Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

This branch is 226 commits ahead, 10044 commits behind master

[1.3.x] Restrict the XML deserializer to prevent network and entity-e…

…xpansion DoS attacks.

This is a security fix. Disclosure and advisory coming shortly.
latest commit d19a27066b
Carl Meyer carljm authored aaugustin committed
..
Failed to load latest commit information.
cache [1.3.x] Fixed #16481 -- Adapted one raw SQL query in cull implementat…
files [1.3.x] Fixed a security issue in image uploading. Disclosure and rel…
handlers [1.3.X] Fixed #16004 - csrf_protect does not send cookie if view retu…
mail Fixed #15520 -- Fixed incompatibility with email module shipped with …
management [1.3.X] Fixed #17078: properly invoke IPython 0.12.
serializers [1.3.x] Restrict the XML deserializer to prevent network and entity-e…
servers Fixed #15531 -- Partially reverted [15701] due to compatibility issue…
__init__.py Imported Django from private SVN repository (created from r. 8825)
context_processors.py Fixed #15299 -- Started the process of migrating the auth context pro…
exceptions.py Add warning when using cache keys that might not work with memcached.
paginator.py Removed several deprecated features for 1.0 (refs #7830):
signals.py Major refactoring of django.dispatch with an eye towards speed. The n…
template_loader.py MERGED MAGIC-REMOVAL BRANCH TO TRUNK. This change is highly backwards…
urlresolvers.py Refactor all uses of thread locals to be more consistant and sane.
validators.py [1.3.X] Fixed #16812 -- Percent-encode URLs in verify_exists, to fix …
xheaders.py Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Th…
Something went wrong with that request. Please try again.