Django 1.4.18 release notes WSGI header spoofing via underscore/dash conflation Mitigated possible XSS attack via user-supplied redirect URLs Denial-of-service attack against dja...

Django 1.4.19 release notes 漏洞修复 Django 1.4.19 release notes January 27, 2015 Django 1.4.19 fixes a regression in the 1.4.18 security release. 漏洞修复 GZipMiddleware now su...

Django 1.4.20 release notes Mitigated possible XSS attack via user-supplied redirect URLs Django 1.4.20 release notes March 18, 2015 Django 1.4.20 fixes one security issue in...

Django 1.4.22 release notes Denial-of-service possibility in logout() view by filling session store Django 1.4.22 release notes August 18, 2015 Django 1.4.22 fixes a securit...

Django 1.5.4 release notes Denial-of-service via password hashers Corrected usage of django.contrib.auth ’s admin 漏洞修复 Django 1.5.4 release notes September 14, 2013 This i...

Django 1.5.8 release notes Caches may incorrectly be allowed to store and serve private data Malformed redirect URLs from user input not correctly validated Django 1.5.8 rele...

Django 1.5.12 release notes 漏洞修复 Django 1.5.12 release notes January 2, 2015 Django 1.5.12 fixes a regression in the 1.5.9 security release. 漏洞修复 Fixed a regression with ...

Django 1.6.1 release notes Bug fixes Django 1.6.1 release notes December 12, 2013 This is Django 1.6.1, a bugfix release for Django 1.6. In addition to the bug fixes listed b...

Django 1.6.3 release notes Unexpected code execution using reverse() Caching of anonymous pages could reveal CSRF token MySQL typecasting select_for_update() requires a transa...

Django 1.6.7 release notes 漏洞修复 Django 1.6.7 release notes September 2, 2014 Django 1.6.7 fixes several bugs in 1.6.6, including a regression related to a security fix in tha...