From c5bef52b9587c7827bdad9e61866937aa4480182b3523ae2efe565291a95cc58 Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Wed, 30 Jul 2025 06:04:11 +0000 Subject: [PATCH 1/6] - Add patch support-msgfmt-0.25.patch: * Support msgfmt 0.25 error messages changes. (bsc#1246966) - Remove unneeded Requires on tzdata. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=208 --- .gitattributes | 23 + .gitignore | 1 + Django-4.2.13.checksum.txt | 67 + Django-4.2.13.tar.gz | 3 + Django-5.0.7.checksum.txt | 67 + Django-5.0.7.tar.gz | 3 + Django-5.1.1.checksum.txt | 67 + Django-5.1.1.tar.gz | 3 + Django-5.1.2.checksum.txt | 67 + Django-5.1.2.tar.gz | 3 + Django-5.1.4.checksum.txt | 65 + Django-5.1.4.tar.gz | 3 + Django-5.1.5.checksum.txt | 67 + Django-5.1.5.tar.gz | 3 + Django-5.1.6.checksum.txt | 67 + Django-5.1.6.tar.gz | 3 + Django-5.1.checksum.txt | 67 + Django-5.1.tar.gz | 3 + Django-5.2.1.checksum.txt | 68 + Django-5.2.2.checksum.txt | 68 + Django-5.2.4.checksum.txt | 68 + Django-5.2.checksum.txt | 66 + Django-5.2.tar.gz | 3 + dirty-hack-remove-assert.patch | 25 + django-5.2.1.tar.gz | 3 + django-5.2.2.tar.gz | 3 + django-5.2.4.tar.gz | 3 + python-Django-rpmlintrc | 5 + python-Django.changes | 3028 ++++++++++++++++++++++++++++++++ python-Django.keyring | 132 ++ python-Django.spec | 149 ++ sanitize_address.patch | 40 + support-msgfmt-0.25.patch | 69 + test_strip_tags.patch | 46 + 34 files changed, 4358 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Django-4.2.13.checksum.txt create mode 100644 Django-4.2.13.tar.gz create mode 100644 Django-5.0.7.checksum.txt create mode 100644 Django-5.0.7.tar.gz create mode 100644 Django-5.1.1.checksum.txt create mode 100644 Django-5.1.1.tar.gz create mode 100644 Django-5.1.2.checksum.txt create mode 100644 Django-5.1.2.tar.gz create mode 100644 Django-5.1.4.checksum.txt create mode 100644 Django-5.1.4.tar.gz create mode 100644 Django-5.1.5.checksum.txt create mode 100644 Django-5.1.5.tar.gz create mode 100644 Django-5.1.6.checksum.txt create mode 100644 Django-5.1.6.tar.gz create mode 100644 Django-5.1.checksum.txt create mode 100644 Django-5.1.tar.gz create mode 100644 Django-5.2.1.checksum.txt create mode 100644 Django-5.2.2.checksum.txt create mode 100644 Django-5.2.4.checksum.txt create mode 100644 Django-5.2.checksum.txt create mode 100644 Django-5.2.tar.gz create mode 100644 dirty-hack-remove-assert.patch create mode 100644 django-5.2.1.tar.gz create mode 100644 django-5.2.2.tar.gz create mode 100644 django-5.2.4.tar.gz create mode 100644 python-Django-rpmlintrc create mode 100644 python-Django.changes create mode 100644 python-Django.keyring create mode 100644 python-Django.spec create mode 100644 sanitize_address.patch create mode 100644 support-msgfmt-0.25.patch create mode 100644 test_strip_tags.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Django-4.2.13.checksum.txt b/Django-4.2.13.checksum.txt new file mode 100644 index 0000000..abd0174 --- /dev/null +++ b/Django-4.2.13.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 4.2.13, released May 7, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-4.2.13.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/4.2/Django-4.2.13-py3-none-any.whl +https://www.djangoproject.com/m/releases/4.2/Django-4.2.13.tar.gz + +MD5 checksums +============= + +449eeffe35a7a748bf9acc4169ea7492 Django-4.2.13-py3-none-any.whl +a243a2c1e7c0752947d16d4ffae30376 Django-4.2.13.tar.gz + +SHA1 checksums +============== + +75a19218f248f0010685b471d1be86cad7602872 Django-4.2.13-py3-none-any.whl +56373bedaef33ee29b2d240b6b06ebe2e1e2fc58 Django-4.2.13.tar.gz + +SHA256 checksums +================ + +a17fcba2aad3fc7d46fdb23215095dbbd64e6174bf4589171e732b18b07e426a Django-4.2.13-py3-none-any.whl +837e3cf1f6c31347a1396a3f6b65688f2b4bb4a11c580dcb628b5afe527b68a5 Django-4.2.13.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmY6YWsoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPtEKD/9S +rZ+yadh7sQGszWtJEIZZS/YBQRcNyM+26aUkpk+3XT1SUDUs0whtX6U/P3tP+h+P +0vIk0wxTc3RhRCp8WETYulekRhPFc5HJFwlD/vh9AkEyDKW8QFuV+IBswvlfG/wK +D+QcuERl31Y1qcrCeFCM+XIRxGR9lQ0DuoCa1FuPl0bvAlNDOfNSmp4OzcPzGm4a +wE9wtsHqKkL8BAc836JIXHj5wdQK+HOkOv30ZcUU+nD3Lp5N44ESzzSe7IOutN02 +PBAixmwMf6EqjHC7JN49EwiPbEDTmg5HNj7LBM1Teqp5Hms11xGMfzxsh3AbEtoT +xeqZjrrcwoVf+wASVCKCv33Gfka45Z5X5f5G2O8//yJdLogwr6994rJ1MB7k18Yd +ObOl17pUctdrNKWuESJXz3l2c1DPbFQNKHiqI66fFm4L/fLMubMzkDlWzWH1jqSo +8tbSH9ATjEp/aLYKuGgr1gdazl4YbpiTkEjzFXYGmyjF7hPLT7xH2rrGCT4J7Bjc +TGnZGXdl4yaGcC8Q0Ma5ybMv3GgEsaa1wRnbNv5nQyNXIWrt9rcMfBDwcaSkq6NR +d7WpYUy5JT0IbR1SAazMY+NjUy+vzq26KkcUcbkoOng3guba0uPuoSphWM607MzK +UVab1KcJwNOC7/Di4Ul9vlh7dLMVg5yG+o7kFEJU/A== +=o/kY +-----END PGP SIGNATURE----- diff --git a/Django-4.2.13.tar.gz b/Django-4.2.13.tar.gz new file mode 100644 index 0000000..dde4fc1 --- /dev/null +++ b/Django-4.2.13.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:837e3cf1f6c31347a1396a3f6b65688f2b4bb4a11c580dcb628b5afe527b68a5 +size 10430886 diff --git a/Django-5.0.7.checksum.txt b/Django-5.0.7.checksum.txt new file mode 100644 index 0000000..c96a8ee --- /dev/null +++ b/Django-5.0.7.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.0.7, released July 9, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.0.7.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.0/Django-5.0.7.tar.gz +https://www.djangoproject.com/m/releases/5.0/Django-5.0.7-py3-none-any.whl + +MD5 checksums +============= + +454d23ea901892fd544541f4a1a33a3e Django-5.0.7.tar.gz +c687175397b8d6d98b8e0e35e6f142fb Django-5.0.7-py3-none-any.whl + +SHA1 checksums +============== + +ed070e21b5bf0b188104338a3b8a495b9d59593d Django-5.0.7.tar.gz +4aecb9aeab348f003c32952906eef7556a5be54b Django-5.0.7-py3-none-any.whl + +SHA256 checksums +================ + +bd4505cae0b9bd642313e8fb71810893df5dc2ffcacaa67a33af2d5cd61888f2 Django-5.0.7.tar.gz +f216510ace3de5de01329463a315a629f33480e893a9024fc93d8c32c22913da Django-5.0.7-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmaNPRgoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPgnUD/47 +sPedXK17iCelw70BRY7EqWxwVwSbTxKcnw14y2qejS923MlnEEraeOll2HbCqOmL ++O3coVJsTc9GAMrQLyip8sHCwb4SSCWmwRqQZbTdNRrZOWfCPRLsbVccEabdwTNC +7YDyDc+3FQhHIszNI0zkJ1H3G7280euwIrMIhnCbwH1PC/hqAwdlhf1+nc4BiIMg +dz/Bg65abruY/6LM0btMP72avHrM0BRiRs5kOYn7+xgh1cqnI64RHROgrymK7JkT +LxoZDhWvDv68IvyNWEuLU4yDXnv/3ZglhwUA8q+leMqtURwBWs8UMnLhHhR52kie +okrK6eBkYeHls3vMGOTKxe7nJHhfEjl6V9XJShIdU1ir+/iCeaRMzYjpr4H5591H +TMs8Hgm27Wt7U/OT5EsF+vIpLaAR9AnZfNfB1eYU34BUAloZSQCxz+Y65LCN5wKk +jfaG7phOiO33NJMUxhfemjwJIJymw7uZnuRQJ8KUMbr9Q/iCVWsMG+QXhJs96KRO +y1SYVgPgU5Jll9VN/H2WJCj9I1YOVZPDVAbMcB+hKklw6ZhZx2fxgxLO/3/REQJs +iBJ1ETPdCHct5HJyAoBD++NCeioUKd5pXxqMvtuNH7winRC9NMGw4XX1CbpBBB+1 +y1mkGxw+QvBh4rivA6TSQQwTDQXAnoT7ida+Ye2FVw== +=GcbG +-----END PGP SIGNATURE----- diff --git a/Django-5.0.7.tar.gz b/Django-5.0.7.tar.gz new file mode 100644 index 0000000..35d8d66 --- /dev/null +++ b/Django-5.0.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bd4505cae0b9bd642313e8fb71810893df5dc2ffcacaa67a33af2d5cd61888f2 +size 10642686 diff --git a/Django-5.1.1.checksum.txt b/Django-5.1.1.checksum.txt new file mode 100644 index 0000000..5bd377b --- /dev/null +++ b/Django-5.1.1.