Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python-Django

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1198700 from Markéta Machová's avatar Markéta Machová (mcalabkova) (revision 122) 
- Update to 5.1.1 (bsc#1229823, bsc#1229824)
  * CVE-2024-45230: Potential denial-of-service vulnerability in
    django.utils.html.urlize()
  * CVE-2024-45231: Potential user email enumeration via response
    status on password reset
  * Fixed a regression in Django 5.1 that caused a crash of Window()
    when passing an empty sequence to the order_by parameter, and a
    crash of Prefetch() for a sliced queryset without ordering
  * Fixed a regression in Django 5.1 where a new usable_password field
    was included in BaseUserCreationForm (and children). A new
    AdminUserCreationForm including this field was added, isolating
    the feature to the admin where it was intended
  * Adjusted the deprecation warning stacklevel in Model.save() and
    Model.asave() to correctly point to the offending call site
  * Adjusted the deprecation warning stacklevel when using
    OS_OPEN_FLAGS in FileSystemStorage to correctly point to the
    offending call site
  * Adjusted the deprecation warning stacklevel in
    FieldCacheMixin.get_cache_name() to correctly point to the
    offending call site
  * Restored, following a regression in Django 5.1, the ability to
    override the timezone and role setting behavior used within the
    init_connection_state method of the PostgreSQL backend
  * Fixed a bug in Django 5.1 where variable lookup errors were logged
    when rendering admin fieldsets
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1192591 from Markéta Machová's avatar Markéta Machová (mcalabkova) (revision 120) 
- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1188243 from Markéta Machová's avatar Markéta Machová (mcalabkova) (revision 118) 
- This release also fixes several security issues:
  * bsc#1227590 (CVE-2024-38875)
  * bsc#1227593 (CVE-2024-39329)
  * bsc#1227594 (CVE-2024-39330)
  * bsc#1227595 (CVE-2024-39614)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1145400 from Daniel Garcia's avatar Daniel Garcia (dgarcia) (revision 113) 
- Add python3122.patch to fix tests with python 3.12.2
  gh#django/django#17843
- Update to 4.2.10 (bsc#1219683, CVE-2024-24680):
  - Django 4.2.10 fixes a security issue with severity "moderate" in
    4.2.9.
    CVE-2024-24680: Potential denial-of-service in intcomma template
    filter The intcomma template filter was subject to a potential
    denial-of-service attack when used with very long strings.
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1117946 from Daniel Garcia's avatar Daniel Garcia (dgarcia) (revision 108) 
- Update to 4.2.6 (bsc#1215978, CVE-2023-43665)
  * CVE-2023-43665: Denial-of-service possibility in
    django.utils.text.Truncator
    The input processed by Truncator, when operating in HTML mode, has
    been limited to the first five million characters in order to
    avoid potential performance and memory issues.
  * Fixed a regression in Django 4.2.5 where overriding the deprecated
    DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests
    caused the main STORAGES to mutate (#34821).
  * Fixed a regression in Django 4.2 that caused unnecessary casting
    of string based fields (CharField, EmailField, TextField,
    CICharField, CIEmailField, and CITextField) used with the __isnull
    lookup on PostgreSQL. As a consequence, indexes using an __isnull
    expression or condition created before Django 4.2 wouldn’t be used
    by the query planner, leading to a performance regression
    (#34840).
Displaying revisions 1 - 20 of 123
openSUSE Build Service is sponsored by
Places