Upgrade Django to resolve security vulnerabilities #886

amplifi · 2016-11-01T10:10:11Z

Current version: 1.9.6
Latest stable version: 1.10.2

Multiple vulns affecting v1.9, listed here: https://docs.djangoproject.com/en/1.10/releases/security/

Changelogs for upgrading from 1.9.6 to 1.10.2: https://docs.djangoproject.com/en/1.10/releases/

Note there are some backwards incompatible changes when coming from 1.9.x: https://docs.djangoproject.com/en/1.10/releases/1.10/#backwards-incompatible-1-10

seav · 2016-11-01T10:12:25Z

Resolving this issue should also resolve #537, though the latter should be confirmed to be fixed first before closing.

oliverroick · 2016-11-01T10:28:30Z

I opened a #887 to upgrade to Django 1.9.10, which has the necessary security fixes. Upgrading to 1.10 will take a bit longer, because of incompatible changes.

amplifi added the security label Nov 1, 2016

amplifi self-assigned this Nov 11, 2016

oliverroick added this to the Sprint 11 milestone Nov 14, 2016

oliverroick modified the milestones: Sprint 11, Sprint 12 Dec 12, 2016

oliverroick mentioned this issue Dec 21, 2016

Upgrade Django to 1.10 and improve json-attrs performance #1015

Merged

12 tasks

amplifi added a commit that referenced this issue Jan 3, 2017

Merge branch 'master' into security/#886

a19d692

amplifi closed this as completed in #1015 Jan 11, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade Django to resolve security vulnerabilities #886

Upgrade Django to resolve security vulnerabilities #886

amplifi commented Nov 1, 2016

seav commented Nov 1, 2016

oliverroick commented Nov 1, 2016

Upgrade Django to resolve security vulnerabilities #886

Upgrade Django to resolve security vulnerabilities #886

Comments

amplifi commented Nov 1, 2016

seav commented Nov 1, 2016

oliverroick commented Nov 1, 2016