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.1, released September 3, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.1.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.1-py3-none-any.whl + +MD5 checksums +============= + +8024c23d7efe9e7acb04496ae22739c7 Django-5.1.1.tar.gz +7782d604d5b7cbb56e6b7da90595b6fa Django-5.1.1-py3-none-any.whl + +SHA1 checksums +============== + +8dedfc247c7bf010c93c5e5e30bca2012704a7ce Django-5.1.1.tar.gz +a038998584b227243ae6c1d29b3e7c2a166db918 Django-5.1.1-py3-none-any.whl + +SHA256 checksums +================ + +021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 Django-5.1.1.tar.gz +71603f27dac22a6533fb38d83072eea9ddb4017fead6f67f2562a40402d61c3f Django-5.1.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmbXARwoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmSPEACs +vwz2HvzWF+YpeXx1jLQJ6/JdQjmRPT/6pp+r0GW6KG6UqmawMsvRSX/k4zdvceYx +c7SVAIJwWNwZsPHbrjetGAI1NbAoWYxl8soCTIMR9A0mSlZebBSHb0+oUMQcwiZ5 +E4OMBv7QYYo8QVGs1KH1dMx4Unn+5VlAlaxo9BOa94PtCzUWxsIuji+yv1uKDVVa +BQivwy0ZuzBPMkHHaTAb5byWtsbLFhHeXkWirEzivecIVxvd88mO1GXh5zY3wjRW +UKLHQCNT6e3s7UB/ZS7IsQp7bPCmFfLsVp8+8pbABXqYHn6rM4/VCLhN06s/xVID +DSPkqNQz39gRbn5UNVSTLVNv/yoQ6crIHw9AiRECrJ3UaRzeDcQStnmxJx92duDr +bDLnmTI0Sx7+hqQjNOrGCFg6vO8ZVosxOgM/FgbXDKyA+FqtfbdR+/tW9KKtunPy +AHs87A6VqYMRzyTvRChzVpKKYrdMckjRUuyrogQJEuE5VJ0o5579FxBy9OekA3km +FTscEn8GiC4EZTR48IWSsNOCYn7VjihHvZGo4eO0uZRYFChTKc6Sah7p+i41XV1W +FLhOqCqF/4Kl6u3dWkWPAnm8mmWDsARpGbAoxCkd8AJtlR0nScdYuwOshlpixIVa +XgUJwJ3rzCSTd35tq+sF7y3WT3bPyUl/DwkuJVHhFA== +=i1OF +-----END PGP SIGNATURE----- diff --git a/Django-5.1.1.tar.gz b/Django-5.1.1.tar.gz new file mode 100644 index 0000000..ae180ad --- /dev/null +++ b/Django-5.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 +size 10675933 diff --git a/Django-5.1.2.checksum.txt b/Django-5.1.2.checksum.txt new file mode 100644 index 0000000..f089c52 --- /dev/null +++ b/Django-5.1.2.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.2, released October 8, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.2.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.2-py3-none-any.whl + +MD5 checksums +============= + +bdd601132b94080200e71137a20d0d6a Django-5.1.2.tar.gz +39bf6f252e055aa54b48c9ae96a57bf8 Django-5.1.2-py3-none-any.whl + +SHA1 checksums +============== + +d974a07780b80a79203631e6f4ce9bfd8d1fd119 Django-5.1.2.tar.gz +0bb112f3f251c81f0d6aef367cf73c5b03de5334 Django-5.1.2-py3-none-any.whl + +SHA256 checksums +================ + +bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0 Django-5.1.2.tar.gz +f11aa87ad8d5617171e3f77e1d5d16f004b79a2cf5d2e1d2b97a6a1f8e9ba5ed Django-5.1.2-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmcFRjcoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPklRD/9N +Sx+4arBpIcKm9w4ou7Y0dxBUW7HJBAc9o5rAIGjgCIjmM99nEclUznZqTbjtO3JS +MjkZxSO/Q9r1Ty3aWAWjfvjICIxps2vcSIxJbETiYWfyGDp/z8uMTGKTut5fn7ZN +8yCDMZBeQMsYbU0z/H5R7iSD3gr9w2UmQR3LjtV6NLdyMIvwystFGcFCo7a934nX +b8UmIyyMj+787pxciTWeFRTOJY5pSWfYPqtrI3KzTO4MLDhQzIH9anIY8G4BA9kN +0oL13ezUTWEARmeje11vLDui5SJEJ9EIUaic8MLMqMN3hPNmrClL1x3ggOMj+iP9 +XyAF7jGOaxhEy10LR4GlgJXifuqHgM3Q1CwT4+FH7nJ6ifHQTLOpZsIhTR1OHnsS +s7L1yv8L4eW+D8ZjCfJvQ+46sV4vwsR9iw5IxWfhjeB2RT6ujODJ3uPjWzm3S3ZH +mUJJ22M4qQEA1gA13VCxc1j4XC20mKvZ6yHl66QE2CiL7GhmEUp0iwaoealneUGg +88JXXJjPmdmS+AxQE5NquDmUnxlQnB7pDrQpadsbs4JLxh7Q6vAcC0vX7VMJ8qcT +gLxgtx2LeVieu8Lk0iTEmcBwa0u7nNTwRxXeUwQK0+mqPxPVaiTw8RZLSsfFY0ZM +ngxOEOrna3c+KTtbef+dBexdX5ooIUL7r9cCVQr3+A== +=YZlq +-----END PGP SIGNATURE----- diff --git a/Django-5.1.2.tar.gz b/Django-5.1.2.tar.gz new file mode 100644 index 0000000..e6cbe3b --- /dev/null +++ b/Django-5.1.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0 +size 10711674 diff --git a/Django-5.1.4.checksum.txt b/Django-5.1.4.checksum.txt new file mode 100644 index 0000000..09ae0b5 --- /dev/null +++ b/Django-5.1.4.checksum.txt @@ -0,0 +1,65 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.4, released December 4, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.4.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.4-py3-none-any.whl +https://www.djangoproject.com/m/releases/5.1/Django-5.1.4.tar.gz + +MD5 checksums +============= + +3ab67eb0e297ab798f572d38159a4301 Django-5.1.4-py3-none-any.whl +03ec3e0f2d6cbcb9eb11c629ca1c538b Django-5.1.4.tar.gz + +SHA1 checksums +============== + +0e61a94ba38a41b967ebbaaddde2b1e0edf1c583 Django-5.1.4-py3-none-any.whl +6e47f95d8b22cfd314c8b2676b2f854016f498b5 Django-5.1.4.tar.gz + +SHA256 checksums +================ + +236e023f021f5ce7dee5779de7b286565fdea5f4ab86bae5338e3f7b69896cf0 Django-5.1.4-py3-none-any.whl +de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a Django-5.1.4.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmdQV2ktHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +lJAL/3EBWgN3FlChHJ4zGNbYh8ZDhOlfujm6JSSyibTV5xStVdOY4Q+/enbZ+NTh +nHXOmbmM6own9x4+0Es/KLsw4CBB1gYCoMJ3CwOVqj845cxQY6BrWy2cFQyDcuZ5 +Ae5UBDQxPxLDWUZyLfAHeArR1+I2elFO2L778HFduzrqWm+Ht+WFRiSnEtBZbkql +4fNSWCTxs1EIMdZNzt4m8SclrRRwJMZ87Zgn8RTmG8X5DAJMUzMnTN3+w6VohsX9 +/ThSSFQEMckGbFh+eOzj1MiIKHzgULoGLOLsOCDATvfz+4iUDM8BqS5KJpOHKbMZ +XYWHOefWdEfB3vGKigiYAKcykbT97BX6/UitVqrB+WhQpdmJZ1u1Kzc6zYr4ZH1b +s3v31rgK+wp9PTx3A9CKjgFpap/NYTkbksIJD/rhR/JblqCrOPV3hvd6D+GwJc+G +DPSj1WvTvda5Vl7MqdcHuKPnp9sM1IvW/DIXalvhWN0v75yr2YkBluEhbdg6fMEu +OxXc+Q== +=/WMm +-----END PGP SIGNATURE----- diff --git a/Django-5.1.4.tar.gz b/Django-5.1.4.tar.gz new file mode 100644 index 0000000..e0c461f --- /dev/null +++ b/Django-5.1.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a +size 10716397 diff --git a/Django-5.1.5.checksum.txt b/Django-5.1.5.checksum.txt new file mode 100644 index 0000000..1f2386d --- /dev/null +++ b/Django-5.1.5.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.5, released January 14, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.5.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.5.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.5-py3-none-any.whl + +MD5 checksums +============= + +272e951dbc4ccb7854c5a69aa5650749 Django-5.1.5.tar.gz +7effbd0a8ec3bf8c9d5f0c857138a07a Django-5.1.5-py3-none-any.whl + +SHA1 checksums +============== + +b41593f64adf86667e6a36c97aebe7ec832fc474 Django-5.1.5.tar.gz +df1802610c7e6be090140650cd4e6e656cc5364a Django-5.1.5-py3-none-any.whl + +SHA256 checksums +================ + +19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 Django-5.1.5.tar.gz +c46eb936111fffe6ec4bc9930035524a8be98ec2f74d8a0ff351226a3e52f459 Django-5.1.5-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmeGUCgoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPkTrEACU +0rwddvqE/tg0JcZxTUh4kQOY5H70jlo0nwmBZkyjS9441STQEPohY0KTk3i2BgAO +z2KcGPfBmzLJU5khx0orJK/BS4J9tpw3eIZ7yg32R1ZrbGEUkxO2dFDcTq0eS7wt +7x8K8FXWWzXT3BPKKio1aah4lFoCzzNf/x3dlOrqp3cRVU4QYPB7Ap0xW0wa4XaG +H9Nas+LR9eBUKEqKQHyKT5jA8ny0ytpYzL1ItQQSUhsgOPQu726xBseGYOogUTY0 +T625X/tQcUIGn9HmqTbszn6o9QjqL/BWHTeg+8zwhZK8O0o03sQdGWf2meGxR75d +/tlM9uYTo0LBnKW5nZi+0jYuF8vnIHb47pYRMAeSudbtX0sc8Uxtf4Jn4tnU58NQ +JeGDAR6zyDvYlrWo2y2g7CN/z277VS7Aw2lxDhNUaVqW4JxVqkktg6ODmtnp8lbl +1UACgw/gFHgSJ6DbmvyiPaewh6jkKnPDukvNb/MZ3uYIG5ndgLwZ5bt/3AEV7JYs +jqgEgZdH3sN9A7ZFfDx3C1H0K87aMMvVK2rBg6FQt1B59U3OrGwh2kO1sB+LIXrw +bzxSnSR4PThgISnJbNptFInMgDNOVuKnD7cDvSiH5sl+xmLS0GiMHVH1wNhNotVF +stWL1lY20xHeiRgTutpTsDjF4dX24x7d89av8I3jlA== +=L8Sc +-----END PGP SIGNATURE----- diff --git a/Django-5.1.5.tar.gz b/Django-5.1.5.tar.gz new file mode 100644 index 0000000..ed1f465 --- /dev/null +++ b/Django-5.1.