Author Commit Message Labels Comments Date
Default avatar Tim Graham
Merge pull request #2227 from jheasly/patch-1
Default avatar John Heasly
Fixed bad link
Default avatar Tim Graham
[1.3.x] Added missing release notes for older versions of Django
Carl Meyer avatarCarl Meyer
[1.3.x] Bump version to no longer claim to be 1.3.7 final.
James Bennett avatarJames Bennett
[1.3.x] Bump version numbers to roll a clean package.
Carl Meyer avatarCarl Meyer
[1.4.x] Note that ALLOWED_HOSTS default changes in Django 1.5.
Carl Meyer avatarCarl Meyer
[1.3.x] Fixed #19857 -- Fixed broken docs link in project template.
Carl Meyer avatarCarl Meyer
[1.3.x] Don't characterize XML vulnerabilities as DoS-only.
James Bennett avatarJames Bennett
[1.3.x] Bump version numbers for security release.
Carl Meyer avatarCarl Meyer
[1.3.x] Update 1.3.6 release notes for all security fixes.
Aymeric Augustin avatarAymeric Augustin
[1.3.x] Added a default limit to the maximum number of forms in a formset.
Carl Meyer avatarCarl Meyer
[1.3.x] Checked object permissions on admin history view.
Carl Meyer avatarCarl Meyer
[1.3.x] Restrict the XML deserializer to prevent network and entity-expansion DoS attacks.
Carl Meyer avatarCarl Meyer
[1.3.x] Added ALLOWED_HOSTS setting for HTTP host header validation.
Florian Apolloner avatarFlorian Apolloner
[1.3.X] Fixed a test failure in the comment tests.
James Bennett avatarJames Bennett
[1.3.x] Bump version numbers for security release.
Florian Apolloner avatarFlorian Apolloner
[1.3.X] Fixed a security issue in get_host.
Florian Apolloner avatarFlorian Apolloner
[1.3.X] Fixed #18856 -- Ensured that redirects can't be poisoned by malicious users.
Preston Holmes avatarPreston Holmes
Added missed poisoned host header test material
James Bennett avatarJames Bennett
[1.3.x] Bump version numbers for security release.
Preston Holmes avatarPreston Holmes
Fixed a security issue related to password resets
James Bennett avatarJames Bennett
[1.3.x] Bump version numbers for bugfix release.
Florian Apolloner avatarFlorian Apolloner
[1.3.x] Fixed #18692 -- Restored python 2.4 compatibility.
James Bennett avatarJames Bennett
[1.3.x] Use correct download URL.
James Bennett avatarJames Bennett
[1.3.x] Bump version numbers for security releases.
Florian Apolloner avatarFlorian Apolloner
[1.3.x] Fixed a security issue in http redirects. Disclosure and new release forthcoming.
Florian Apolloner avatarFlorian Apolloner
[1.3.x] Fixed second security issue in image uploading. Disclosure and release forthcoming.
Florian Apolloner avatarFlorian Apolloner
[1.3.x] Fixed a security issue in image uploading. Disclosure and release forthcoming.
Default avatar Anssi Kääriäinen
Reverted "[1.3.x] Fixed #18135 -- Close connection used for db version checking"
Michael Newman avatarMichael Newman
[1.3.x] Fixed #18135 -- Close connection used for db version checking
  1. Prev
  2. Next
Help
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.