358973a | Mariusz Felisiak | 18 December 2019, 08:32:29 UTC | [1.11.x] Bumped version for 1.11.27 release. | 18 December 2019, 08:32:29 UTC |
f4cff43 | Simon Charette | 17 December 2019, 02:51:57 UTC | [1.11.x] Fixed CVE-2019-19844 -- Used verified user email for password reset requests. Backport of 5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70 from master. Co-Authored-By: Florian Apolloner <florian@apolloner.eu> | 18 December 2019, 08:17:28 UTC |
a235574 | Mariusz Felisiak | 11 December 2019, 09:07:41 UTC | [1.11.x] Refs #31073 -- Added release notes for 02eff7ef60466da108b1a33f1e4dc01eec45c99d. Backport of ec12c37384798093e359971c8980fe0c68d555bc from master. | 11 December 2019, 09:14:57 UTC |
e8fdf00 | Peter Andersen | 09 December 2019, 16:54:40 UTC | [1.11.x] Fixed #31073 -- Prevented CheckboxInput.get_context() from mutating attrs. Backport of 02eff7ef60466da108b1a33f1e4dc01eec45c99d from master. | 11 December 2019, 08:43:36 UTC |
4f15016 | Mariusz Felisiak | 04 November 2019, 08:31:11 UTC | [1.11.x] Post-release version bump. | 04 November 2019, 08:31:11 UTC |
f24d305 | Mariusz Felisiak | 04 November 2019, 08:21:03 UTC | [1.11.x] Bumped version for 1.11.26 release. | 04 November 2019, 08:21:03 UTC |
4017507 | Mariusz Felisiak | 04 November 2019, 07:20:22 UTC | [1.11.x] Added release date for 1.11.26. Backport of 126cfefce2b59900138f2bf1ef6ad966cddc55d4 from master | 04 November 2019, 07:30:17 UTC |
a843a9b | Louise Grandjonc | 01 October 2019, 23:25:40 UTC | [1.11.x] Fixed #30826 -- Fixed crash of many JSONField lookups when one hand side is key transform. Regression in 6c3dfba89215fc56fc27ef61829a6fff88be4abb. Backport of 7d1bf29977bb368d7c28e7c6eb146db3b3009ae7 from master. | 11 October 2019, 10:01:42 UTC |
cf2b475 | Mariusz Felisiak | 02 October 2019, 05:49:47 UTC | [1.11.x] Added stub release notes for 1.11.26. Backport of 84322a29ce9b0940335f8ab3d60e55192bef1e50 from master | 02 October 2019, 05:58:03 UTC |
b73bb46 | Carlton Gibson | 01 October 2019, 08:06:53 UTC | [1.11.x] Post-release version bump. | 01 October 2019, 08:06:53 UTC |
81f0da9 | Carlton Gibson | 01 October 2019, 07:54:07 UTC | [1.11.x] Bumped version for 1.11.25 release. | 01 October 2019, 07:54:07 UTC |
9d2916f | Carlton Gibson | 01 October 2019, 06:49:15 UTC | [1.11.x] Added release date for 1.11.25. Backport of 3826aed46d7d4310c2ab6777a4f92165ca4d8d4f from master. | 01 October 2019, 07:01:51 UTC |
fd39390 | Simon Charette | 16 September 2019, 03:25:50 UTC | [1.11.x] Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation. This was a regression introduced by 7deeabc7c7526786df6894429ce89a9c4b614086 to address CVE-2019-14234. Thanks Tim Kleinschmidt for the report and Mariusz for the tests. Backport of 6c3dfba89215fc56fc27ef61829a6fff88be4abb from master. | 16 September 2019, 07:05:48 UTC |
30c3d5f | Mariusz Felisiak | 16 September 2019, 05:37:47 UTC | [1.11.x] Added stub release notes for 1.11.25. Backport of bd7e0f81f8590eadcb820c976ba03c9b75bbcad6 from master | 16 September 2019, 05:45:42 UTC |
