Code

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#15245 closed (fixed)

Django 1.2.5 release notes do not reflect changes listed in weblog post regarding security release

Reported by: mail@… Owned by: nobody
Component: Documentation Version: 1.2
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

The security changes discussed on the Django weblog at:
http://www.djangoproject.com/weblog/2011/feb/08/security/
are not reflected in the Django 1.2.5 release notes in the tarball or website at:
http://docs.djangoproject.com/en/1.2/releases/1.2.5/.

Additionally these release notes mention further backwards incompatible changes which are not mentioned on the weblog posting.

Attachments (0)

Change History (3)

comment:1 Changed 3 years ago by russellm

  • Component changed from Uncategorized to Documentation
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Accepted

There's not much we can do post-facto about the weblog entry; however, the release notes should be updated to include details about the issues with the security release.

comment:2 Changed 3 years ago by russellm

  • Resolution set to fixed
  • Status changed from new to closed

In [15478]:

Fixed #15245 -- Added note about the CSRF AJAX exception to the 1.2.5 release notes. Thanks to Matt Austin for the report.

comment:3 Changed 3 years ago by russellm

In [15480]:

(The changeset message doesn't reference this ticket)

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.