Backport of 0c60d11bdbe5bf353e3fa0f2db1cb85786ca3448 from main
 2022-12-19 20:26:29 +01:00
TAKAHASHI Shuuji
54bdc99cd0 [4.1.x] Fixed typo in docs/topics/http/sessions.txt. 
Backport of 05d70fb92b72f9701bea99c809a5edd53b290de9 from main
 2022-12-16 10:38:55 +01:00
Paolo Melchiorre
2d156780f3 [4.1.x] Fixed #34213 -- Updated PostgreSQL package names in installing PostGIS docs. 
Backport of d44ee518c4c110af25bebdbedbbf9fba04d197aa from main
 2022-12-14 16:50:44 +01:00
Mariusz Felisiak
1106c99a1f [4.1.x] Removed KyngChaos packages from docs. 
See https://www.kyngchaos.com/2022/09/11/goodbye-software-packaging/
Backport of 9d9ec0c79f52efad3a4d3f6ac4644d5c9fb1d22c from main
 2022-12-14 11:18:48 +01:00
James Gillard
af3cfc8630 [4.1.x] Fixed #34205 -- Fixed Meta.constraints validation crash with ArrayField and __len lookup. 
Regression in 88fc9e2826044110b7b22577a227f122fe9c1fb5 that began
manifesting in Django 4.1.

Backport of c5ed884eabf3b2b67581c55bf6c87e721f69157f from main.
 2022-12-10 19:39:00 +01:00
Sylvain Fankhauser
3137174344 [4.1.x] Fixed #34172 -- Improved ModelAdmin.get_urls example. 
Backport of 0036bcdcb65874f63fff8139fe86574fa155eb26 from main
 2022-12-07 11:46:30 +01:00
David Smith
7713370f08 [4.1.x] Refs #32339 -- Updated Form API docs to prefer as_div() output style. 
Backport of 9ac97e7eb5a74f813012715c7598c8608e78e178 from main
 2022-12-07 11:08:05 +01:00
Carlton Gibson
c2dadbcbf0 [4.1.x] Added stub release notes for 4.1.5. 
Backport of 845a5db38fd3d2695af8cece78951729936a0196 from main
 2022-12-06 10:21:44 +01:00
Carlton Gibson
65d31d9e41 [4.1.x] Added release date for 4.1.4. 
Backport of f4a053a2940c2e5324550cd796724a5837362cba from main
 2022-12-06 09:57:26 +01:00
Ryan Cheley
24170562d4 [4.1.x] Fixed #24048 -- Corrected QuerySet.only() docs about interaction with defer(). 
Backport of 68bd8f4cb4d14dccfb016bb15177506234f567fb from main
 2022-12-06 08:25:09 +01:00
Mariusz Felisiak
423fa4c072 [4.1.x] Updated various links to HTTPS and new locations. 
Backport of 514884e9a555c51afba3d26d9370a908af4752a6 from main
 2022-12-06 06:00:34 +01:00
sdolemelipone
29c9bba8b9 [4.1.x] Fixed #34199 -- Added example to StringAgg docs. 
Backport of 344593893b6fc5fdda45a74013fc8622401c5058 from main
 2022-12-05 05:52:00 +01:00
sdolemelipone
a196dcc9c8 [4.1.x] Fixed typo in docs/ref/contrib/postgres/aggregates.txt. 
Backport of 0abd8f1cb8a9bab4627f5798ff5a87c32926b562 from main
 2022-12-05 05:51:50 +01:00
Mariusz Felisiak
58156f4ed7 [4.1.x] Refs #33397, Refs #34160 -- Added release note for resolving output_field changes. 
Backport of e8dcef155c1848ef49e54f787a7d20faf3bf9296 from main
 2022-11-30 08:22:29 +01:00
Mariusz Felisiak
44f755035d [4.1.x] Doc's check_password()'s setter and preferred arguments. 
Follow up to 90e05aaeac612a4251640564aa65f103ac635e12.
Backport of 662497cece5480b39d1d0c7f68c7b0ca395be923 from main
 2022-11-28 08:14:40 +01:00
Riccardo Magliocchetti
8a623d1354 [4.1.x] Adjusted BaseFormSet.get_form_kwargs example in docs. 
Backport of df2db8b4a5237eb881e8450639ef7dd7b2a059fb from main
 2022-11-24 15:17:13 +01:00
Tibor Leupold
754c0c5c6c [4.1.x] Fixed #34064 -- Adjusted locale override wording in settings docs. 
Backport of 33f4de34e63c00616ed1624acdf9cd8adfaf33a6 from main
 2022-11-24 15:11:10 +01:00