f213c4c | Mariusz Felisiak | 02 September 2019, 07:02:39 UTC | [1.11.x] Post-release version bump. | 02 September 2019, 07:02:39 UTC |
4c049c8 | Mariusz Felisiak | 02 September 2019, 06:45:34 UTC | [1.11.x] Bumped version for 1.11.24 release. | 02 September 2019, 06:45:34 UTC |
835b62a | Mariusz Felisiak | 02 September 2019, 05:43:51 UTC | [1.11.x] Added release date for 1.11.24. Backport of 47f49adc11c0d39be3f41f92becc1f606c49d8ce from master. | 02 September 2019, 05:49:10 UTC |
473c526 | Mariusz Felisiak | 14 August 2019, 13:25:35 UTC | [1.11.x] Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params. Regression in 4f5b58f5cd3c57fee9972ab074f8dc6895d8f387. Thanks Florian Apolloner for the report and helping with tests. Backport of 1f8382d34d54061eddc41df6994e20ee38c60907 from master. | 14 August 2019, 13:58:10 UTC |
3deda1f | Carlton Gibson | 01 August 2019, 10:01:27 UTC | [1.11.x] Added CVE-2019-14235 to security release archive. Backport of a5652eb795e896df0c0f2515201f35f9cd86b99b from master | 01 August 2019, 10:07:11 UTC |
738b45d | Carlton Gibson | 01 August 2019, 09:59:45 UTC | [1.11.x] Added CVE-2019-14234 to security release archive. Backport of 3a6a2f5eaf74200a9591a6311fdb0ea78ee305ee from master | 01 August 2019, 10:07:06 UTC |
7482d25 | Carlton Gibson | 01 August 2019, 09:57:24 UTC | [1.11.x] Added CVE-2019-14233 to security release archive. Backport of 9600f63885d2d240f85d59bff6acbe200f890298 from master | 01 August 2019, 10:07:00 UTC |
ba79161 | Carlton Gibson | 01 August 2019, 09:54:24 UTC | [1.11.x] Added CVE-2019-14232 to the security release archive. Backport of 87750787d1e464b7143f366d9485ba20fefc9c94 from master | 01 August 2019, 10:06:54 UTC |
1e6a5b0 | Carlton Gibson | 01 August 2019, 08:46:21 UTC | [1.11.x] Post-release version bump. | 01 August 2019, 08:46:21 UTC |
9748977 | Carlton Gibson | 01 August 2019, 08:43:51 UTC | [1.11.x] Bumped version for 1.11.23 release. | 01 August 2019, 08:43:51 UTC |
869b34e | Florian Apolloner | 19 July 2019, 15:04:53 UTC | [1.11.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri(). Thanks to Guido Vranken for initial report. | 31 July 2019, 19:29:17 UTC |
ed682a2 | Mariusz Felisiak | 22 July 2019, 08:45:26 UTC | [1.11.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection. Thanks to Sage M. Abdullah for the report and initial patch. Thanks Florian Apolloner for reviews. | 31 July 2019, 19:29:17 UTC |
52479ac | Florian Apolloner | 15 July 2019, 10:00:06 UTC | [1.11.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities. Thanks to Guido Vranken for initial report. | 29 July 2019, 09:20:43 UTC |
42a66e9 | Florian Apolloner | 15 July 2019, 09:46:09 UTC | [1.11.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML. Thanks to Guido Vranken for initial report. | 29 July 2019, 09:18:34 UTC |
