django

History

Jacob Kaplan-Moss 594a28a904 SECURITY ALERT: Corrected regular expressions for URL and email fields.

Certain email addresses/URLs could trigger a catastrophic backtracking
situation, causing 100% CPU and server overload. If deliberately triggered, this
could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement will follow.



git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@11605 bcc190cf-cafb-0310-a4f2-bffc1f526a37

2009-10-09 20:59:25 +00:00

modeltests

[1.0.X] Fixed #11392 -- Enforced a predictable result order for a couple of test cases. Thanks to Nathan Auch for the report and patch.

2009-06-29 14:10:53 +00:00

regressiontests

SECURITY ALERT: Corrected regular expressions for URL and email fields.

2009-10-09 20:59:25 +00:00

templates

[1.0.X] Fixed #7944 : date-based generic views no longer get confused with a numeric month format. Thanks to Justin Lilly and Alex Gaynor. Backport of r10457 and r10458 from trunk.

2009-04-09 15:28:41 +00:00

runtests.py

Removed the need for ROOT_URLCONF in settings when running Django's core tests

2008-08-30 05:09:03 +00:00

urls.py

[1.0.X] Fixed #9498 -- Handle a formset correctly when the foreign key is not available (for now).

2008-11-13 19:05:49 +00:00