Opened 5 years ago

Closed 5 years ago

#15821 closed Bug (fixed)

Django 1.3 release notes links to wrong "security issues" page

Reported by: semenov Owned by: nobody
Component: Documentation Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


In Django 1.3 release notes, it says: "Prior to Django 1.2.5, the Django administrative interface allowed filtering on any model field or relation -- not just those specified in list_filter -- via query string manipulation. Due to security issues reported to us, however, query string lookup arguments in the admin must be for fields or relations specified in list_filter or date_hierarchy."

However, the linked "security issues" page doesn't mention anything about the admin area and list_filter. The link should either be fixed, or removed.

Attachments (1)

15821.diff (817 bytes) - added by aaugustin 5 years ago.

Download all attachments as: .zip

Change History (5)

comment:1 Changed 5 years ago by semenov

  • Component changed from Uncategorized to Documentation
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Type changed from Uncategorized to Bug

Changed 5 years ago by aaugustin

comment:2 Changed 5 years ago by aaugustin

  • Has patch set
  • Version changed from 1.2 to SVN

comment:3 Changed 5 years ago by lukeplant

  • Triage Stage changed from Unreviewed to Ready for checkin

comment:4 Changed 5 years ago by adrian

  • Resolution set to fixed
  • Status changed from new to closed

In [16035]:

Fixed #15821 -- Removed incorrect link from docs/releases/1.3.txt

Note: See TracTickets for help on using tickets.
Back to Top