Permalink
Commits on Dec 10, 2012
Commits on Dec 3, 2012
  1. [1.3.X] Fixed a security issue in get_host.

    Full disclosure and new release forthcoming.
    apollo13 committed Nov 27, 2012
Commits on Nov 17, 2012
Commits on Oct 18, 2012
Commits on Oct 17, 2012
  1. Fixed a security issue related to password resets

    Full disclosure and new release are forthcoming
    
    backport from master
    ptone committed Oct 17, 2012
Commits on Aug 1, 2012
  1. [1.3.x] Fixed #18692 -- Restored python 2.4 compatibility.

    Thanks to chipx86 for the report.
    apollo13 committed Aug 1, 2012
Commits on Jul 30, 2012
  1. [1.3.x] Fixed a security issue in http redirects. Disclosure and new …

    …release forthcoming.
    
    Backport of 4129201 from master.
    apollo13 committed Jul 30, 2012
  2. [1.3.x] Fixed second security issue in image uploading. Disclosure an…

    …d release forthcoming.
    
    Backport of b1d4634 from master.
    apollo13 committed Jul 30, 2012
  3. [1.3.x] Fixed a security issue in image uploading. Disclosure and rel…

    …ease forthcoming.
    
    Backport of dd16b17 from master.
    apollo13 committed Jul 30, 2012
Commits on May 28, 2012
  1. Reverted "[1.3.x] Fixed #18135 -- Close connection used for db versio…

    …n checking"
    
    This reverts commit a15d3b5. Django
    1.3.x is in security fixes only state, and this wasn't a security
    issue.
    akaariai committed May 28, 2012
Commits on May 27, 2012
  1. [1.3.x] Fixed #18135 -- Close connection used for db version checking

    On MySQL when checking the server version, a new connection could be
    created but never closed. This could result in open connections on
    server startup.
    
    Backport of 4423757.
    newmaniese committed with akaariai May 27, 2012
Commits on Mar 31, 2012
  1. [1.3.X] Fixed #17972 -- Ensured that admin filters on a foreign key r…

    …espect the to_field attribute. This fixes a regression introduced in [14674] and Django 1.3. Thanks to graveyboat and Karen Tracey for the report.
    
    Backport of r17854 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jphalip committed Mar 31, 2012
Commits on Mar 25, 2012
  1. [1.3.X] Fixed #17634 -- Optimized the performance of MultiValueDict b…

    …y using append instead of copy and by minimizing the number of dict lookups. Backport of r17464 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 25, 2012
Commits on Mar 24, 2012
  1. [1.3.X] Avoided a test failure if the settings module used to run the…

    … test suite is called "test_settings".
    
    The globbing feature and this test were removed in 1.4.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
  2. [1.3.x] Fixed #16481 -- Adapted one raw SQL query in cull implementat…

    …ion of the database-based cache backend so it works with Oracle. Backport of r16635 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17805 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
  3. [1.3.X] Fixed #16677 -- Fixed the future version of the ssi template …

    …tag to work with template file names that contain spaces. Backport of r16687 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
  4. [1.3.X] Fixed #16812 -- Percent-encode URLs in verify_exists, to fix …

    …test failures on Python 2.5 and 2.6. Backport of r16838 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    aaugustin committed Mar 24, 2012
Commits on Mar 17, 2012
  1. [1.3.X] Fixed #17488 -- This test passed in 2011 only because 2012-01…

    …-01 is a Sunday. Thanks Florian Apolloner for the report and patch.
    
    Fixes #17912. Thanks Julien for the report.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17759 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    ramiro committed Mar 17, 2012
Commits on Mar 16, 2012
  1. [1.3.X] Fixed #17841 -- Clarified caching note about authentication b…

    …ackends. Thanks auzigog for the proposal and lukegb for the patch.
    
    Backport of r17752 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17753 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 16, 2012
  2. [1.3.X] Fixed #17908 -- Made some `contrib.markup` tests be skipped s…

    …o they don't fail on old versions of Markdown. Thanks to Preston Holmes for the patch.
    
    Backport of r17749 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17750 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jphalip committed Mar 16, 2012
  3. [1.3.X] Ensured that some staticfiles tests get properly cleaned up o…

    …n teardown. Thanks to Claude Paroz for the patch.
    
    Backport of r17747 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17748 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jphalip committed Mar 16, 2012
Commits on Mar 15, 2012
  1. [1.3.X] Fixed #17900 -- StreamHandler output defaults to stderr. Than…

    …ks c4m3lo for the report.
    
    Backport of r17741 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17742 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 15, 2012
Commits on Mar 14, 2012
  1. [1.3.X] Fixed #17837. Improved markdown safety.

    Markdown enable_attributes is now False when safe_mode is enabled. Documented
    the markdown "safe" argument. Added warnings when the safe argument is
    passed to versions of markdown which cannot be made safe.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17734 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    PaulMcMillan committed Mar 14, 2012
  2. [1.3.X] Updated some outdated external URLs in docs.

    Backport of r17710 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 14, 2012
Commits on Mar 13, 2012
  1. Fixed #17584 -- Updated create_template_postgis-debian.sh script for …

    …PostgreSQL 9.1 installs. Thanks akaihola for the initial patch.
    
    Backport of r17706 from trunk.
    
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    claudep committed Mar 13, 2012
Commits on Mar 12, 2012
  1. [1.3.X] Fixed the localization docs a little to point to the correct …

    …Transifex URL. Also reworded it a bit to follow the site's new UI.
    
    Backport from trunk (r17690).
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17691 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jezdez committed Mar 12, 2012
Commits on Mar 1, 2012
  1. [1.3.X] Fixed #17737 -- Stopped the collectstatic management command …

    …from copying the wrong file in repeated runs. Thanks, pigletto.
    
    Backport from trunk (r17612).
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17613 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    jezdez committed Mar 1, 2012
  2. [1.3.X] Fixed broken link to python-markdown in contrib.markup docs.

    Backport of r17608 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    carljm committed Mar 1, 2012
Commits on Feb 25, 2012
Commits on Feb 24, 2012
  1. [1.3.X] Fixed #17757 - Typo in docs/intro/overview.txt; thanks kaushi…

    …k1618.
    
    Backport of r17584 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17585 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    timgraham committed Feb 24, 2012
  2. [1.3.X] Fixed #17749 - Documented better way of overriding ModelAdmin…

    …; thanks chrisdpratt and claudep.
    
    Backport of r17582 from trunk.
    
    git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17583 bcc190cf-cafb-0310-a4f2-bffc1f526a37
    timgraham committed Feb 24, 2012