Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#15253 closed (fixed)

1.1.3, 1.2.4, and 1.3 release notes lack mention of Dec. 2010 security fixes

Reported by: Gary Wilson Owned by: nobody
Component: Documentation Version: master
Severity: Keywords: blocker
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

http://www.djangoproject.com/weblog/2010/dec/22/security/

In fact, there are no 1.1.3 release notes in trunk (didn't check if these were committed to 1.1.x branch).

Change History (9)

comment:1 Changed 6 years ago by Gary Wilson

Also not exactly sure if we need to include in the 1.3 release notes or not since technically the changes will be mentioned in the 1.2.4 notes and 1.3 notes are changes from version 2.

comment:2 Changed 6 years ago by Russell Keith-Magee

Keywords: blocker added
Triage Stage: UnreviewedAccepted

1.2.4 notes don't need any change, because it was the 1.2.5 releease :-)

I committed a note to the 1.2.5 release notes last night in r15478 (responding to #15245). #15259 indicates that there is a problem with the example, but once that is fixed, the same text should be cross ported into the 1.3 and 1.1.4 release notes.

And yes, it is needed in the 1.3 notes, because anyone upgrading from 1.2 to 1.3 will hit the problem.

comment:3 Changed 6 years ago by Russell Keith-Magee

Resolution: fixed
Status: newclosed

In [15482]:

Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

comment:3 Changed 6 years ago by Russell Keith-Magee

In [15483]:

[1.2.X] Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

Backport of r15482 from trunk.

comment:4 Changed 6 years ago by Russell Keith-Magee

In [15484]:

[1.1.X] Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

Backport of r15482 from trunk.

comment:5 Changed 6 years ago by Russell Keith-Magee

Resolution: fixed
Status: closedreopened

... and now I've just re-read the ticket title, and you're referring to the *December* security release, not yesterday's release.

comment:6 Changed 6 years ago by Russell Keith-Magee

Resolution: fixed
Status: reopenedclosed

In [15485]:

Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

comment:7 Changed 6 years ago by Russell Keith-Magee

In [15486]:

[1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

Backport of r15485 from trunk.

comment:8 Changed 6 years ago by Russell Keith-Magee

In [15487]:

[1.1.X] [1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

Backport of r15485 from trunk.

Backport of r15486 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top