Opened 14 years ago

Closed 14 years ago

Last modified 14 years ago

#15253 closed (fixed)

1.1.3, 1.2.4, and 1.3 release notes lack mention of Dec. 2010 security fixes

Reported by: Gary Wilson Owned by: nobody
Component: Documentation Version: dev
Severity: Keywords: blocker
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

http://www.djangoproject.com/weblog/2010/dec/22/security/

In fact, there are no 1.1.3 release notes in trunk (didn't check if these were committed to 1.1.x branch).

Change History (9)

comment:1 by Gary Wilson, 14 years ago

Also not exactly sure if we need to include in the 1.3 release notes or not since technically the changes will be mentioned in the 1.2.4 notes and 1.3 notes are changes from version 2.

comment:2 by Russell Keith-Magee, 14 years ago

Keywords: blocker added
Triage Stage: UnreviewedAccepted

1.2.4 notes don't need any change, because it was the 1.2.5 releease :-)

I committed a note to the 1.2.5 release notes last night in r15478 (responding to #15245). #15259 indicates that there is a problem with the example, but once that is fixed, the same text should be cross ported into the 1.3 and 1.1.4 release notes.

And yes, it is needed in the 1.3 notes, because anyone upgrading from 1.2 to 1.3 will hit the problem.

comment:3 by Russell Keith-Magee, 14 years ago

Resolution: fixed
Status: newclosed

In [15482]:

Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

comment:3 by Russell Keith-Magee, 14 years ago

In [15483]:

[1.2.X] Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

Backport of r15482 from trunk.

comment:4 by Russell Keith-Magee, 14 years ago

In [15484]:

[1.1.X] Fixed #15253, #15259 -- Added 1.1.4 release notes, added a section on CSRF changes to the 1.3 release notes, and corrected the example in the 1.2.5 release notes. Thanks to Gary Wilson and Mark Hellewell for the reports.

Backport of r15482 from trunk.

comment:5 by Russell Keith-Magee, 14 years ago

Resolution: fixed
Status: closedreopened

... and now I've just re-read the ticket title, and you're referring to the *December* security release, not yesterday's release.

comment:6 by Russell Keith-Magee, 14 years ago

Resolution: fixed
Status: reopenedclosed

In [15485]:

Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

comment:7 by Russell Keith-Magee, 14 years ago

In [15486]:

[1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

Backport of r15485 from trunk.

comment:8 by Russell Keith-Magee, 14 years ago

In [15487]:

[1.1.X] [1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.

Backport of r15485 from trunk.

Backport of r15486 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top