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 +size 10700031 diff --git a/Django-5.1.6.checksum.txt b/Django-5.1.6.checksum.txt new file mode 100644 index 0000000..37ec9d3 --- /dev/null +++ b/Django-5.1.6.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.6, released February 5, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.6.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.6.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.6-py3-none-any.whl + +MD5 checksums +============= + +39585ffad0b04e7d5d7726a6b4e45d41 Django-5.1.6.tar.gz +27ad2093eaef2c1aeb76cb8025cbbbf5 Django-5.1.6-py3-none-any.whl + +SHA1 checksums +============== + +c96db1b845d9f3a0982c6297f5cd78c43b3280d2 Django-5.1.6.tar.gz +70a0ffed34bb16e4373f95e91018bde4d0ef1b2f Django-5.1.6-py3-none-any.whl + +SHA256 checksums +================ + +1e39eafdd1b185e761d9fab7a9f0b9fa00af1b37b25ad980a8aa0dac13535690 Django-5.1.6.tar.gz +8d203400bc2952fbfb287c2bbda630297d654920c72a73cc82a9ad7926feaad5 Django-5.1.6-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmejcjsoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPuO7D/9i +NqPgKoFDRpo47uqA7791xrWGspAlk1AXtaqdoGDWK0fyb6tetELAB05gICoAZk1q +3BN5qTU22dftpn6k26Vt3b16myrBUb3samncQ1z4DHWctnFUrTSs0ztkqc55w/SE +E2klPzON/D/4PBTfOPAq+1rXk9r/EVMmv6s9pOrgvr+Xjo+OiWshoBXVPxmTRws5 +Sv3Ll1a/ifMg22bN5bgMBuY03UdFbXA4a52DvEmA3DC56EaRZsqzFbzlvldYYUgi +7Fy3u8fl1Gpl1XYTggnIcOogltAUeRomj5i5xo+Ge5Em8pI/F5EtuHH7zWL+2VDK +NyjYSSB9hY5dzJmGSTdv6yf+JtMNgG5n2fd2786Qcb5/NhtVjEMQPWMKiLZaCIZ6 +5Y33gEmMCKXekaOk60PwwMZaqEQMirNcnSNEzOX2yjP/VIPixcQKm9iDhVg91t8G +UZVhsDV+1KrHseV+byMeXmHPHBx4WOi0+X5deU71aZn4NZSUmIyfMIDpag/B9Wis +OJZ7BNaUJXNl1JS9A2gxt8Kt3S6xZUdPbFXYXvpniuKOSBFl397oaqOtGPoP63Fw +QSnyExHibH57k7tq43hw04hLLMBEghhHA7TvYZrtoF10E/xEKJIflOAoicejYFmm +0UNCpq6lznK36fLJaA6cnuBYqJftKOSmVbMHOeQ7vw== +=mt6z +-----END PGP SIGNATURE----- diff --git a/Django-5.1.6.tar.gz b/Django-5.1.6.tar.gz new file mode 100644 index 0000000..ba05271 --- /dev/null +++ b/Django-5.1.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1e39eafdd1b185e761d9fab7a9f0b9fa00af1b37b25ad980a8aa0dac13535690 +size 10700620 diff --git a/Django-5.1.checksum.txt b/Django-5.1.checksum.txt new file mode 100644 index 0000000..8d29bff --- /dev/null +++ b/Django-5.1.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1, released August 7, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1-py3-none-any.whl + +MD5 checksums +============= + +77f44885427c09458e1abd0b48e09517 Django-5.1.tar.gz +e8a8edeeb894fcba4830653e450ef8ea Django-5.1-py3-none-any.whl + +SHA1 checksums +============== + +34e73c5ea536989ce8b59d4dcbcad81f8df042b0 Django-5.1.tar.gz +c1c96089c6a5d90439ae6849f8ab4d11f22cfaec Django-5.1-py3-none-any.whl + +SHA256 checksums +================ + +848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d Django-5.1.tar.gz +d3b811bf5371a26def053d7ee42a9df1267ef7622323fe70a601936725aa4557 Django-5.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmazdjMoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPoWDD/0S +xuoCMIvhc7m8FWAZ8VS0zkzT0e7TZonySEG5Oa1GrEMEZLe7C98HIXXptGDBuJkQ +W8WPbOgoc8iylA6/X3Q74guZMiZ2x/yK1XH3W/TwahMO0ii7bjcBkMJX0hB0zSph +SndMUCmBLuyfPNKUWQrBfGHtegmtm6tyHi5pLBLNgZjebh5Poy+3lrYlIL95sVG9 +5ckvE9B4+5z/muZlJzSf3784mMirWRnHLsOsvFZLuEBESyaS7C4gjUaRFX2JUzKG +0HRw/CUFR5BlsNefYRXZGAdW0rWMk9ucgc6BYbqTfwDfRUyFE+0jxQgNLP+t2hVj +W4Jr0hNyYJ6fLvW+L9owIBdL8dUBGEOoFKQmudnKEKFyfa2uXJcPnHPzTOMX28WT +CvN0kh55v8IqBpMlXZY7/6Cc2E6LTNvDRMygNJbV8Jl9bhQDvl9vII8PhmEv8774 +bJBExGvgTluySZQHUr2/aJXC0ldUiHAyleq8iD4lq3z7jOHN7W4T1TNFPI9+m34D +nTzOJSu7H/sYGp11UoyvW1MyHrocxgn+GE1Lg4MOlFpbwsRXG8vBBP8n00w6srqO +/0wfOtmwHK+Kf2VjW6VtzKIg5LUTpEKZC9FOgAweiZ80BVZRXqB0pSIkHIRTqswJ +ygDLRvq/Cp4D0OxHDM3DVZW/vKNn1zi0WH+9zlCLrA== +=XAjV +-----END PGP SIGNATURE----- diff --git a/Django-5.1.tar.gz b/Django-5.1.tar.gz new file mode 100644 index 0000000..049e68e --- /dev/null +++ b/Django-5.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d +size 10681050 diff --git a/Django-5.2.1.checksum.txt b/Django-5.2.1.checksum.txt new file mode 100644 index 0000000..88bd451 --- /dev/null +++ b/Django-5.2.1.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.2.1, released May 6, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.1/tarball/ +https://www.djangoproject.com/download/5.2.1/wheel/ + +MD5 checksums +============= + +317174c6e0593c40e58ec1bd428b1091 django-5.2.1.tar.gz +7821a8fa6b4193707af79c9b4bc64236 django-5.2.1-py3-none-any.whl + +SHA1 checksums +============== + +c8c6571401bede943be6b1ca4babe93cf2612e16 django-5.2.1.tar.gz +0c2f04440b66d67223e74146ff94b577c7da2dff django-5.2.1-py3-none-any.whl + +SHA256 checksums +================ + +57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 django-5.2.1.tar.gz +a9b680e84f9a0e71da83e399f1e922e1ab37b2173ced046b541c72e1589a5961 django-5.2.1-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmgatvooHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPo5pEACE +tPY3ZQqbCCvhD17CXkDKU2S/4kJPtQbbvd183nj1MMOwWhNBR5VV15Gvgf9v4sp1 +QaufUfaCUdrbuOsaapU2lf61Q3XKSTZZ6EoBlsmAjfcMbJrV3DzW2dK2L4awGi0/ +bm4tI+94qapSLQAwLK8IJai7Z9kpuptQeeBlNFo52XXuzESL4+ZpvIgqQzbjRU8x +fMM7+1Wf3mS2wt5vG5araxVovYAJvgXYnlHoGbu8DM9tmO0x2iFCkUuGbCcxTAiJ +CwSuZOOPiHdIZWgu6M/WR8jZ8c67YMgamb4kukfP3NnNScqvUi+rPCyGGFpnrMwj +iVHFmKulSI7lBnbjAgkwNNQ1asTiZO/W76MQKgFecUU592RGZKV/oH1rt5vbXeWu +MkBcaVL6GEgV66bXb13a3P/XB1PQKiCSOO28DJyhYj9eIJnQsuOKN43UUZzrmvEB +1cJ2/dHj+wJGWs8D9Bx2Yl5bcTgxFoSjb1gt6Vth0NgQuLb8aRP5/DuoNEIAxDdb +Dv7O2uSE5JFK0P1GxF/N7DIHzSoyUr7vkm5cb1bGBVhxtCa2XPdluojEDKqduxjR +4jZjB8nswRdZY63V6n4pEVQdkbIgFJdyFaWmoylfqGfZ3JiIGz8WyQQ+jw17V2L1 +sjRHd1y1JPOZKyb2g+QGR0H+AQvqedWZ95XJGirNtw== +=b+2b +-----END PGP SIGNATURE----- diff --git a/Django-5.2.2.checksum.txt b/Django-5.2.2.checksum.txt new file mode 100644 index 0000000..2c9ffc7 --- /dev/null +++ b/Django-5.2.2.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.2, released June 4, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.2/tarball/ +https://www.djangoproject.com/download/5.2.2/wheel/ + +MD5 checksums +============= + +782577f532efab32f8119a7071f55d04 django-5.2.2.tar.gz +5d85fa7778bd65981714e562012a5626 django-5.2.2-py3-none-any.whl + +SHA1 checksums +============== + +87dff3ef8d00b15491d5bb64b2404caf66d8ae59 django-5.2.2.tar.gz +7964171a3e17b3e3e8aeb2d2bff763d128836d74 django-5.2.2-py3-none-any.whl + +SHA256 checksums +================ + +85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952 django-5.2.2.tar.gz +997ef2162d04ead6869551b22cde4e06da1f94cf595f4af3f3d3afeae1f3f6fe django-5.2.2-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhAMRIoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmgqD/9b +ON8sroesSKb2lAdjUe2XFKceWBpSjySACsPwLko5gPhfxJ9gn0XEDQccYw6U4KkJ +PbRlrKKNr1zqX3IfRoggg3E6GU/rw9LUqgB2GByuBRjyZe29bF0KWiLWVmjLL6c8 +WszgKZxYu73vBfHcY1StLVSGMHxMlolvWikhpS4taHKOsYLmYxFnPdDeLjC/hYyb +tYjfdaKgDm5czpy9Put+Kzu15KcW0PqHAuPJtcGHo3l7lfRSd/m9X6iNtUXmsN8J +H8kLEzfG91tUuHl7UgFpZpSEGqnRV/dM+s+fKeVJC9t6Jsu8lbQp3omMaBl/SCwV +qicA9Go9cqUoDLz8JSkv0YCOGAyUZyOvjlW8zAkoRQuCcEkDxLh2VsdRRB7Z0E7K +SvDq03XZwXeBUpQAbkoZ+TpS4EoiydY7I7PTq5k+yzMEoid+k7sRclfndeTpAmPf +7Xtq3KDPnIKo+7maECiKVeEfCUIgxXygEz3fbrYTn9LcDcFnGWKA9/DH/9yD4+zR +AS4RI0k0PUWzbq/6+A+3BqQTo75dLxm/BHpyd9NoddYIsuhwlLq3IU+SopR8vG2/ +bydqaovZuiyHS59vGgMuAFJIaeW5/TW8zoLvRVekVG0nCVgcj17pR7zqa6EGKefS +6ydabjbxzeFC3qdYiOIneghfIUnk3HeVQRLd0Vw58w== +=Pk1M +-----END PGP SIGNATURE----- diff --git a/Django-5.2.4.checksum.txt b/Django-5.2.4.checksum.txt new file mode 100644 index 0000000..9c39d41 --- /dev/null +++ b/Django-5.2.4.