Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.2
python3-Django
python3-Django.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python3-Django.changes of Package python3-Django
------------------------------------------------------------------- Sun Aug 23 00:19:59 UTC 2015 - arun@gmx.de - update to version 1.8.4: * Denial-of-service possibility in logout() view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout() view (provided it wasn’t decorated with login_required() as done in the admin). This could allow an attacker to easily create many new session records by sending repeated requests, potentially filling up the session store or causing other users’ session records to be evicted. The SessionMiddleware has been modified to no longer create empty session records. * Bugfixes + Added the ability to serialize values from the newly added UUIDField (#25019). + Added a system check warning if the old TEMPLATE_* settings are defined in addition to the new TEMPLATES setting. + Fixed QuerySet.raw() so InvalidQuery is not raised when using the db_column name of a ForeignKey field with primary_key=True (#12768). + Prevented an exception in TestCase.setUpTestData() from leaking the transaction (#25176). + Fixed has_changed() method in contrib.postgres.forms.HStoreField (#25215, #25233). + Fixed the recording of squashed migrations when running the migrate command (#25231). + Moved the unsaved model instance assignment data loss check to Model.save() to allow easier usage of in-memory models (#25160). + Prevented varchar_patterns_ops and text_patterns_ops indexes for ArrayField (#25180). ------------------------------------------------------------------- Mon Jul 13 20:28:51 UTC 2015 - arun@gmx.de - update to version 1.8.3: * Django 1.8.3 fixes several security issues and bugs in 1.8.2. * bugfixes + Fixed BaseRangeField.prepare_value() to use each base_field’s prepare_value() method (#24841). + Fixed crash during makemigrations if a migrations module either is missing __init__.py or is a file (#24848). + Fixed QuerySet.exists() returning incorrect results after annotation with Count() (#24835). + Corrected HStoreField.has_changed() (#24844). + Reverted an optimization to the CSRF template context processor which caused a regression (#24836). + Fixed a regression which caused template context processors to overwrite variables set on a RequestContext after it’s created (#24847). + Prevented the loss of null/not null column properties during field renaming of MySQL databases (#24817). + Fixed a crash when using a reverse one-to-one relation in ModelAdmin.list_display (#24851). + Fixed quoting of SQL when renaming a field to AutoField in PostgreSQL (#24892). + Fixed lack of unique constraint when changing a field from primary_key=True to unique=True (#24893). + Fixed queryset pickling when using prefetch_related() after deleting objects (#24831). + Allowed using choices longer than 1 day with DurationField (#24897). + Fixed a crash when loading squashed migrations from two apps with a dependency between them, where the dependent app’s replaced migrations are partially applied (#24895). + Fixed recording of applied status for squashed (replacement) migrations (#24628). + Fixed queryset annotations when using Case expressions with exclude() (#24833). + Corrected join promotion for multiple Case expressions. Annotating a query with multiple Case expressions could unexpectedly filter out results (#24924). + Fixed usage of transforms in subqueries (#24744). + Fixed SimpleTestCase.assertRaisesMessage() on Python 2.7.10 (#24903). + Provided better backwards compatibility for the verbosity argument in optparse management commands by casting it to an integer (#24769). + Fixed prefetch_related() on databases other than PostgreSQL for models using UUID primary keys (#24912). + Fixed removing unique_together constraints on MySQL (#24972). + Fixed crash when uploading images with MIME types that Pillow doesn’t detect, such as bitmap, in forms.ImageField (#24948). + Fixed a regression when deleting a model through the admin that has a GenericRelation with a related_query_name (#24940). + Reallowed non-ASCII values for ForeignKey.related_name on Python 3 by fixing the false positive system check (#25016). + Fixed inline forms that use a parent object that has a UUIDField primary key and a child object that has an AutoField primary key (#24958). + Fixed a regression in the unordered_list template filter on certain inputs (#25031). + Fixed a regression in URLValidator that invalidated Punycode TLDs (#25059). + Improved pyinotify runserver polling (#23882). ------------------------------------------------------------------- Sun May 24 18:25:25 UTC 2015 - arun@gmx.de - update to version 1.8.2: * security fix + Fixed session flushing in the cached_db backend * bugfixes + Fixed check for template engine alias uniqueness (#24685). + Fixed crash when reusing the same Case instance in a query (#24752). + Corrected join promotion for Case expressions. For example, annotating a query with a Case expression could unexpectedly filter out results (#24766). + Fixed negated Q objects in expressions. Cases like Case(When(~Q(friends__age__lte=30))) tried to generate a subquery which resulted in a crash (#24705). + Fixed incorrect GROUP BY clause generation on MySQL when the query’s model has a self-referential foreign key (#24748). + Implemented ForeignKey.get_db_prep_value() so that ForeignKeys pointing to UUIDField and inheritance on models with UUIDField primary keys work correctly (#24698, #24712). + Fixed isnull lookup for HStoreField (#24751). + Fixed a MySQL crash when a migration removes a combined index (unique_together or index_together) containing a foreign key (#24757). + Fixed session cookie deletion when using SESSION_COOKIE_DOMAIN (#24799). + On PostgreSQL, when no access is granted for the postgres database, Django now falls back to the default database when it normally requires a “no database” connection (#24791). + Fixed display of contrib.admin’s ForeignKey widget when it’s used in a row with other fields (#24784). ------------------------------------------------------------------- Sat May 9 19:09:12 UTC 2015 - arun@gmx.de - update to version 1.8.1: * Added support for serializing timedelta objects in migrations (#24566). * Restored proper parsing of the testserver command’s positional arguments (fixture names) (#24571). * Prevented TypeError in translation functions check_for_language() and get_language_bidi() when translations are deactivated (#24569). * Fixed squashmigrations command when using SeparateDatabaseAndState (#24278). * Stripped microseconds from datetime values when using an older version of the MySQLdb DB API driver as it does not support fractional seconds (#24584). * Fixed a migration crash when altering ManyToManyFields (#24513) * Fixed a crash with QuerySet.update() on foreign keys to one-to-one fields (#24578). * Fixed a regression in the model detail view of admindocs when a model has a reverse foreign key relation (#24624). * Prevented arbitrary file inclusions in admindocs (#24625). * Fixed a crash with QuerySet.update() on foreign keys to instances with uuid primary keys (#24611). * Fixed database introspection with SQLite 3.8.9 (released April 8, 2015) (#24637). * Updated urlpatterns examples generated by startproject to remove usage of referencing views by dotted path in url() which is deprecated in Django 1.8 (#24635). * Fixed queries where an expression was referenced in order_by(), but wasn’t part of the select clause. An example query is qs.annotate(foo=F('field')).values('pk').order_by('foo')) (#24615). * Fixed a database table name quoting regression (#24605). * Prevented the loss of null/not null column properties during field alteration of MySQL databases (#24595). * Fixed JavaScript path of contrib.admin’s related field widget when using alternate static file storages (#24655). * Fixed a migration crash when adding new relations to models (#24573). * Fixed a migration crash when applying migrations with model managers on Python 3 that were generated on Python 2 (#24701). * Restored the ability to use iterators as queryset filter arguments (#24719). * Fixed a migration crash when renaming the target model of a many-to-many relation (#24725). * Removed flushing of the test database with --keepdb, which prevented apps with data migrations from using the option (#24729). * Fixed makemessages crash in some locales (#23271). * Fixed help text positioning of contrib.admin fields that use the ModelAdmin.filter_horizontal and filter_vertical options (#24676). * Fixed AttributeError: function ‘GDALAllRegister’ not found error when initializing contrib.gis on Windows. * Changed ModelState to deepcopy fields instead of deconstructing and reconstructing (#24591). This speeds up the rendering of model states and reduces memory usage when running manage.py migrate. ------------------------------------------------------------------- Fri Apr 3 00:09:16 UTC 2015 - arun@gmx.de - update to version 1.8: * long list of changes, please see: https://docs.djangoproject.com/en/1.8/releases/1.8/ ------------------------------------------------------------------- Thu Jan 15 21:20:17 UTC 2015 - arun@gmx.de - update to version 1.7.3: * security issues + WSGI header spoofing via underscore/dash conflation + Mitigated possible XSS attack via user-supplied redirect URLs + Denial-of-service attack against "django.views.static.serve" + Database denial-of-service with "ModelMultipleChoiceField" * bugfixes + The default iteration count for the PBKDF2 password hasher has been increased by 25%. This part of the normal major release process was inadvertently omitted in 1.7. This backwards compatible change will not affect users who have subclassed "django.contrib.auth.hashers.PBKDF2PasswordHasher" to change the default value. + Fixed a crash in the CSRF middleware when handling non-ASCII referer header (:ticket:'23815'). + Fixed a crash in the "django.contrib.auth.redirect_to_login" view when passing a :func:'~django.core.urlresolvers.reverse_lazy' result on Python 3 (:ticket:'24097'). + Added correct formats for Greek ("el") (:ticket:'23967'). + Fixed