Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

This branch is 285 commits ahead and 5835 commits behind master

[1.4.x] Restrict the XML deserializer to prevent network and entity-e…

…xpansion DoS attacks.

This is a security fix. Disclosure and advisory coming shortly.
latest commit 1c60d07ba2
Carl Meyer carljm authored February 11, 2013
..
Octocat-spinner-32 cache Fixed #17286 -- Made sure all cache backends are set up to connect to… February 09, 2012
Octocat-spinner-32 files [1.4.x] Fixed a security issue in image uploading. Disclosure and rel… July 30, 2012
Octocat-spinner-32 handlers Fixed #17358 -- Updated logging calls to use official syntax for argu… February 09, 2012
Octocat-spinner-32 mail Made email attachment handling code accept non-ASCII filenames. January 15, 2012
Octocat-spinner-32 management [1.4.x] Fixed #18019 -- Use threaded runserver only when database sup… May 15, 2012
Octocat-spinner-32 serializers [1.4.x] Restrict the XML deserializer to prevent network and entity-e… February 19, 2013
Octocat-spinner-32 servers Fixed #6163 -- Made "manage.py help runfcgi" display proper default v… January 02, 2012
Octocat-spinner-32 __init__.py Imported Django from private SVN repository (created from r. 8825) July 13, 2005
Octocat-spinner-32 context_processors.py Added support for time zones. Thanks Luke Plant for the review. Fixed… November 18, 2011
Octocat-spinner-32 exceptions.py Fixed #10405 -- Raise a more useful error if the formfield of a relat… August 12, 2011
Octocat-spinner-32 paginator.py Remove an unused import from django.core.paginator May 20, 2011
Octocat-spinner-32 signals.py Major refactoring of django.dispatch with an eye towards speed. The n… August 06, 2008
Octocat-spinner-32 signing.py Fixed #16354 -- Fixed typo in signing docstring. Thanks, charettes. June 27, 2011
Octocat-spinner-32 urlresolvers.py Fixed #17734 -- Made sure to only redirect translated URLs if they ca… March 02, 2012
Octocat-spinner-32 validators.py Fixed #17100 -- Typo in the regex for EmailValidator. Thanks reames A… January 07, 2012
Octocat-spinner-32 wsgi.py Fixed #16360 -- Added WSGI entrypoint to startproject layout, and ena… October 22, 2011
Octocat-spinner-32 xheaders.py Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Th… January 10, 2010
Something went wrong with that request. Please try again.