693046e | Carlton Gibson | 25 July 2019, 08:58:17 UTC | [1.11.x] Added stub release notes for security releases. Backport of f13147c8de725eed7038941758469aeb9bd66503 from master. | 25 July 2019, 08:58:17 UTC |
6d054b5 | Mariusz Felisiak | 01 July 2019, 08:14:36 UTC | [1.11.x] Added CVE-2019-12781 to the security release archive. Backport of 868cd56f058ca203419ad0886353173b74c3bcf1 from master | 01 July 2019, 08:24:29 UTC |
7c849b9 | Mariusz Felisiak | 01 July 2019, 06:47:34 UTC | [1.11.x] Post-release version bump. | 01 July 2019, 06:47:34 UTC |
480380c | Mariusz Felisiak | 01 July 2019, 06:43:35 UTC | [1.11.x] Bumped version for 1.11.22 release. | 01 July 2019, 06:43:35 UTC |
32124fc | Carlton Gibson | 13 June 2019, 08:57:29 UTC | [1.11.x] Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review. Backport of 54d0f5e62f54c29a12dd96f44bacd810cbe03ac8 from master. | 01 July 2019, 06:40:19 UTC |
58553bb | Mariusz Felisiak | 20 June 2019, 08:45:38 UTC | [1.11.x] Added stub release notes for security releases. Backport of 30b3ee9d0b33bb440f9c73d1ce9e0e7303887a9f from master | 01 July 2019, 05:05:49 UTC |
bc5febe | Mariusz Felisiak | 27 June 2019, 13:09:28 UTC | [1.11.x] Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database. Backport of 4305fbe8b11f44ab5d6759346488026c1e9677b2 from master. | 30 June 2019, 18:21:27 UTC |
7906968 | Markus Holtermann | 21 June 2019, 15:57:36 UTC | [1.11.x] Bumped minimum ESLint version to 4.18.2. Backport of ad7b438002f1ab2a0ccb321012182991737ea84e from master. | 21 June 2019, 16:18:36 UTC |
341f444 | Nick Pope | 03 June 2019, 19:17:39 UTC | [1.11.x] Added CVE-2019-12308 to the security release archive. Backport of 21b1d239125f1228e579b1ce8d94d4d5feadd2a6 from master | 03 June 2019, 19:47:37 UTC |
9f8bed5 | Nick Pope | 03 June 2019, 19:15:59 UTC | [1.11.x] Added CVE-2019-11358 to the security release archive. Backport of 8fb0ea55830321852a4a051a478f78e24d4f6889 from master | 03 June 2019, 19:47:34 UTC |
a07ce0e | Mariusz Felisiak | 03 June 2019, 11:16:29 UTC | [1.11.x] Fixed typo in 1.11.21 release notes. Backport of 100ec901aebebe56b61f101af38a228414098dd5 from master. | 03 June 2019, 12:17:07 UTC |
2f67c8e | Carlton Gibson | 03 June 2019, 09:52:57 UTC | [1.11.x] Post-release version bump. | 03 June 2019, 09:59:53 UTC |
bc1f79d | Carlton Gibson | 03 June 2019, 09:48:10 UTC | [1.11.x] Bumped version for 1.11.21 release. | 03 June 2019, 09:48:10 UTC |
c238701 | Carlton Gibson | 27 May 2019, 10:10:02 UTC | [1.11.x] Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link. Backport of deeba6d92006999fee9adfbd8be79bf0a59e8008 from master. | 03 June 2019, 09:38:19 UTC |
4b3716e | Carlton Gibson | 27 May 2019, 07:37:10 UTC | [1.11.x] Added stub release notes for security releases. Backport of 98c0fe19ee2cba9726708ac9336e1dc0d43cca69 from master | 03 June 2019, 08:54:19 UTC |
331d765 | Tim Graham | 11 February 2017, 18:39:35 UTC | [1.11.x] Refs #27807 -- Removed docs for User.username_validator. The new override functionality claimed in refs #21379 doesn't work. Forwardport of 714fdbaa7048c2321f6238d9421137c33d9af7cc from stable/1.10.x. | 08 April 2019, 00:09:15 UTC |
