django

History

Tim Graham 536cc64240 [1.6.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.

Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.

Backport of 7fe5b656c9 from master

2013-09-10 21:03:51 -04:00

bin

Fixed #19252 -- Added support for wheel packages.

2013-05-01 13:46:06 +02:00

conf

[1.6.x] Set 'bidi' Urdu property to True

2013-08-30 12:04:17 +02:00

contrib

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

core

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

[1.6.x] Fixed #20707 -- Added explicit quota assignment to Oracle test user

2013-09-09 14:02:21 +03:00

dispatch

Fixed #20943 -- Weakly reference senders when caching their associated receivers

2013-08-20 02:12:50 -04:00

forms

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

http

[1.6.x] Replaced "not PY3" by "PY2", new in six 1.4.0.

2013-09-03 07:34:45 -05:00

middleware

Removed several unused imports.

2013-06-19 17:18:40 +02:00

shortcuts

Fixed #19692 -- Completed deprecation of mimetype in favor of content_type.

2013-01-31 13:54:40 +01:00

template

[1.6.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.

2013-09-10 21:03:51 -04:00

templatetags

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

test

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

utils

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

views

[1.6.x] Took advantage of django.utils.six.moves.urllib.*.

2013-09-10 21:29:31 +02:00

__init__.py

Bumped version numbers for 1.6b2.

2013-08-13 11:12:07 -05:00