Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#15253 closed (fixed)

1.1.3, 1.2.4, and 1.3 release notes lack mention of Dec. 2010 security fixes

Reported by: gwilson Owned by: nobody
Component: Documentation Version: master
Severity: Keywords: blocker
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

http://www.djangoproject.com/weblog/2010/dec/22/security/

In fact, there are no 1.1.3 release notes in trunk (didn't check if these were committed to 1.1.x branch).

Change History (9)

comment:1 Changed 4 years ago by gwilson

Also not exactly sure if we need to include in the 1.3 release notes or not since technically the changes will be mentioned in the 1.2.4 notes and 1.3 notes are changes from version 2.

comment:2 Changed 4 years ago by russellm

  • Keywords blocker added
  • Triage Stage changed from Unreviewed to Accepted

1.2.4 notes don't need any change, because it was the 1.2.5 releease :-)

I committed a note to the 1.2.5 release notes last night in r15478 (responding to #15245). #15259 indicates that there is a problem with the example, but once that is fixed, the same text should be cross ported into the 1.3 and 1.1.4 release notes.

And yes, it is needed in the 1.3 notes, because anyone upgrading from 1.2 to 1.3 will hit the problem.

comment:3 Changed 4 years ago by russellm

  • Resolution set to fixed
  • Status changed from new to closed

In [15482]:

Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

comment:3 Changed 4 years ago by russellm

In [15483]:

[1.2.X] Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

Backport of r15482 from trunk.

comment:4 Changed 4 years ago by russellm

In [15484]:

[1.1.X] Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

Backport of r15482 from trunk.

comment:5 Changed 4 years ago by russellm

  • Resolution fixed deleted
  • Status changed from closed to reopened

... and now I've just re-read the ticket title, and you're referring to the *December* security release, not yesterday's release.

comment:6 Changed 4 years ago by russellm

  • Resolution set to fixed
  • Status changed from reopened to closed

In [15485]:

Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

comment:7 Changed 4 years ago by russellm

In [15486]:

[1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

Backport of r15485 from trunk.

comment:8 Changed 4 years ago by russellm

In [15487]:

[1.1.X] [1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

Backport of r15485 from trunk.

Backport of r15486 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top