d13490c | Mariusz Felisiak | 05 April 2019, 10:06:04 UTC | [1.11.x] Refs #30331 -- Doc'd that psycopg2 < 2.8 is required. Backport of 0a8617a5b1cac7063f30e4d8ff4ea4c30748f7b8 from stable/2.1.x. | 05 April 2019, 10:13:05 UTC |
22c0564 | Tim Graham | 21 March 2019, 14:04:15 UTC | [1.11.x] Fixed #30277 -- Fixed broken links to packaging.python.org. Backport of 8f1cc7e9e61758475ddd6586e0fede4af1ca0e8d from master. | 21 March 2019, 14:08:38 UTC |
9530fac | Tim Graham | 20 March 2019, 13:07:49 UTC | [1.11.x] Fixed serializers test crash if PyYAML isn't installed. Follow up to a57c783dd4e6dc73847081221827a1902eede88b. Backport of 55490ac7469a3647ce163bee323f7fe4a06fcaa6 from master | 20 March 2019, 15:11:02 UTC |
f8ce3cd | Mariusz Felisiak | 13 March 2019, 19:06:47 UTC | [1.11.x] Fixed serializers tests for PyYAML 5.1+. Backport of a57c783dd4e6dc73847081221827a1902eede88b from master | 14 March 2019, 17:45:14 UTC |
f13bfde | Mariusz Felisiak | 03 March 2019, 18:33:48 UTC | [1.11.x] Reverted "Fixed relative paths imports per isort 4.3.5." This reverts commit 463fe11bc8b2d068e447c5df677e7a31c2af7e03 due to restore of relative paths sorting from isort < 4.3.5 in isort 4.3.10. Backport of b435f82939edf70674856e0e1cd63973c2e0a1d1 from master. | 03 March 2019, 18:47:17 UTC |
b9beb6a | Mariusz Felisiak | 25 February 2019, 10:03:30 UTC | [1.11.x] Fixed relative paths imports per isort 4.3.5. Backport of 463fe11bc8b2d068e447c5df677e7a31c2af7e03 from master. | 25 February 2019, 19:02:56 UTC |
1b8a26e | Tim Graham | 14 February 2019, 14:35:54 UTC | [1.11.x] Fixed E117 flake8 warnings. | 14 February 2019, 14:35:54 UTC |
d718f52 | Tim Graham | 11 February 2019, 21:08:50 UTC | [1.11.x] Added CVE-2019-6975 to the security release archive. Backport of d6e5aad5c7eba3d8061c09902de16cd2b22619af from master. | 11 February 2019, 21:15:21 UTC |
013b923 | Tim Graham | 11 February 2019, 20:54:39 UTC | [1.11.x] Post-release version bump. | 11 February 2019, 20:54:39 UTC |
1c9cb94 | Carlton Gibson | 11 February 2019, 14:54:05 UTC | [1.11.x] Bumped version for 1.11.20 release. | 11 February 2019, 14:54:26 UTC |
f2c5f66 | Carlton Gibson | 11 February 2019, 14:46:33 UTC | [1.11.x] Refs #30175 -- Added release notes for 1.11.20 release. Backport of b39bd0aa6d5667d6bbcf7d349a1035c676e3f972 from master | 11 February 2019, 14:52:35 UTC |
1cdba62 | Carlton Gibson | 11 February 2019, 10:31:04 UTC | [1.11.x] Bumped version for 1.11.19 release. | 11 February 2019, 10:31:04 UTC |
0bbb560 | Carlton Gibson | 11 February 2019, 10:15:45 UTC | [1.11.x] Fixed CVE-2019-6975 -- Fixed memory exhaustion in utils.numberformat.format(). Thanks Sjoerd Job Postmus for the report and initial patch. Thanks Michael Manfre, Tim Graham, and Florian Apolloner for review. Backport of 402c0caa851e265410fbcaa55318f22d2bf22ee2 from master. | 11 February 2019, 10:15:45 UTC |
