Skip to content
Commits on Feb 20, 2013
  1. @ubernostrum
  2. @carljm
  3. @carljm
  4. @carljm
Commits on Feb 19, 2013
  1. @ubernostrum
  2. @carljm
  3. @aaugustin @carljm

    [1.4.x] Added a default limit to the maximum number of forms in a for…

    aaugustin committed with carljm Feb 12, 2013
    This is a security fix. Disclosure and advisory coming shortly.
  4. @carljm

    [1.4.x] Checked object permissions on admin history view.

    carljm committed Feb 4, 2013
    This is a security fix. Disclosure and advisory coming shortly.
    Patch by Russell Keith-Magee.
  5. @carljm

    [1.4.x] Restrict the XML deserializer to prevent network and entity-e…

    carljm committed Feb 11, 2013
    …xpansion DoS attacks.
    This is a security fix. Disclosure and advisory coming shortly.
  6. @carljm

    [1.4.x] Added ALLOWED_HOSTS setting for HTTP host header validation.

    carljm committed Feb 9, 2013
    This is a security fix; disclosure and advisory coming shortly.
Commits on Feb 16, 2013
  1. @timgraham

    [1.4.x] Fixed #19824 - Corrected the class described for Field.primar…

    timgraham committed Feb 16, 2013
    …y_key from IntegerField to AutoField.
    Thanks Keryn Knight.
    Backport of 218bbef from master
  2. @timgraham

    [1.4.x] Fixed #19812 - Removed a duplicate phrase in the widget docs.

    timgraham committed Feb 16, 2013
    Thanks diegueus9 for the report and itsallvoodoo for the draft patch.
    Backport of 7a80904 from master
  3. @phantummm @timgraham

    [1.4.x] Fixed #19719 - Removed misleading example from ModelForm docu…

    phantummm committed with timgraham Feb 16, 2013
    Backport of 976dc07 from master
Commits on Feb 13, 2013
  1. @timgraham

    [1.4.x] Fixed #19815 - Removed an unused import in tutorial 3.

    timgraham committed Feb 12, 2013
    Thanks pedro.calcao@ for the report.
Commits on Feb 12, 2013
  1. @akaariai

    [1.4.x] Removed try-except in django.db.close_connection()

    akaariai committed Feb 12, 2013
    The reason was that the except clause needed to remove a connection
    from the django.db.connections dict, but other parts of Django do not
    expect this to happen. In addition the except clause was silently
    swallowing the exception messages.
    Refs #19707, special thanks to Carl Meyer for pointing out that this
    approach should be taken.
Commits on Feb 11, 2013
  1. @claudep

    Fixed WSGIPythonPath instruction in deployment docs

    claudep committed Feb 11, 2013
    Partial backport of 3abf610 from master. Refs #19042.
Commits on Feb 10, 2013
  1. @akaariai

    [1.4.x] Made custom m2m fields without through easier to use

    akaariai committed Feb 10, 2013
    The change in f105fbe made through=None
    m2m fields fail in cases where they worked before. It isn't possible to
    create such fields using public APIs. The fix is trivial, so it seems
    worth fixing this for custom m2m field users.
    This is not a backport from master. Master has gotten enough other
    changes to related fields internal API that this fix alone isn't enough
    to do any good.
  2. @akaariai
  3. @akaariai

    [1.4.x] Fixed #19645 -- Added tests for TransactionMiddleware

    akaariai committed Feb 10, 2013
    Backpatch of f556df9. Backpatching
    these tests so that it will be easier to backpatch the fix for #19707.
Commits on Feb 7, 2013
  1. @timgraham

    [1.4.x] Fixed #19756 - Corrected a ManyToMany example and added some …

    timgraham committed Feb 7, 2013
    …links and markup.
    Backport of 43efefa from master
Commits on Feb 2, 2013
  1. @claudep

    [1.4.x] Fixed #19702 -- Changed a SQL command syntax to be MySQL 4-co…

    claudep committed Feb 2, 2013
    Thanks matf at for the report.
  2. @claudep

    [1.5.x] Lowered field ordering requirement in ogrinspect test

    claudep committed Feb 2, 2013
    This test was randomly failing depending on the library environment.
    Backport of a1c470a from master.
  3. @claudep

    [1.4.x] Fixed #18144 -- Added backwards compatibility with old unsalt…

    claudep committed Feb 2, 2013
    …ed MD5 passwords
    Thanks apreobrazhensky at for the report.
    Backport of 63d6a50 from master.
Commits on Jan 17, 2013
  1. @timgraham

    [1.4.x] Fixed #19555 - Removed '2012' from tutorial 1.

    timgraham committed Jan 8, 2013
    Thanks rodrigorosa.lg and others for the report.
    Backport of 99315f7 from master
Commits on Jan 10, 2013
  1. @timgraham

    [1.4.x] Addeded CSS to bold deprecation notices.

    timgraham committed Jan 9, 2013
    Thanks Sam Lai for mentioning this on the mailing list.
    Backport of 227bd3f from master
Commits on Dec 21, 2012
  1. @timgraham

    [1.4.X] Fixed #19506 - Remove 'mysite' prefix in model example.

    timgraham committed Dec 21, 2012
    Thanks Mike O'Connor for the report.
    Backport of 52a2588 from master
Commits on Dec 19, 2012
  1. @ramiro
Commits on Dec 15, 2012
  1. @alex @timgraham

    [1.4.X] Fixed #18099 -- corrected a typo in the initial data docs. Th…

    alex committed with timgraham Apr 11, 2012
    …anks to Bradley Ayers for the patch.
    Backport of f5a9e5e from master
Commits on Dec 10, 2012
  1. @apollo13

    [1.4.X] Fixed a test failure in the comment tests.

    apollo13 committed Dec 10, 2012
    Backport of 1eb0da1 from master.
  2. @ubernostrum
  3. @apollo13

    [1.4.X] Fixed a security issue in get_host.

    apollo13 committed Nov 27, 2012
    Full disclosure and new release forthcoming.
  4. @apollo13
Commits on Dec 4, 2012
  1. @jphalip
  2. @sebasmagri @jphalip

    [1.4.x] Fixed #19318 -- Ensured that the admin's SimpleListFilter opt…

    sebasmagri committed with jphalip Nov 18, 2012
    …ions can be displayed as selected even if the lookup's first element is not a string.
    Backport of 88e1715
Commits on Nov 24, 2012
  1. @akaariai
Something went wrong with that request. Please try again.