Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

This branch is 285 commits ahead and 5835 commits behind master

[1.4.x] Restrict the XML deserializer to prevent network and entity-e…

…xpansion DoS attacks.

This is a security fix. Disclosure and advisory coming shortly.
latest commit 1c60d07ba2
Carl Meyer carljm authored February 11, 2013
Octocat-spinner-32 cache Fixed #17286 -- Made sure all cache backends are set up to connect to… February 09, 2012
Octocat-spinner-32 files [1.4.x] Fixed a security issue in image uploading. Disclosure and rel… July 30, 2012
Octocat-spinner-32 handlers Fixed #17358 -- Updated logging calls to use official syntax for argu… February 09, 2012
Octocat-spinner-32 mail Made email attachment handling code accept non-ASCII filenames. January 15, 2012
Octocat-spinner-32 management [1.4.x] Fixed #18019 -- Use threaded runserver only when database sup… May 15, 2012
Octocat-spinner-32 serializers [1.4.x] Restrict the XML deserializer to prevent network and entity-e… February 19, 2013
Octocat-spinner-32 servers Fixed #6163 -- Made " help runfcgi" display proper default v… January 02, 2012
Octocat-spinner-32 Imported Django from private SVN repository (created from r. 8825) July 13, 2005
Octocat-spinner-32 Added support for time zones. Thanks Luke Plant for the review. Fixed… November 18, 2011
Octocat-spinner-32 Fixed #10405 -- Raise a more useful error if the formfield of a relat… August 12, 2011
Octocat-spinner-32 Remove an unused import from django.core.paginator May 20, 2011
Octocat-spinner-32 Major refactoring of django.dispatch with an eye towards speed. The n… August 06, 2008
Octocat-spinner-32 Fixed #16354 -- Fixed typo in signing docstring. Thanks, charettes. June 27, 2011
Octocat-spinner-32 Fixed #17734 -- Made sure to only redirect translated URLs if they ca… March 02, 2012
Octocat-spinner-32 Fixed #17100 -- Typo in the regex for EmailValidator. Thanks reames A… January 07, 2012
Octocat-spinner-32 Fixed #16360 -- Added WSGI entrypoint to startproject layout, and ena… October 22, 2011
Octocat-spinner-32 Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Th… January 10, 2010
Something went wrong with that request. Please try again.