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.4, released July 2, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.4.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.4/tarball/ +https://www.djangoproject.com/download/5.2.4/wheel/ + +MD5 checksums +============= + +6ecc4875e8cdc08706faea1cc4740fdf django-5.2.4.tar.gz +fee657f7686462d388f274c5f92b634a django-5.2.4-py3-none-any.whl + +SHA1 checksums +============== + +de45d44e1bb2ceb1c08b8fd0846de920874f71a1 django-5.2.4.tar.gz +a6a7904e3749a0e8937a50643293889929b4b6f7 django-5.2.4-py3-none-any.whl + +SHA256 checksums +================ + +a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f django-5.2.4.tar.gz +60c35bd96201b10c6e7a78121bd0da51084733efa303cc19ead021ab179cef5e django-5.2.4-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhlfcIoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPj5DD/94 +KOuOZ5JHtZWknqi1JeV1akzB/RpY7lhL9SbJbVXhdAxOY9Cn4eUG7NsPWa9JnhX1 +F/2geBE5mjOZen4ARtGHWxa5vqidqUbscrU9AkqPLn6aecEKi2jXXNkYmmWw/37K +wb92BQtuWkaXyiZ4E6Sledx9yFhcqMDFg27CdNYfAqUWofI6zzSmLIzOlOSVR9Sc +uDrfRqQ4GXlRGT5pIkcIxE0ZKToUYrKgn99PZOmBcLfJgQ4VBt62J6SzZAhhElb3 +DUMcVhG2XNIhg7v7DwlVodowDYQdRi2H/ahAa7/m1+uugRbysoGSLLwP+50tDjlj +07zxoJsrL5R9zaMp4pcXQN4bUy3rDz94DkjlXO51f8LwDdStvk4VOYan1W5S9BhP +R0conCFfcg4+iK0pV5e/GeeTwBRHQw8p5RuWfrEpKFi/XQtT0u01hqUGppeuZ9wI +f+Ud9RA8Nrw0ouli4WvfH0RVFuMgUFqScwO88oatuUH5CDPjlV+5usNb7FrmZXv6 +AWRopONOcYGF07+FYh0nsoE8enWyxE+JWTJzxT5PGZ3buUO0hlnJ+auoJv8yOVii +ELCSUyi93glWonCBrS41XrNO6+6K/8V9V6iv9/PdGwF1GszbX5Rx4e2lDMA7crYh +1qKGaV3+iAO+Y+vXt6VTy6h5GLg9hun+RQ8TU3Guyg== +=d9C5 +-----END PGP SIGNATURE----- diff --git a/Django-5.2.checksum.txt b/Django-5.2.checksum.txt new file mode 100644 index 0000000..e7d38e4 --- /dev/null +++ b/Django-5.2.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.2, released April 2, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2/tarball/ +https://www.djangoproject.com/download/5.2/wheel/ + +MD5 checksums +============= + +2365e2eb1228298df5bc63bbde049eb2 Django-5.2.tar.gz +1279aff7c80b1bdc921e28703e0f93b4 Django-5.2-py3-none-any.whl + +SHA1 checksums +============== + +691d9be1935e40b102fa599a2d54c1dc0289e707 Django-5.2.tar.gz +bfc1f7d9276c137d477389e71fbb4e849101af75 Django-5.2-py3-none-any.whl + +SHA256 checksums +================ + +1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89 Django-5.2.tar.gz +91ceed4e3a6db5aedced65e3c8f963118ea9ba753fc620831c77074e620e7d83 Django-5.2-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmftNIotHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +h0QMAJAgwXxMa/HElDElvmxojqY7H/oZ4obF7QtaywMKrV2IXGDi63RgCr6IIpD/ +rgWgEiyGUT6Mz/LxifkApDG8QQCDpvBW2suVQqDFgDwthX3h7URpypI98OnErskB +b/ZlD/WGIRUDl8rC5YLHEp+aYXSsoR76cIEuPSnvyXkKGikcB4ti1IJBttjBbbgk +uMn2WSgpFs1DMfuXvasZ2El3orwYgV7RCdC/GxurmzBcQE4Vdk5tLNHNvxzyZQnG +K5BO2dHhG6bUMhn75cxOsVfpjcrcSrZt/WzLE8b0JRK6IUto99R8RCGgTPVYbQE1 +5Bo4vaHnjRAjVw6YtT1KKrgYdTf8vDE3I+oNxbljmH92lVQ/g2uoPnqB91hXVboh +/EQX99MsRMVn6Ja00p40hPzjVvApbSuaBg/CDTlYCfnrj+0Ry0UanqPxnsJNxJmj +C2rYfYQa6vsd4t99/pzc9pgS4oW8h4Kl1MjBYAft5OlFCbUmYOPRNNjz4TsGlbAq +8SDOpQ== +=O1eA +-----END PGP SIGNATURE----- diff --git a/Django-5.2.tar.gz b/Django-5.2.tar.gz new file mode 100644 index 0000000..57e23ec --- /dev/null +++ b/Django-5.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89 +size 10824891 diff --git a/dirty-hack-remove-assert.patch b/dirty-hack-remove-assert.patch new file mode 100644 index 0000000..fadb3c1 --- /dev/null +++ b/dirty-hack-remove-assert.patch @@ -0,0 +1,25 @@ +From 36736edaf595d2bbf1fe881609b2a4c8e3bac68a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= +Date: Thu, 29 Jun 2023 12:29:21 +0200 +Subject: [PATCH] Dirty hack: Remove a failing assert, failure does not seem + critical + +--- + tests/settings_tests/tests.py | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/tests/settings_tests/tests.py b/tests/settings_tests/tests.py +index 62cbffb..b7432d3 100644 +--- a/tests/settings_tests/tests.py ++++ b/tests/settings_tests/tests.py +@@ -397,7 +397,6 @@ class TestComplexSettingOverride(SimpleTestCase): + with self.assertWarnsMessage(UserWarning, msg) as cm: + with override_settings(TEST_WARN="override"): + self.assertEqual(settings.TEST_WARN, "override") +- self.assertEqual(cm.filename, __file__) + + + class SecureProxySslHeaderTest(SimpleTestCase): +-- +2.40.1 + diff --git a/django-5.2.1.tar.gz b/django-5.2.1.tar.gz new file mode 100644 index 0000000..47f140b --- /dev/null +++ b/django-5.2.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 +size 10818735 diff --git a/django-5.2.2.tar.gz b/django-5.2.2.tar.gz new file mode 100644 index 0000000..6192ba9 --- /dev/null +++ b/django-5.2.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952 +size 10827542 diff --git a/django-5.2.4.tar.gz b/django-5.2.4.tar.gz new file mode 100644 index 0000000..0638a82 --- /dev/null +++ b/django-5.2.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f +size 10831909 diff --git a/python-Django-rpmlintrc b/python-Django-rpmlintrc new file mode 100644 index 0000000..0159bae --- /dev/null +++ b/python-Django-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("file-not-in-%lang") +# Empty model.py files should be kept around: +addFilter("zero-length") +# Bash completion isn't config: +# addFilter("non-conffile-in-etc /etc/bash_completion.d/django_bash_completion*") diff --git a/python-Django.changes b/python-Django.changes new file mode 100644 index 0000000..9b2bcdd --- /dev/null +++ b/python-Django.changes @@ -0,0 +1,3028 @@ +------------------------------------------------------------------- +Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik + +- Add patch support-msgfmt-0.25.patch: + * Support msgfmt 0.25 error messages changes. (bsc#1246966) +- Remove unneeded Requires on tzdata. + +------------------------------------------------------------------- +Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová + +- Add upstream test_strip_tags.patch to fix test errors with + at-this-point future python interpreters + +------------------------------------------------------------------- +Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová + +- Update to 5.2.4 + * Fixed a log injection possibility by migrating remaining response logging + to django.utils.log.log_response(), which safely escapes arguments + such as the request path to prevent unsafe log output (CVE 2025-48432). + * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to + incorrectly convert None to JSON null instead of SQL NULL for JSONField + * Fixed a regression in Django 5.2.2 