a migration crash when unapplying a migration where multiple operations interact with the same model (:ticket:'24110'). ------------------------------------------------------------------- Sun Jan 11 12:51:50 UTC 2015 - p.drouand@gmail.com - South has been merged in main Django; provide and obsolete it ------------------------------------------------------------------- Sun Jan 4 20:18:15 UTC 2015 - arun@gmx.de - specfile: update copyright year - update to version 1.7.2: * Fixed migration's renaming of auto-created many-to-many tables when changing :attr:Meta.db_table <django.db.models.Options.db_table> (:ticket:23630). * Fixed a migration crash when adding an explicit "id" field to a model on SQLite (:ticket:23702). * Added a warning for duplicate models when a module is reloaded. Previously a "RuntimeError" was raised every time two models clashed in the app registry. (:ticket:23621). * Prevented :djadmin:flush from loading initial data for migrated apps (:ticket:23699). * Fixed a :djadmin:makemessages regression in 1.7.1 when :setting:STATIC_ROOT has the default "None" value (:ticket:23717). * Added GeoDjango compatibility with mysqlclient database driver. * Fixed MySQL 5.6+ crash with "GeometryField"\s in migrations (:ticket:23719). * Fixed a migration crash when removing a field that is referenced in "AlterIndexTogether" or "AlterUniqueTogether" (:ticket:23614). * Updated the first day of the week in the Ukrainian locale to Monday. * Added support for transactional spatial metadata initialization on SpatiaLite 4.1+ (:ticket:23152). * Fixed a migration crash that prevented changing a nullable field with a default to non-nullable with the same default (:ticket:23738). * Fixed a migration crash when adding "GeometryField"\s with "blank=True" on PostGIS (:ticket:23731). * Allowed usage of "DateTimeField()" as "Transform.output_field" (:ticket:23420). * Fixed a migration serializing bug involving "float("nan")" and "float("inf")" (:ticket:23770). * Fixed a regression where custom form fields having a "queryset" attribute but no "limit_choices_to" could not be used in a :class:~django.forms.ModelForm (:ticket:23795). * Fixed a custom field type validation error with MySQL backend when "db_type" returned "None" (:ticket:23761). * Fixed a migration crash when a field is renamed that is part of an "index_together" (:ticket:23859). * Fixed :djadmin:squashmigrations to respect the "--no-optimize" parameter (:ticket:23799). * Made :class:~django.db.migrations.operations.RenameModel reversible (:ticket:22248) * Avoided unnecessary rollbacks of migrations from other apps when migrating backwards (:ticket:23410). * Fixed a rare query error when using deeply nested subqueries (:ticket:23605). * Fixed a crash in migrations when deleting a field that is part of a "index/unique_together" constraint (:ticket:23794). * Fixed "django.core.files.File.__repr__()" when the file's "name" contains Unicode characters (:ticket:23888). * Added missing context to the admin's "delete_selected" view that prevented custom site header, etc. from appearing (:ticket:23898). * Fixed a regression with dynamically generated inlines and allowed field references in the admin (:ticket:23754). * Fixed an infinite loop bug for certain cyclic migration dependencies, and made the error message for cyclic dependencies much more helpful. * Added missing "index_together" handling for SQLite (:ticket:23880). * Fixed a crash when "RunSQL" SQL content was collected by the schema editor, typically when using "sqlmigrate" (:ticket:23909). * Fixed a regression in "contrib.admin" add/change views which caused some "ModelAdmin" methods to receive the incorrect "obj" value (:ticket:23934). * Fixed "runserver" crash when socket error message contained Unicode characters (:ticket:23946). * Fixed serialization of "type" when adding a "deconstruct()" method (:ticket:23950). * Prevented the :class:~django.contrib.auth.middleware.SessionAuthenticationMiddleware from setting a ""Vary: Cookie"" header on all responses (:ticket:23939). * Fixed a crash when adding "blank=True" to "TextField()" on MySQL (:ticket:23920). * Fixed index creation by the migration infrastructure, particularly when dealing with PostgreSQL specific "{text|varchar}_pattern_ops" indexes (:ticket:23954). * Fixed bug in "makemigrations" that created broken migration files when dealing with multiple table inheritance and inheriting from more than one model (:ticket:23956). * Fixed a crash when a "MultiValueField" has invalid data (:ticket:23674). * Fixed a crash in the admin when using "Save as new" and also deleting a related inline (:ticket:23857). * Always converted "related_name" to text (unicode), since that is required on Python 3 for interpolation. Removed conversion of "related_name" to text in migration deconstruction (:ticket:23455 and :ticket:23982). * Enlarged the sizes of tablespaces which are created by default for testing on Oracle (the main tablespace was increased from 200M to 300M and the temporary tablespace from 100M to 150M). This was required to accommodate growth in Django's own test suite (:ticket:23969). * Fixed "timesince" filter translations in Korean (:ticket:23989). * Fixed the SQLite "SchemaEditor" to properly add defaults in the absence of a user specified "default". For example, a "CharField" with "blank=True" didn't set existing rows to an empty string which resulted in a crash when adding the "NOT NULL" constraint (:ticket:23987). * "makemigrations" no longer prompts for a default value when adding "TextField()" or "CharField()" without a "default" (:ticket:23405). * Fixed a migration crash when adding "order_with_respect_to" to a table with existing rows (:ticket:23983). * Restored the "pre_migrate" signal if all apps have migrations (:ticket:23975). * Made admin system checks run for custom "AdminSite"\s (:ticket:23497). * Ensured the app registry is fully populated when unpickling models. When an external script (like a queueing infrastructure) reloads pickled models, it could crash with an "AppRegistryNotReady" exception (:ticket:24007). * Added quoting to field indexes in the SQL generated by migrations to prevent a crash when the index name requires it (:ticket:#24015). * Added "datetime.time" support to migrations questioner (:ticket:23998). * Fixed admindocs crash on apps installed as eggs (:ticket:23525). * Changed migrations autodetector to generate an "AlterModelOptions" operation instead of "DeleteModel" and "CreateModel" operations when changing "Meta.managed". This prevents data loss when changing "managed" from "False" to "True" and vice versa (:ticket:24037). * Enabled the "sqlsequencereset" command on apps with migrations (:ticket:24054). * Added tablespace SQL to apps with migrations (:ticket:24051). * Corrected "contrib.sites" default site creation in a multiple database setup (:ticket:24000). * Restored support for objects that aren't :class:str or :class:bytes in :func:~django.utils.safestring.mark_for_escaping on Python 3. * Supported strings escaped by third-party libraries with the "__html__" convention in the template engine (:ticket:23831). * Prevented extraneous "DROP DEFAULT" SQL in migrations (:ticket:23581). * Restored the ability to use more than five levels of subqueries (:ticket:23758). * Fixed crash when "ValidationError" is initialized with a "ValidationError" that is initialized with a dictionary (:ticket:24008). * Prevented a crash on apps without migrations when running "migrate --list" (:ticket:23366). ------------------------------------------------------------------- Sat Nov 15 21:46:43 UTC 2014 - arun@gmx.de - Update to Django 1.7.1 * Allowed related many-to-many fields to be referenced in the admin (#23604). * Added a more helpful error message if you try to migrate an app without first creating the contenttypes table (#22411). * Modified migrations dependency algorithm to avoid possible infinite recursion. * Fixed a UnicodeDecodeError when the flush error message contained Unicode characters (#22882). * Reinstated missing CHECK SQL clauses which were omitted on some backends when not using migrations (#23416). * Fixed serialization of type objects in migrations (#22951). * Allowed inline and hidden references to admin fields (#23431). * The @deconstructible decorator now fails with a ValueError if the decorated object cannot automatically be imported (#23418). * Fixed a typo in an inlineformset_factory() error message that caused a crash (#23451). * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the 'auth.User' model (#11775). As a side effect, the setting now adds a get_absolute_url() method to any model that appears in ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). * Avoided masking some ImportError exceptions during application loading (#22920). * Empty index_together or unique_together model options no longer results in infinite migrations (#23452). * Fixed crash in contrib.sitemaps if lastmod returned a date rather than a datetime (#23403). * Allowed migrations to work with app_labels that have the same last part (e.g. django.contrib.auth and vendor.auth) (#23483). * Restored the ability to deepcopy F objects (#23492). * Formats for Welsh (cy) and several Chinese locales (zh_CN, zh_Hans, zh_Hant and zh_TW) have been added. Formats for Macedonian have been fixed (trailing dot removed, #23532). * Added quoting of constraint names in the SQL generated by migrations to prevent crash with uppercase characters in the name (#23065). * Fixed renaming of models with a self-referential many-to-many field (ManyToManyField('self')) (#23503). * Added the get_extra(), get_max_num(), and get_min_num() hooks to GenericInlineModelAdmin (#23539). * Made migrations.RunSQL no longer require percent sign escaping. This is now consistent with cursor.execute() (#23426). * Made the SERIALIZE entry in the TEST dictionary usable (#23421). * Fixed bug in migrations that prevented foreign key constraints to unmanaged models with a custom primary key (#23415). * Added SchemaEditor for MySQL GIS backend so that spatial indexes will be created for apps with migrations (#23538). * Added SchemaEditor for Oracle GIS backend so that spatial metadata and indexes