11cb395 | Mariusz Felisiak | 08 February 2019, 20:38:30 UTC | [1.11.x] Removed extra characters in docs header underlines. Backport of 25829197bb94585e94695360065ac614aa9e6a56 from master | 08 February 2019, 20:44:04 UTC |
fc858ab | Carlton Gibson | 07 February 2019, 14:46:53 UTC | Added stub release notes for security releases. # Conflicts: # docs/releases/2.1.6.txt | 07 February 2019, 14:56:05 UTC |
f245cec | Tim Graham | 01 February 2019, 20:42:48 UTC | [1.11.x] Used extlinks for GitHub commits. Backport of c34c6d0a2fc6d9bc55fb2db94b9ed40141babb15 from master. | 01 February 2019, 20:55:56 UTC |
5a50ef9 | Tim Graham | 27 August 2018, 14:26:29 UTC | [1.11.x] Replaced CVE/ticket roles with extlinks. Backport of 44f98f78804627839d5f0a8b3a32bfbb4546ff52 from master. | 01 February 2019, 20:55:49 UTC |
951ee0b | Tim Graham | 01 February 2019, 13:32:42 UTC | [1.11.x] Refs #30150 -- Doc'd that MySQL 8 isn't supported. | 01 February 2019, 13:32:42 UTC |
cea425e | Mariusz Felisiak | 30 January 2019, 12:06:09 UTC | [1.11.x] Fixed E117 and F405 flake8 warnings. Backport of 5a5c77d55dc85c7e6cf910243257e408887f412a from master | 30 January 2019, 12:15:13 UTC |
71e8cdb | Tim Graham | 04 January 2019, 14:24:47 UTC | [1.11.x] Added CVE-2019-3498 to the security release archive. Backport of 162ae9c9143aa85eb27ea69b446a28973eea4854 from master. | 04 January 2019, 14:25:51 UTC |
b4937b7 | Tim Graham | 04 January 2019, 14:11:09 UTC | [1.11.x] Post-release version bump. | 04 January 2019, 14:11:09 UTC |
2c9dbe9 | Tim Graham | 04 January 2019, 14:06:59 UTC | [1.11.x] Bumped version for 1.11.18 release. | 04 January 2019, 14:06:59 UTC |
1cd00fc | Tom Hacohen | 04 January 2019, 02:21:55 UTC | [1.11.x] Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page. Co-Authored-By: Tim Graham <timograham@gmail.com> Backport of 1ecc0a395be721e987e8e9fdfadde952b6dee1c7 from master. | 04 January 2019, 03:09:25 UTC |
b683bb0 | Tim Graham | 02 January 2019, 00:05:28 UTC | [1.11.x] Pinned Pillow != 5.4.0 in test requirements. There's a bug that causes a test failure in forms_tests: https://github.com/python-pillow/Pillow/pull/3501/files#r244651761. Backport of e4a714b259125423059b9f65f5e0ab70d78521ba from master. | 02 January 2019, 22:43:25 UTC |
190aa59 | CHI Cheng | 27 December 2018, 09:48:37 UTC | [1.11.x] Fixed broken links to PyYAML page. Backport of b7dbd5ff68bb9d2235ca081c0bd0b8baa65f8c77 from master. | 27 December 2018, 09:56:19 UTC |
2ea1e0e | Tim Graham | 05 December 2018, 20:48:24 UTC | [1.11.x] Refs #30013 -- Doc'd that mysqlclient 1.3.14 and later isn't supported. | 05 December 2018, 20:51:04 UTC |
a5338b1 | Carlton Gibson | 03 December 2018, 17:13:45 UTC | [1.11.x] Post-release version bump. | 03 December 2018, 17:13:45 UTC |
4f5f6f3 | Carlton Gibson | 03 December 2018, 14:36:33 UTC | [1.11.x] Bumped version for 1.11.17 release. | 03 December 2018, 14:36:33 UTC |