where the q parameter was removed from + the internal django.http.MediaType.params property + * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type() + incorrectly preferred more specific media types with a lower quality + * Fixed a crash in Django 5.2 when performing an __in lookup involving a + composite primary key and a subquery on certain backends + +------------------------------------------------------------------- +Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová + +- Update to 5.2.2 (bsc#1244095) + * CVE-2025-48432: Potential log injection via unescaped request path + * Fixed a crash when using select_related against a ForeignObject + originating from a model with a CompositePrimaryKey + * Fixed a regression in Django 5.2 that caused a crash when no + arguments were passed into QuerySet.union(). + * Fixed a regression in Django 5.2 that caused a crash when using OuterRef + in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg. + * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not + account for media type parameters in Accept headers, reducing specificity + in content negotiation. + +------------------------------------------------------------------- +Mon May 12 08:20:40 UTC 2025 - Markéta Machová + +- Update to 5.2.1 (bsc#1242210) + * This release was built using an upgraded setuptools, producing + filenames compliant with PEP 491 and PEP 625 and thus addressing + a PyPI warning about non-compliant distribution filenames. This + change only affects the Django packaging process and does not + impact Django’s behavior. + * CVE-2025-32873: Denial-of-service possibility in strip_tags() + * Fixed a data corruption possibility in file_move_safe() when + allow_overwrite=True + * Fixed a regression introduced when fixing CVE 2025-26699, where + the wordwrap template filter did not preserve empty lines between + paragraphs after wrapping text + * Fixed many bugs and regressions in Django 5.2, see upstream changelog + +------------------------------------------------------------------- +Tue Apr 22 15:46:20 UTC 2025 - Markéta Machová + +- Add missing runtime dependency on tzdata + +------------------------------------------------------------------- +Mon Apr 7 15:02:18 UTC 2025 - Markéta Machová + +- Update to 5.2 + * Django 5.2 is designated as a long-term support release. It will receive + security updates for at least three years after its release. + * Django 5.2 supports Python 3.10, 3.11, 3.12, and 3.13. + ** What’s new in Django 5.2 ** + * Automatic models import in the shell + * Composite Primary Keys + * Simplified override of BoundField + * ... and many more smaller features + ** Backwards incompatible changes in 5.2 ** + * Database backend API changes + * Dropped support for PostgreSQL 13 + * Changed MySQL connection character set default + * ... and more, see upstream changelog + ** Features deprecated in 5.2 ** + * The all argument for the django.contrib.staticfiles.finders.find() + function is deprecated in favor of the find_all argument. + * The ordering keyword argument of the PostgreSQL specific aggregation + functions is deprecated in favor of the order_by argument. + +------------------------------------------------------------------- +Mon Apr 7 14:19:10 UTC 2025 - Markéta Machová + +- Update to 5.1.8 + * CVE-2025-27556: Potential denial-of-service vulnerability in + LoginView, LogoutView, and set_language() on Windows + * Fixed a regression in Django 5.1.7 where the removal of the single_object + parameter unintentionally altered the signature and return type of + LogEntryManager.log_actions() + +------------------------------------------------------------------- +Sun Mar 30 08:28:57 UTC 2025 - Dirk Müller + +- update filelist to be compatible with newer setuptools + +------------------------------------------------------------------- +Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová + +- Update to 5.1.7 (bsc#1239052) + * CVE-2025-26699: Potential denial-of-service vulnerability in + django.utils.text.wrap() + * Fixed a bug in Django 5.1 where the {% querystring %} template tag + returned an empty string rather than "?" + * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite + set to True, did not truncate the overwritten file content + * Fixed a regression in Django 5.1 where the count and exists methods of + ManyToManyField related managers would always return 0 and False when + the intermediary model back references used to_field + * Fixed a regression in Django 5.1 where the pre_save and post_save signals + for LogEntry were not sent when deleting a single object in the admin + +------------------------------------------------------------------- +Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová + +- Update to 5.1.6 + * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() + and validate_ipv46_address() to crash when handling non-string values + * Fixed a regression in Django 5.1 where password fields, despite being + set to required=False, were still treated as required in forms derived + from BaseUserCreationForm + +------------------------------------------------------------------- +Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová + +- Update to 5.1.5 (bsc#1235856) + * CVE-2024-56374: Potential denial-of-service vulnerability in + IPv6 validation + * Fixed a crash when applying migrations with references to the + removed Meta.index_together option + +------------------------------------------------------------------- +Mon Dec 9 09:13:02 UTC 2024 - Markéta Machová + +- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) + * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() + * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle + * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError + * Fixed a regression in Django 5.1 where relational fields were not updated + * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value + that contained a valid domain name, rather than only input values that were + a valid domain name + * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 + * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed + when rendering admin fieldsets + +------------------------------------------------------------------- +Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová + +- Update to 5.1.2 + * Fixed a regression in Django 5.1 that caused a crash when using + the PostgreSQL lookup trigram_similar on output fields from Concat + * Fixed a regression in Django 5.1 that caused a crash of JSONObject() + when using server-side binding with PostgreSQL 16+ + * Fixed a regression in Django 5.1 that made selected items in + multi-select widgets indistinguishable from non-selected items in + the admin dark theme + +------------------------------------------------------------------- +Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.1.1 (bsc#1229823, bsc#1229824) + * CVE-2024-45230: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-45231: Potential user email enumeration via response + status on password reset + * Fixed a regression in Django 5.1 that caused a crash of Window() + when passing an empty sequence to the order_by parameter, and a + crash of Prefetch() for