will be created for apps with migrations (#23537). * Coerced the related_name model field option to unicode during migration generation to generate migrations that work with both Python 2 and 3 (#23455). * Fixed MigrationWriter to handle builtin types without imports (#23560). * Fixed deepcopy on ErrorList (#23594). * Made the admindocs view to browse view details check if the view specified in the URL exists in the URLconf. Previously it was possible to import arbitrary packages from the Python path. This was not considered a security issue because admindocs is only accessible to staff users (#23601). * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII characters in the request (#23593). * Fixed missing get_or_create and update_or_create on related managers causing IntegrityError (#23611). * Made urlsafe_base64_decode() return the proper type (byte string) on Python 3 (#23333). * makemigrations can now serialize timezone-aware values (#23365). * Added a prompt to the migrations questioner when removing the null constraint from a field to prevent an IntegrityError on existing NULL rows (#23609). * Fixed generic relations in ModelAdmin.list_filter (#23616). * Restored RFC compliance for the SMTP backend on Python 3 (#23063). * Fixed a crash while parsing cookies containing invalid content (#23638). * The system check framework now raises error models.E020 when the class method Model.check() is unreachable (#23615). * Made the Oracle test database creation drop the test user in the event of an unclean exit of a previous test run (#23649). * Fixed makemigrations to detect changes to Meta.db_table (#23629). * Fixed a regression when feeding the Django test client with an empty data string (#21740). * Fixed a regression in makemessages where static files were unexpectedly ignored (#23583). - Changes from version 1.7 * A new built-in database migration system. Notes on upgrading from South (a popular third*party application providing migration functionality) are also available. * A refactored concept of Django applications. Django applications are no longer tied to the existence of a models files, and can now specify both configuration data and code to be executed as Django starts up. * Improvements to the model Field API to support migrations and, in the future, to enable easy addition of composite-key support to Django's ORM. * Improvements for custom Manager and QuerySet classes, allowing reverse relationship traversal to specify the Manager to use, and creation of a Manager from a custom QuerySet class. * An extensible system check framework which can assist developers in detecting and diagnosing errors. Please refer to the release notes for all details and migration instructions: https://docs.djangoproject.com/en/1.7/releases/1.7/ - Added python-setuptools as a BuildRequires. - Fixed Source URL from Django Project site. - Reordered sources. - Fixed deduplication to avoid wrong mtimes in pyc files. - Changes from version 1.6.5 : + Unexpected code execution using reverse() + Caching of anonymous pages could reveal CSRF token + MySQL typecasting + select_for_update() requires a transaction + Issue: Caches may incorrectly be allowed to store and serve private data + Issue: Malformed redirect URLs from user input not correctly validated - Changes from version 1.6.2: + Prevented the base geometry object of a prepared geometry to be garbage collected, which could lead to crash Django (#21662). + Fixed a crash when executing the changepassword command when the user object representation contained non-ASCII characters (#21627). + The collectstatic command will raise an error rather than default to using the current working directory if STATIC_ROOT is not set. Combined with the --clear option, the previous behavior could wipe anything below the current working directory (#21581). + Fixed mail encoding on Python 3.3.3+ (#21093). + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, the connection wasn’t in autocommit mode but Django pretended it was. + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + Added missing items to django.utils.timezone.__all__ (#21880). + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + Fixed join promotion for negated AND conditions (#21748). + Oracle database introspection now works with boolean and float fields (#19884). + Fixed an issue where lazy objects weren’t actually marked as safe when passed through mark_safe() and could end up being double-escaped (#21882). - Changes from version 1.6.1: - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 release notes. ------------------------------------------------------------------- Thu Jul 31 16:53:40 UTC 2014 - dimstar@opensuse.org - Rename rpmlintrc to %{name}-rpmlintrc. Follow the packaging guidelines. ------------------------------------------------------------------- Fri Feb 14 09:36:57 UTC 2014 - speilicke@suse.com - Fix update-alternatives (again) ------------------------------------------------------------------- Tue Nov 19 10:23:49 UTC 2013 - speilicke@suse.com - Update-alternatives also for bash-completion ------------------------------------------------------------------- Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com - Require python-Pillow for image-related functionality - Package was renamed from python-django - Drop Django-1.2-completion-only-for-bash.patch: Useless ------------------------------------------------------------------- Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br - Update to version 1.6: - Please read the release notes https://docs.djangoproject.com/en/1.6/releases/1.6 - Removed Patch2 as it is no needed anymore: Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch ------------------------------------------------------------------- Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com - Update to version 1.5.4: + Fixed denial-of-service via large passwords - Changes from version 1.5.3: + Fixed directory traversal with ssi template tag ------------------------------------------------------------------- Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br - Update to 1.5.2: - Security release, please check release notes for details: https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued ------------------------------------------------------------------- Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br - Update to 1.5.1: - Memory leak fix, please read release announcement at https://www.djangoproject.com/weblog/2013/mar/28/django-151. ------------------------------------------------------------------- Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br - Update to 1.5: - Please read the release notes https://docs.djangoproject.com/en/1.5/releases/1.5 ------------------------------------------------------------------- Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br - Update to 1.4.3: - Security release: - Host header poisoning - Redirect poisoning - Please check release notes for details: https://www.djangoproject.com/weblog/2012/dec/10/security ------------------------------------------------------------------- Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de - Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin ------------------------------------------------------------------- Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br - Update to 1.4.2: - Security release: - Host header poisoning - Please check release notes for details: https://www.djangoproject.com/weblog/2012/oct/17/security ------------------------------------------------------------------- Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br - Update to 1.4.1: - Security release: - Cross-site scripting in authentication views - Denial-of-service in image validation - Denial-of-service via get_image_dimensions() - Please check release notes for details: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued ------------------------------------------------------------------- Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de - Add patch to support CSRF_COOKIE_HTTPONLY config ------------------------------------------------------------------- Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br - Update to 1.4: - Please read the release notes https://docs.djangoproject.com/en/dev/releases/1.4 - Removed Patch2, it was merged on upstream, ------------------------------------------------------------------- Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de - Set license to SDPX style (BSD-3-Clause) - Package AUTHORS, LICENE and README files - No CFLAGS for noarch package - Drop runtime dependency on gettext-tools ------------------------------------------------------------------- Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br - Update to 1.3.1 to fix security issues, please read https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. ------------------------------------------------------------------- Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br - Fix build on SLES_9. ------------------------------------------------------------------- Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br - Update to 1.3 final; - Refresh patch empty-ip-2.diff. ------------------------------------------------------------------- Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br - Update to 1.3-rc1; - Regenerated spec file with py2pack; - No more need to fix wrong line endings; - Refresh patch empty-ip-2.diff with -p0. ------------------------------------------------------------------- Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de - Spec file cleanup: * Removed empty lines, package authors from description * Cleanup duplicates * Corrected wrong file endings * Added zero-length rpmlint filter - Added AUTHORS, LICENSE and doc files ------------------------------------------------------------------- Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br - Update to 1.2.5: - This is a security update that fix: - Flaw in CSRF handling; - Potential XSS in file field rendering. ------------------------------------------------------------------- Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br - Update to 1.2.4: - Information leakage in Django administrative interface; - Denial-of-service