0
0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Commit Graph

5 Commits

Author SHA1 Message Date
Simon Charette
53ff096982 Prevented data leakage in contrib.admin via query string manipulation.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Preston Holmes
5307ce565f Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USER change.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Tim Graham
0d8d30b7dd Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file names.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Florian Apolloner
28e765810d Prevented reverse() from generating URLs pointing to other hosts.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Tim Graham
ec71191be0 Added release note stubs for 1.5.9 and 1.4.14. 2014-08-20 14:39:40 -04:00