a sliced queryset without ordering + * Fixed a regression in Django 5.1 where a new usable_password field + was included in BaseUserCreationForm (and children). A new + AdminUserCreationForm including this field was added, isolating + the feature to the admin where it was intended + * Adjusted the deprecation warning stacklevel in Model.save() and + Model.asave() to correctly point to the offending call site + * Adjusted the deprecation warning stacklevel when using + OS_OPEN_FLAGS in FileSystemStorage to correctly point to the + offending call site + * Adjusted the deprecation warning stacklevel in + FieldCacheMixin.get_cache_name() to correctly point to the + offending call site + * Restored, following a regression in Django 5.1, the ability to + override the timezone and role setting behavior used within the + init_connection_state method of the PostgreSQL backend + * Fixed a bug in Django 5.1 where variable lookup errors were logged + when rendering admin fieldsets + +------------------------------------------------------------------- +Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová + +- Update to 5.1 + * Supports Python >= 3.10. + * Easier guardrails for authentication: the new and shiny + LoginRequiredMiddleware, when added to MIDDLEWARE, enforces + authentication for all views by default. + * A more inclusive framework: Django 5.1 includes several accessibility + enhancements, such as improved screen reader support in the admin + interface, more semantic HTML elements, and better association of + help text and labels with form fieldsets. + * The second oldest ticket fixed in this release provides the long awaited + querystring template tag, which greatly simplifies the handling of query + strings when building URLs in templates. + * For a detailed list of changes see https://docs.djangoproject.com/en/5.1/releases/5.1/ +- Refreshed python-Django.keyring + +------------------------------------------------------------------- +Wed Aug 7 06:07:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632) + * CVE-2024-41989: Memory exhaustion in + django.utils.numberformat.floatformat() + * CVE-2024-41990: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-41991: Potential denial-of-service vulnerability in + django.utils.html.urlize() and AdminURLFieldWidget + * CVE-2024-42005: Potential SQL injection in QuerySet.values() and + values_list() + * Added missing validation for + UniqueConstraint(nulls_distinct=False) when using *expressions + * Fixed a regression in Django 5.0 where ModelAdmin.action_checkbox + could break the admin changelist HTML page when rendering a model + instance with a __html__ method + * Fixed a crash when creating a model with a Field.db_default and a + Meta.constraints constraint composed of __endswith, __startswith, + or __contains lookups + * Fixed a regression in Django 5.0.7 that caused a crash in + LocaleMiddleware when processing a language code over 500 + characters + * Fixed a bug in Django 5.0 that caused a system check crash when + ModelAdmin.date_hierarchy was a GeneratedField with an + output_field of DateField or DateTimeField + * Fixed a bug in Django 5.0 which caused constraint validation to + either crash or incorrectly raise validation errors for + constraints referring to fields using Field.db_default + * Fixed a crash in Django 5.0 when saving a model containing a + FileField with a db_default set + +------------------------------------------------------------------- +Tue Jul 9 14:03:46 UTC 2024 - Markéta Machová + +- Update to 5.0.7 + * Supports Python >= 3.10. + * Facet counts are now shown for applied filters in the admin changelist + when toggled on via the UI. This behavior can be changed via the new + ModelAdmin.show_facets attribute. + * Django 5.0 introduces the concept of a field group, and field group + templates. This simplifies rendering of the related elements of a + Django form field such as its label, widget, help text, and errors. + * The new Field.db_default parameter sets a database-computed default value. + * The new GeneratedField allows creation of database generated columns. + This field can be used on all supported database backends to create + a field that is always computed from other fields. + * More options for declaring field choices + * Few backwards-incompatible changes in the database backend API, + django.contrib.gis and django.contrib.sitemaps + * Dropped support for MySQL < 8.0.11 + * Using create_defaults__exact may now be required with QuerySet.update_or_create() + * Migrating existing UUIDField on MariaDB 10.7+ +- This release also fixes several security issues: + * bsc#1227590 (CVE-2024-38875) + * bsc#1227593 (CVE-2024-39329) + * bsc#1227594 (CVE-2024-39330) + * bsc#1227595 (CVE-2024-39614) +- Drop no-longer-needed patches: + * dirty-hack-remove-assert.patch + * sanitize_address.patch + +------------------------------------------------------------------- +Wed May 8 07:30:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.13 + + Django 4.2.13 fixes a packaging error in 4.2.12. +- Update to 4.2.12 + + Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+. + + Fixed a crash in Django 4.2 when validating email max line lengths + with content decoded using the surrogateescape error handling + scheme +- Drop fix-safemimetext-set_payload.patch, already merged upstream + +------------------------------------------------------------------- +Thu Apr 18 06:39:36 UTC 2024 - Daniel Garcia + +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) + +------------------------------------------------------------------- +Mon Mar 4 14:05:28 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +------------------------------------------------------------------- +Fri Feb 9 10:18:37 UTC 2024 - Daniel Garcia + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. + +------------------------------------------------------------------- +Thu Jan 4 09:27:51 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.9: + * Fixed a regression in Django 4.2.8 where admin fields on the same + line could overflow the page and become non-interactive + +------------------------------------------------------------------- +Mon Dec 4 10:21:00 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.8 + * Fixed a regression in Django 4.2 that caused makemigrations + --check to stop displaying pending migrations + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing other aggregates + or window functions through conditional expressions + * Fixed a regression in Django 4.2 that caused a crash when + annotating a QuerySet with a Window expressions composed of a + partition_by clause mixing field types and aggregation expressions + * Fixed a regression in Django 4.2 where the admin’s change list + page had misaligned pagination links and inputs when using + list_editable + * Fixed a regression in Django 4.2 where checkboxes in the admin + would be centered on narrower screen widths + * Fixed a regression in Django 4.2 that caused a crash of querysets + with aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode + was enabled + * Fixed a regression in Django 4.2 where the admin’s read-only + password widget and some