attack in password-reset mechanism. - This is a mandatory security update. ------------------------------------------------------------------- Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br - Update to 1.2.3: - The patch applied for the security issue covered in Django 1.2.2 caused issues with non-ASCII responses using CSRF tokens. This has been remedied; - The patch also caused issues with some forms, most notably the user-editing forms in the Django administrative interface. This has been remedied. - The packaging manifest did not contain the full list of required files. This has been remedied. ------------------------------------------------------------------- Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br - Update to 1.2.2. - This is a ciritical security update fixing a default XSS bug! ------------------------------------------------------------------- Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca - Added patch to fix upstream bug 5622: Empty ipaddress raises an error ------------------------------------------------------------------- Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br - Update to 1.2.1. ------------------------------------------------------------------- Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br - Update to 1.2. ------------------------------------------------------------------- Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br - Update to 1.2-rc-1. ------------------------------------------------------------------- Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br - Spec file cleaned with spec-cleaner; - Minor manual adjusts on spec file. ------------------------------------------------------------------- Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br - Moved autocomplete file path from /etc/profile.d to /etc/bash_completion.d. Then it works with konsole too. ------------------------------------------------------------------- Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br - Update to 1.2-beta-1; - Using -q option on prep section of spec file; - Using INSTALLED_FILES instead of declaring files; - Removed dummy changelog section of spec file; - Update completion bash patch. ------------------------------------------------------------------- Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org - Update to 1.1.1 due to security issue described at http://www.djangoproject.com/weblog/2009/oct/09/security/ ------------------------------------------------------------------- Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br - Removed old tarball file (Django-1.1.tar.bz2). ------------------------------------------------------------------- Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de - Fix python version check. ------------------------------------------------------------------- Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de - Don't require python-sqlite2 for python >= 2.6. ------------------------------------------------------------------- Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de - Build as noarch on factory. ------------------------------------------------------------------- Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de - don't run bash completion on shells other than bash. Avoiding error messages produced at login when using other shells. ------------------------------------------------------------------- Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br - Added bash auto-complete to openSUSE. ------------------------------------------------------------------- Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net - update to version 1.1 - add python-django-rpmlintrc to quiet rpmlint complaints about -lang ------------------------------------------------------------------- Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de - add python-xml to the Requires (./manage.py syncdb crashes otherwise) ------------------------------------------------------------------- Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net - update to version 1.0 - Fix build on SLES9 ------------------------------------------------------------------- Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de - update to version 1.0 final ------------------------------------------------------------------- Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net - update to version 0.96.2 ------------------------------------------------------------------- Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca - The way simplejson is included in this package is not useful to other packages. Removed from provides ------------------------------------------------------------------- Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de - verion 0.96.1 fixes D.o.S attack in the i18n module ------------------------------------------------------------------- Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de - update to version 0.96 see http://www.djangoproject.com/documentation/release_notes_0.96 for details - this package provides python-simplejson too.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
