Permalink
Commits on Jul 30, 2012
  1. [1.3.x] Fixed a security issue in http redirects. Disclosure and new …

    …release forthcoming.
    
    Backport of 4129201 from master.
    apollo13 committed Jul 30, 2012
  2. [1.3.x] Fixed second security issue in image uploading. Disclosure an…

    …d release forthcoming.
    
    Backport of b1d4634 from master.
    apollo13 committed Jul 30, 2012
  3. [1.3.x] Fixed a security issue in image uploading. Disclosure and rel…

    …ease forthcoming.
    
    Backport of dd16b17 from master.
    apollo13 committed Jul 30, 2012
Commits on May 28, 2012
  1. Reverted "[1.3.x] Fixed #18135 -- Close connection used for db versio…

    …n checking"
    
    This reverts commit a15d3b5. Django
    1.3.x is in security fixes only state, and this wasn't a security
    issue.
    akaariai committed May 28, 2012
Commits on May 27, 2012
  1. [1.3.x] Fixed #18135 -- Close connection used for db version checking

    On MySQL when checking the server version, a new connection could be
    created but never closed. This could result in open connections on
    server startup.
    
    Backport of 4423757.
    newmaniese committed with akaariai May 27, 2012
Commits on Mar 31, 2012
  1. [1.3.X] Fixed #17972 -- Ensured that admin filters on a foreign key r…

    …espect the to_field attribute. This fixes a regression introduced in [14674] and Django 1.3. Thanks to graveyboat and Karen Tracey for the report.
    
    Backport of r17854 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jphalip committed Mar 31, 2012
Commits on Mar 25, 2012
  1. [1.3.X] Fixed #17634 -- Optimized the performance of MultiValueDict b…

    …y using append instead of copy and by minimizing the number of dict lookups. Backport of r17464 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 25, 2012
Commits on Mar 24, 2012
  1. [1.3.X] Avoided a test failure if the settings module used to run the…

    … test suite is called "test_settings".
    
    The globbing feature and this test were removed in 1.4.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
  2. [1.3.x] Fixed #16481 -- Adapted one raw SQL query in cull implementat…

    …ion of the database-based cache backend so it works with Oracle. Backport of r16635 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17805 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
  3. [1.3.X] Fixed #16677 -- Fixed the future version of the ssi template …

    …tag to work with template file names that contain spaces. Backport of r16687 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
  4. [1.3.X] Fixed #16812 -- Percent-encode URLs in verify_exists, to fix …

    …test failures on Python 2.5 and 2.6. Backport of r16838 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
Commits on Mar 17, 2012
  1. [1.3.X] Fixed #17488 -- This test passed in 2011 only because 2012-01…

    …-01 is a Sunday. Thanks Florian Apolloner for the report and patch.
    
    Fixes #17912. Thanks Julien for the report.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17759 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    ramiro committed Mar 17, 2012
Commits on Mar 16, 2012
  1. [1.3.X] Fixed #17841 -- Clarified caching note about authentication b…

    …ackends. Thanks auzigog for the proposal and lukegb for the patch.
    
    Backport of r17752 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17753 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 16, 2012
  2. [1.3.X] Fixed #17908 -- Made some `contrib.markup` tests be skipped s…

    …o they don't fail on old versions of Markdown. Thanks to Preston Holmes for the patch.
    
    Backport of r17749 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17750 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jphalip committed Mar 16, 2012
  3. [1.3.X] Ensured that some staticfiles tests get properly cleaned up o…

    …n teardown. Thanks to Claude Paroz for the patch.
    
    Backport of r17747 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17748 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jphalip committed Mar 16, 2012
Commits on Mar 15, 2012
  1. [1.3.X] Fixed #17900 -- StreamHandler output defaults to stderr. Than…

    …ks c4m3lo for the report.
    
    Backport of r17741 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17742 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 15, 2012
Commits on Mar 14, 2012
  1. [1.3.X] Fixed #17837. Improved markdown safety.

    Markdown enable_attributes is now False when safe_mode is enabled. Documented
    the markdown "safe" argument. Added warnings when the safe argument is
    passed to versions of markdown which cannot be made safe.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17734 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    PaulMcMillan committed Mar 14, 2012
  2. [1.3.X] Updated some outdated external URLs in docs.

    Backport of r17710 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 14, 2012
Commits on Mar 13, 2012
  1. Fixed #17584 -- Updated create_template_postgis-debian.sh script for …

    …PostgreSQL 9.1 installs. Thanks akaihola for the initial patch.
    
    Backport of r17706 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 13, 2012
Commits on Mar 12, 2012
  1. [1.3.X] Fixed the localization docs a little to point to the correct …

    …Transifex URL. Also reworded it a bit to follow the site's new UI.
    
    Backport from trunk (r17690).
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17691 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jezdez committed Mar 12, 2012
Commits on Mar 1, 2012
  1. [1.3.X] Fixed #17737 -- Stopped the collectstatic management command …

    …from copying the wrong file in repeated runs. Thanks, pigletto.
    
    Backport from trunk (r17612).
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17613 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jezdez committed Mar 1, 2012
  2. [1.3.X] Fixed broken link to python-markdown in contrib.markup docs.

    Backport of r17608 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    carljm committed Mar 1, 2012
Commits on Feb 25, 2012
Commits on Feb 24, 2012
  1. [1.3.X] Fixed #17757 - Typo in docs/intro/overview.txt; thanks kaushi…

    …k1618.
    
    Backport of r17584 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17585 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    timgraham committed Feb 24, 2012
  2. [1.3.X] Fixed #17749 - Documented better way of overriding ModelAdmin…

    …; thanks chrisdpratt and claudep.
    
    Backport of r17582 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17583 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    timgraham committed Feb 24, 2012
Commits on Feb 22, 2012
  1. [1.3.X] Don't let ALLOWED_INCLUDE_ROOTS be accidentally set to a stri…

    …ng rather than a tuple.
    
    Backport of r17571 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17572 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    SmileyChris committed Feb 22, 2012
Commits on Feb 20, 2012
  1. [1.3.X] Fixed #16758 - Added a warning regarding overriding default s…

    …ettings; thanks cyclops for the suggestion & Aymeric Augustin for the patch.
    
    Backport of r17566 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17567 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    timgraham committed Feb 20, 2012
  2. [1.3.X] Fixed #17390 - Added a note to topics/auth.txt regarding how …

    …to decorate class-based generic views; thanks zsiciarz for the patch.
    
    Backport of r17564 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17565 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    timgraham committed Feb 20, 2012
Commits on Feb 19, 2012
  1. [1.3.X] Fixed #17319 -- Made the example for set_language less error-…

    …prone. Backport of r17560 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17561 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Feb 19, 2012
  2. [1.3.X] Fixed #17166 -- Documented how FIXTURE_DIRS works in the init…

    …al data how-to, and edited related bits in the settings reference. Backport of r17558 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17559 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Feb 19, 2012
  3. [1.3.X] Fixed #17316 -- Mentionned that the MultipleProxyMiddleware p…

    …rovided as an example must run rather early. Backport of r17556 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17557 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Feb 19, 2012
  4. [1.3.X] Fixed #16452 -- Clarified that the DATE/DATETIME/TIME_INPUT_F…

    …ORMATS settings have no effect when USE_L10N is True. Backport of r17554 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17555 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Feb 19, 2012
  5. [1.3.X] Fixed #17573 -- Documented MySQL's switch to InnoDB as defaul…

    …t storage engine. Backport of r17552 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17553 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Feb 19, 2012