help texts were incorrectly aligned at + tablet widths + * Fixed a regression in Django 4.2 that caused a migration crash on + SQLite when altering unsupported Meta.db_table_comment + +------------------------------------------------------------------- +Mon Nov 27 12:20:48 UTC 2023 - Dirk Müller + +- add dirty-hack-remove-assert.patch from fedora to fix + minor test failure with python 3.12 + +------------------------------------------------------------------- +Wed Nov 1 08:12:59 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.7 + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing expressions + containing subqueries + * Restored, following a regression in Django 4.2, creating + varchar/text_pattern_ops indexes on CharField and TextField with + deterministic collations on PostgreSQL + +------------------------------------------------------------------- +Mon Oct 16 08:33:05 UTC 2023 - Daniel Garcia Moreno + +- Update to 4.2.6 (bsc#1215978, CVE-2023-43665) + * CVE-2023-43665: Denial-of-service possibility in + django.utils.text.Truncator + The input processed by Truncator, when operating in HTML mode, has + been limited to the first five million characters in order to + avoid potential performance and memory issues. + * Fixed a regression in Django 4.2.5 where overriding the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests + caused the main STORAGES to mutate (#34821). + * Fixed a regression in Django 4.2 that caused unnecessary casting + of string based fields (CharField, EmailField, TextField, + CICharField, CIEmailField, and CITextField) used with the __isnull + lookup on PostgreSQL. As a consequence, indexes using an __isnull + expression or condition created before Django 4.2 wouldn’t be used + by the query planner, leading to a performance regression + (#34840). + +------------------------------------------------------------------- +Mon Sep 4 12:10:50 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.5 (CVE-2023-41164) + + Bugfixes + * Fixed a regression in Django 4.2 that caused an incorrect + validation of CheckConstraints on __isnull lookups against + JSONField + * Fixed a bug in Django 4.2 where the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings were not + synced with STORAGES + * Fixed a regression in Django 4.2.2 that caused an unnecessary + selection of a non-nullable ManyToManyField without a natural + key during serialization + * Fixed a regression in Django 4.2 that caused a crash of a + queryset when filtering against deeply nested OuterRef() + annotations + +------------------------------------------------------------------- +Wed Aug 2 07:35:04 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.4 + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing window + functions + * Fixed a regression in Django 4.2 that caused a crash when + grouping by a reference in a subquery + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping by multi-valued annotations to + group against the wrong columns + +------------------------------------------------------------------- +Tue Jul 18 12:50:29 UTC 2023 - Markéta Machová + +- Add upstream sanitize_address.patch + * fixes build with yet another CPython upstream fix (bsc#1210638) + +------------------------------------------------------------------- +Mon Jul 10 09:28:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.3 (bsc#1212742, CVE-2023-36053) + + CVE-2023-36053: Potential regular expression denial of service + vulnerability in EmailValidator/URLValidator + + Bugfixes + * Fixed a regression in Django 4.2 that caused incorrect alignment + of timezone warnings for DateField and TimeField in the admin + * Fixed a regression in Django 4.2 that caused incorrect + highlighting of rows in the admin changelist view when + ModelAdmin.list_editable contained a BooleanField + +------------------------------------------------------------------- +Fri Jun 9 11:41:19 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Tue Jun 6 06:35:28 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.2 + + Bugfixes + * Fixed a regression in Django 4.2 that caused an unnecessary + DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None + lookups for TextField()/BinaryField() on Oracle + * Restored, following a regression in Django 4.2, get_prep_value() + call in JSONField subclasses + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when passing a ManyToManyField or + GenericForeignKey reference. While doing so is a no-op, it was + allowed in older version + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.only() when passing a reverse OneToOneField reference + * Fixed a bug in Django 4.2 where makemigrations --update didn’t + respect the --name option + * Fixed a performance regression in Django 4.2 when compiling + queries without ordering + * Fixed a regression in Django 4.2 where nonexistent stylesheet + was linked on a “Congratulations!” page + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with expressions referencing other + aggregates + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing subqueries + * Fixed a regression in Django 4.2 that caused a crash of + querysets on SQLite when filtering on DecimalField against + values outside of the defined range + * Fixed a regression in Django 4.2 that caused a serialization + crash on a ManyToManyField without a natural key when its + Manager’s base QuerySet used select_related() + +------------------------------------------------------------------- +Thu May 4 07:02:58 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.1 + + CVE-2023-31047: Potential bypass of validation when uploading + multiple files using one form field (bsc#1210866) + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when deferring fields by attribute names + * Fixed a regression in Django 4.2 that caused a crash of + SearchVector function with % characters + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping to group against the wrong + columns + * Reallowed, following a regression in Django 4.2, setting the + "cursor_factory" option in OPTIONS on PostgreSQL + * Enforced UTF-8 client encoding on PostgreSQL, following a + regression in Django 4.2 + * Fixed a regression in Django 4.2 where i18n_patterns() didn’t + respect the prefix_default_language argument when a fallback + language of the default language was used + * Fixed a regression in Django 4.2 where translated URLs of the + default language from i18n_patterns() with + prefix_default_language set to False raised 404 errors for a + request with a different language + * Fixed a regression in Django 4.2 where creating copies and deep + copies of HttpRequest, HttpResponse, and their subclasses didn’t + always work correctly + * Fixed a regression in Django 4.2 where timesince and timeuntil + template filters returned incorrect results for a datetime with + a non-UTC timezone when a time difference is less than 1 day + * Fixed a regression in Django 4.2 that caused a crash of + SearchHeadline function with psycopg 3 + * Fixed a regression in Django 4.2 that caused incorrect + ClearableFileInput margins in the admin + * Fixed a regression in Django 4.2 where breadcrumbs didn’t appear + on