…mset. This is a security fix. Disclosure and advisory coming shortly.
This is a security fix. Disclosure and advisory coming shortly. Patch by Russell Keith-Magee.
…xpansion DoS attacks. This is a security fix. Disclosure and advisory coming shortly.
This is a security fix; disclosure and advisory coming shortly.
…y_key from IntegerField to AutoField. Thanks Keryn Knight. Backport of 218bbef from master
Thanks diegueus9 for the report and itsallvoodoo for the draft patch. Backport of 7a80904 from master
…mentation Backport of 976dc07 from master
Thanks pedro.calcao@ for the report.
The reason was that the except clause needed to remove a connection from the django.db.connections dict, but other parts of Django do not expect this to happen. In addition the except clause was silently swallowing the exception messages. Refs #19707, special thanks to Carl Meyer for pointing out that this approach should be taken.
Partial backport of 3abf610 from master. Refs #19042.
The change in f105fbe made through=None m2m fields fail in cases where they worked before. It isn't possible to create such fields using public APIs. The fix is trivial, so it seems worth fixing this for custom m2m field users. This is not a backport from master. Master has gotten enough other changes to related fields internal API that this fix alone isn't enough to do any good.
Backpatch of a4e97cf.
Backpatch of f556df9. Backpatching these tests so that it will be easier to backpatch the fix for #19707.
…links and markup. Backport of 43efefa from master
…mpatible Thanks matf at op.pl for the report.
This test was randomly failing depending on the library environment. Backport of a1c470a from master.
…ed MD5 passwords Thanks apreobrazhensky at gmail.com for the report. Backport of 63d6a50 from master.
Thanks rodrigorosa.lg and others for the report. Backport of 99315f7 from master
Thanks Mike O'Connor for the report. Backport of 52a2588 from master
abd0f30 from master.
…anks to Bradley Ayers for the patch. Backport of f5a9e5e from master
Backport of 1eb0da1 from master.
Backport of c196e01
…ions can be displayed as selected even if the lookup's first element is not a string. Backport of 88e1715
Backpatch of dc569c8
…eate SQLite used INSERT INTO tbl SELECT %s UNION SELECT %s, the problem was that there should have been UNION ALL instead of UNION. Refs #19351 Backpatch of a275824