b69c27a | Carlton Gibson | 03 December 2018, 14:14:58 UTC | [1.11.x] Added release date for 1.11.17. Backport of 950112548e61098f442d37a8ded4ef9f83ff8fda from master | 03 December 2018, 14:30:07 UTC |
882935e | Tim Graham | 10 September 2018, 20:08:21 UTC | [1.11.x] Removed usage of deprecated sphinx APIs. Backport of cc4bb110d31f18d2931fd79d792d3ac09cce19e5 from master. | 17 November 2018, 23:05:54 UTC |
c11a7b4 | Asif Saifuddin Auvi | 14 November 2018, 17:44:52 UTC | [1.11.x] Refs #28814 -- Documented Python 3.7 compatibility. Backport of 2f7cd7f8ecb01d30c1dfdaefa1c1714db76d2553 from master | 17 November 2018, 20:35:08 UTC |
8deb0a8 | Tim Graham | 05 February 2018, 18:16:57 UTC | [1.11.x] Refs #28814 -- Fixed migrations crash with namespace packages on Python 3.7. Due to https://bugs.python.org/issue32303. Backport of 0f0a07ac278dc2be6da81e519188f77e2a2a00cf from master | 17 November 2018, 19:46:04 UTC |
b9e2489 | Tim Graham | 17 November 2017, 21:12:48 UTC | [1.11.x] Refs #28814 -- Fixed test_runner failure on Python 3.7. Due to https://bugs.python.org/issue30399. Backport of 9d1d3b2d2fe0bef995b024368088eeabbdf73629 from master | 17 November 2018, 19:46:04 UTC |
568c2f4 | Tim Graham | 17 November 2017, 20:38:29 UTC | [1.11.x] Refs #28814 -- Fixed "SyntaxError: Generator expression must be parenthesized" on Python 3.7. Due to https://bugs.python.org/issue32012. Backport of 931c60c5216bd71bc11f489e00e063331cf21f40 from master | 17 November 2018, 19:46:04 UTC |
216398d | Claude Paroz | 16 November 2018, 14:10:33 UTC | [1.11.x] Fixed #29959 -- Cached GEOS version in WKBWriter class. Regression in f185d929fa1c0caad8c03fccde899b647d7248c6. Backport of e7e55059027ae2f644c852e0ba60dc9307b425e1 from master. | 16 November 2018, 20:15:25 UTC |
e75120c | Tim Graham | 16 November 2018, 14:34:10 UTC | [1.11.x] Removed release date for 1.11.17. Backport of 97cec6f75d9d9b86892829f784e5e9dabfd1242a from master. | 16 November 2018, 14:39:08 UTC |
0ecc4f8 | Tom Forbes | 24 October 2018, 00:46:49 UTC | [1.11.x] Removed obsolete and flaky GeoIP tests. Backport of 8f90593e6f8197148c8f86e598bfef6792f3f4bf from master. | 10 November 2018, 21:34:03 UTC |
b5702da | Mariusz Felisiak | 24 October 2018, 07:13:13 UTC | [1.11.x] Ignored flake8 W504 warnings. W504 is mutually exclusive with W503 that we follow. Backport of 58d1e9aa8ab505912389e7cd019a6f21785ad4bf from master. | 24 October 2018, 13:42:05 UTC |
bd197d3 | Carlton Gibson | 01 October 2018, 09:54:31 UTC | [1.11.x] Added CVE-2018-16984 to the security release archive. Backport of 0b3b7c4b0ab2567cfe5df3ac19563d4a59276cb1 and 92ccc3917058b1025b2d657ffdf3c21eb8009f7b from master | 01 October 2018, 13:08:18 UTC |
21ea15d | Carlton Gibson | 01 October 2018, 09:44:36 UTC | [1.11.x] Added stub release notes for 1.11.17 release. Backport of 7040e638b960c122cd71eccac2b1bf2fe8d0f5da from master | 01 October 2018, 10:03:17 UTC |
abd0baf | Carlton Gibson | 01 October 2018, 09:38:36 UTC | [1.11.x] Post-release version bump. | 01 October 2018, 09:38:36 UTC |
