Refs #13008 -- Forwardported 1.8.8 release note.

Forwardport of b51086d5 from stable/1.8.x

docs/ref/utils.txt

@@ -68,9 +68,9 @@ need to distinguish caches by the ``Accept-language`` header.
     Adds a ``Cache-Control: max-age=0, no-cache, no-store, must-revalidate``
     header to a response to indicate that a page should never be cached.
 
-    .. versionchanged:: 1.9
+    .. versionchanged:: 1.8.8
 
-        Before Django 1.9, ``Cache-Control: max-age=0`` was sent. This didn't
+        In older versions, ``Cache-Control: max-age=0`` was sent. This didn't
         reliably prevent caching in all browsers.
 
 .. function:: patch_vary_headers(response, newheaders)

docs/releases/1.8.8.txt

@@ -40,3 +40,11 @@ Bugfixes
 
 * Fixed a regression which prevented using a language not in Django's default
   language list (:setting:`LANGUAGES`) (:ticket:`25915`).
+
+* ``django.views.decorators.cache.never_cache()`` now sends more persuasive
+  headers (added ``no-cache, no-store, must-revalidate`` to ``Cache-Control``)
+  to better prevent caching (:ticket:`13008`). This fixes a problem where a
+  page refresh in Firefox cleared the selected entries in the admin's
+  ``filter_horizontal`` and ``filter_vertical`` widgets, which could result
+  in inadvertent data loss if a user didn't notice that and then submitted the
+  form (:ticket:`22955`).

docs/releases/1.9.txt

@@ -303,7 +303,7 @@ Cache
 
 * :func:`django.views.decorators.cache.never_cache` now sends more persuasive
   headers (added ``no-cache, no-store, must-revalidate`` to ``Cache-Control``)
-  to better prevent caching.
+  to better prevent caching. This was also added in Django 1.8.8.
 
 CSRF
 ^^^^