Hi all,
We took an defense-in-depth approach which seemed fined with our test suite.
But it turns out, there are cases that weren't covered by tests which caused a
regression in a few specific cases. This is tracked in
https://code.djangoproject.com/ticket/32718
Cheers,
Markus
On Fri, May
It seems to me that the release note for 2.2.21 is incomplete. It says,
"Specifically, empty file names and paths with dot segments will be
rejected."
But it's stricter than that: any path component causes the path to be
rejected:
> if name != os.path.basename(name):
> raise
Today the Django team issued 1.10.3, 1.9.11, and 1.8.16 as part of our
security process. These releases address two security issues, and we
encourage all users to upgrade as soon as possible.
Details are available on the Django project weblog:
Today the Django team issued 1.9.10 and 1.8.15 as part of our security
process. These releases address a security issue, and we encourage all
users to upgrade as soon as possible.
Details are available on the Django project weblog:
Today the Django team issued 1.10 release candidate 1, 1.9.8, and 1.8.14 as
part of our security process. This releases address a security issue, and
we encourage all users to upgrade as soon as possible.
Details are available on the Django project weblog:
Please create a separate thread with some details such as a sample project
with steps to reproduce the issue so we can determine if it's a problem in
Django or in your application. Thanks!
On Wednesday, March 2, 2016 at 8:49:03 PM UTC-5, José David Ordoñez wrote:
>
> After upgrading django
After upgrading django 1.8.9 to 1.8.10 my i18n/setlang/ went crazy
"TypeError: must be unicode not str" when using {% url 'set_language' %} by
going back to 1.8.9 solved the issue.
El martes, 1 de marzo de 2016, 12:50:27 (UTC-4:30), Tim Graham escribió:
>
> Today the Django team issued 1.9.3
Today the Django team issued 1.9.3 and 1.8.10 as part of our security
process. This releases address two security issues, and we encourage all
users to upgrade as soon as possible.
Details are available on the Django project weblog:
Today the Django team issued multiple releases -- Django 1.7.11, 1.8.7, and
1.9rc2 -- as part of our security process. These releases address a
security issue, and we encourage all users to upgrade as soon as possible.
More details can be found on our blog:
Today the Django team issued multiple releases -- Django 1.4.22, 1.7.10,
and 1.8.4 -- as part of our security process. These releases address a
security issue, and we encourage all users to upgrade as soon as possible.
More details can be found on our blog:
Today the Django team issued multiple releases -- Django 1.4.21, 1.7.9, and
1.8.3 -- as part of our security process. These releases address a couple
security issues, and we encourage all users to upgrade as soon as possible.
More details can be found on our blog:
Today we've issued releases to address four security issues reported to us.
Full disclosure is on the djangoproject.com weblog:
https://www.djangoproject.com/weblog/2014/aug/20/security/
All users are encouraged to upgrade.
Additionally, for anyone who missed it, last week we published an
Today we've issued releases to remedy three security issues reported to us.
Affected versions are Django 1.4, Django 1.5, Django 1.6 and the Django 1.7
beta.
Full details and download information are on the Django project weblog:
Today we've issued releases to remedy three security issues reported to us.
Affected versions are Django 1.4, Django 1.5, Django 1.6 and the Django 1.7
beta.
Full details and download information are on the Django project weblog:
https://www.djangoproject.com/weblog/2014/apr/21/security/
--
14 matches
Mail list logo