3d0344d | Carlton Gibson | 01 October 2018, 07:38:51 UTC | [1.11.x] Bumped version for 1.11.16 release. | 01 October 2018, 07:38:51 UTC |
c1e9e2a | Carlton Gibson | 01 October 2018, 07:33:28 UTC | [1.11.x] Added release date for 1.11.16. Backport of d37ed40048b749c75f7f54ef8b96d8e738f10719 from master | 01 October 2018, 07:36:13 UTC |
006ca97 | Mariusz Felisiak | 18 September 2018, 08:30:45 UTC | [1.11.x] Refs #29759 -- Doc'd that cx_Oracle < 7 is required. Backport of 7085247e2fd1ad8b08103173a23ca730784765a3 from stable/2.0.x | 18 September 2018, 08:42:04 UTC |
ceae306 | Tim Graham | 04 August 2018, 14:24:22 UTC | [1.11.x] Fixed #28540 -- Doc'd a change to file upload permissions in Django 1.11. Behavior changed in f734e2d4b2fc4391a4d097b80357724815c1d414 (refs #27334). Backport of 89d4d412404d31ef34ae3170c0c056eff55b2a17 from master | 04 August 2018, 15:06:37 UTC |
8a0b905 | Tim Graham | 03 August 2018, 16:13:06 UTC | [1.11.x] Refs #29499 -- Skipped QuerySet.update_or_create() test that fails on MySQL. | 03 August 2018, 16:13:06 UTC |
2668418 | Michael Sanders | 01 August 2018, 09:52:28 UTC | [1.11.x] Fixed #29499 -- Fixed race condition in QuerySet.update_or_create(). A race condition happened when the object didn't already exist and another process/thread created the object before update_or_create() did and then attempted to update the object, also before update_or_create() saved the object. The update by the other process/thread could be lost. Backport of 271542dad1686c438f658aa6220982495db09797 from master | 02 August 2018, 21:28:23 UTC |
98c77c5 | Tim Graham | 01 August 2018, 14:51:24 UTC | [1.11.x] Added CVE-2018-14574 to the security release archive. Backport of 0006538e53bf11d1de26801b13b78807354de2c8 from master | 01 August 2018, 15:07:37 UTC |
08cbca3 | Tim Graham | 01 August 2018, 14:53:21 UTC | [1.11.x] Post-release version bump. | 01 August 2018, 14:53:21 UTC |
6010da2 | Tim Graham | 01 August 2018, 13:40:26 UTC | [1.11.x] Bumped version for 1.11.15 release. | 01 August 2018, 13:40:26 UTC |
d6eaee0 | Andreas Hug | 24 July 2018, 20:18:17 UTC | [1.11.x] Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. | 25 July 2018, 16:13:03 UTC |
4fd1f67 | Tim Graham | 23 July 2018, 14:42:40 UTC | [1.11.x] Added stub release notes for security release. | 24 July 2018, 23:01:29 UTC |
bce29f1 | Carlton Gibson | 02 July 2018, 09:11:33 UTC | [1.11.x] Post-release version bump. | 02 July 2018, 09:11:33 UTC |
32009ee | Carlton Gibson | 02 July 2018, 08:17:44 UTC | [1.11.x] Bumped version for 1.11.14 release. | 02 July 2018, 08:17:44 UTC |
63a6aa2 | Carlton Gibson | 02 July 2018, 08:12:20 UTC | [1.11.x] Added release date for 1.11.14. Backport of 65df375c40dfe591b258f36709123abc6957fbd7 from master | 02 July 2018, 08:14:51 UTC |
d46fb4e | Tim Graham | 27 June 2018, 17:55:09 UTC | [1.11.x] Fixed location of a few doc labels. Backport of 1229687a0a261d05a72e6f189c1a9b0069b302e5 from master | 28 June 2018, 12:58:45 UTC |