[django/django] 25d9ae: [1.5.x] Added release note stubs for 1.5.9 and 1.4...

[GitHub]

  Branch: refs/heads/stable/1.5.x
  Home:   https://github.com/django/django
  Commit: 25d9ae5214b59f06f385190733914eaa459751ff
      
https://github.com/django/django/commit/25d9ae5214b59f06f385190733914eaa459751ff
  Author: Tim Graham <timogra...@gmail.com>
  Date:   2014-08-20 (Wed, 20 Aug 2014)

  Changed paths:
    A docs/releases/1.4.14.txt
    A docs/releases/1.5.9.txt
    M docs/releases/index.txt

  Log Message:
  -----------
  [1.5.x] Added release note stubs for 1.5.9 and 1.4.14.


  Commit: 45ac9d4fb087d21902469fc22643f5201d41a0cd
      
https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd
  Author: Florian Apolloner <flor...@apolloner.eu>
  Date:   2014-08-20 (Wed, 20 Aug 2014)

  Changed paths:
    M django/core/urlresolvers.py
    M docs/releases/1.4.14.txt
    M docs/releases/1.5.9.txt
    M tests/regressiontests/urlpatterns_reverse/tests.py
    M tests/regressiontests/urlpatterns_reverse/urls.py

  Log Message:
  -----------
  [1.5.x] Prevented reverse() from generating URLs pointing to other hosts.

This is a security fix. Disclosure following shortly.


  Commit: 26cd48e166ac4d84317c8ee6d63ac52a87e8da99
      
https://github.com/django/django/commit/26cd48e166ac4d84317c8ee6d63ac52a87e8da99
  Author: Tim Graham <timogra...@gmail.com>
  Date:   2014-08-20 (Wed, 20 Aug 2014)

  Changed paths:
    M django/core/files/storage.py
    M docs/howto/custom-file-storage.txt
    M docs/ref/files/storage.txt
    M docs/releases/1.4.14.txt
    M docs/releases/1.5.9.txt
    M tests/modeltests/files/tests.py
    M tests/regressiontests/file_storage/tests.py

  Log Message:
  -----------
  [1.5.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file 
names.

This is a security fix. Disclosure following shortly.


  Commit: dd68f319b365f6cb38c5a6c106faf4f6142d7d88
      
https://github.com/django/django/commit/dd68f319b365f6cb38c5a6c106faf4f6142d7d88
  Author: Preston Holmes <pres...@ptone.com>
  Date:   2014-08-20 (Wed, 20 Aug 2014)

  Changed paths:
    M django/contrib/auth/middleware.py
    M django/contrib/auth/tests/remote_user.py
    M docs/releases/1.4.14.txt
    M docs/releases/1.5.9.txt

  Log Message:
  -----------
  [1.5.x] Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USE 
change.

This is a security fix. Disclosure following shortly.


  Commit: 2a446c896e7c814661fb9c4f212b071b2a7fa446
      
https://github.com/django/django/commit/2a446c896e7c814661fb9c4f212b071b2a7fa446
  Author: Simon Charette <charett...@gmail.com>
  Date:   2014-08-20 (Wed, 20 Aug 2014)

  Changed paths:
    A django/contrib/admin/exceptions.py
    M django/contrib/admin/options.py
    M django/contrib/admin/views/main.py
    M docs/releases/1.4.14.txt
    M docs/releases/1.5.9.txt
    M tests/regressiontests/admin_views/tests.py

  Log Message:
  -----------
  [1.5.x] Prevented data leakage in contrib.admin via query string manipulation.

This is a security fix. Disclosure following shortly.


Compare: https://github.com/django/django/compare/27ab82f7fc72...2a446c896e7c

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/53f4fcfd94c87_8a03fec705bf29c1010af%40hookshot-fe2-cp1-prd.iad.github.net.mail.
For more options, visit https://groups.google.com/d/optout.