admin site app index views + * Made squashing migrations reduce AddIndex, RemoveIndex, + RenameIndex, and CreateModel operations which allows removing a + deprecated Meta.index_together option from historical migrations + and use Meta.indexes instead + +------------------------------------------------------------------- +Thu Apr 6 06:38:13 UTC 2023 - David Anes + +- Update minimal dependency versions. + +------------------------------------------------------------------- +Tue Apr 4 07:19:56 UTC 2023 - David Anes + +- Update to 4.2: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.2/releases/4.2/ + + Psycopg 3 support + + Comments on columns and tables + + Mitigation for the BREACH attack + + In-memory file storage + + Custom file storages + + For backwards incompatible changes in 4.2 see + https://docs.djangoproject.com/en/4.2/releases/4.2/#backwards-incompatible-changes-in-4-2 + +- Update of keyring file + +------------------------------------------------------------------- +Tue Feb 14 09:59:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.7: + + CVE-2023-24580: Potential denial-of-service vulnerability in file + uploads (bsc#1208082) + + Fixed a bug in Django 4.1 that caused a crash of model validation + on ValidationError with no code + +------------------------------------------------------------------- +Wed Feb 1 12:48:49 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.6: + + CVE-2023-23969: Potential denial-of-service via Accept-Language + headers Bugfixes + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint with ordered expressions + +------------------------------------------------------------------- +Mon Jan 2 19:07:30 UTC 2023 - David Anes + +- Update to 4.1.5: + + Fixed a long standing bug in the __len lookup for ArrayField + that caused a crash of model validation on Meta.constraints. +- Update keyring file. + +------------------------------------------------------------------- +Wed Dec 21 09:39:56 UTC 2022 - Daniel Garcia + +- Recommends python-pymemcache instead of the deprecated + python-python-memcached. This is the module used in Django since 3.2 + https://docs.djangoproject.com/en/3.2/releases/3.2/#pymemcache-support + +------------------------------------------------------------------- +Tue Dec 6 13:30:53 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.4 + + Fixed a regression in Django 4.1 that caused an unnecessary table + rebuild when adding a ManyToManyField on SQLite + + Fixed a bug in Django 4.1 that caused a crash of the sitemap index + view with an empty Sitemap.items() and a callable lastmod + + Fixed a bug in Django 4.1 that caused a crash using acreate(), + aget_or_create(), and aupdate_or_create() asynchronous methods of + related managers + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() with "pk" in unique_fields + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() on fields with db_column + +------------------------------------------------------------------- +Wed Nov 2 15:50:11 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.3 + + Fixed a bug in Django 4.1 that caused non-Python files created by + startproject and startapp management commands from custom + templates to be incorrectly formatted using the black command + +------------------------------------------------------------------- +Tue Oct 4 08:22:42 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.2 (bsc#1203793, CVE-2022-41323) + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when adding a model with ExclusionConstraint + + Fixed a regression in Django 4.1 that caused aggregation over a + queryset that contained an Exists annotation to crash due to too + many selected columns + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint on NULL values + + Fixed a regression in Django 4.1 that caused a + QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg() + + Fixed a bug in Django 4.1 that caused + ModelAdmin.autocomplete_fields to be incorrectly selected after + adding/changing related instances via popups + + Fixed a regression in Django 4.1 where the app registry was not + populated when running parallel tests with the multiprocessing + start method spawn + + Fixed a regression in Django 4.1 where the --debug-mode argument + to test did not work when running parallel tests with the + multiprocessing start method spawn + + Fixed a regression in Django 4.1 that didn’t alter a sequence type + when altering type of pre-Django 4.1 serial columns on PostgreSQL + + Fixed a regression in Django 4.1 that caused a crash for View + subclasses with asynchronous handlers when handling non-allowed + HTTP methods + + Reverted caching related managers for ForeignKey, ManyToManyField, + and GenericRelation that caused the incorrect refreshing of + related objects + + Relaxed the system check added in Django 4.1 for the same name + used for multiple template tag modules to a warning + +------------------------------------------------------------------- +Mon Sep 5 11:14:19 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.1 + + Reallowed, following a regression in Django 4.1, using GeoIP2() + when GEOS is not installed + + Fixed a regression in Django 4.1 that caused a crash of admin’s + autocomplete widgets when translations are deactivated + + Fixed a regression in Django 4.1 that caused a crash of the test + management command when running in parallel and multiprocessing + start method is spawn + + Fixed a regression in Django 4.1 that caused an incorrect + redirection to the admin changelist view when using "Save and + continue editing" and "Save and add another" options + + Fixed a regression in Django 4.1 that caused a crash of Window + expressions with ArrayAgg + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite 3.35.5+ when removing an indexed field + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint() with field names in expressions + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint() with range fields on PostgreSQL + + Fixed a regression in Django 4.1 that caused an incorrect + migration when adding AutoField, BigAutoField, or SmallAutoField + on PostgreSQL + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when altering AutoField, BigAutoField, or + SmallAutoField to OneToOneField + + Fixed a migration crash on ManyToManyField fields with through + referencing models in different apps + + Fixed a regression in Django 4.1 that caused an incorrect + migration when renaming a model with ManyToManyField and db_table + + Reallowed, following a regression in Django 4.1, creating reverse + foreign key managers on unsaved instances + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite < 3.20 + + Fixed a regression in Django 4.1 that caused an admin crash when + the admindocs app was used +- Remove 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch + (already upstream) +- Verify the tarball with gpg + +------------------------------------------------------------------- +Wed Aug 3 13:20:52 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.1/releases/4.1/ + + Django 4.1 supports Python 3.8, 3.9, and 3.10 + + Asynchronous handlers for class-based views + + Asynchronous ORM interface + + Validation of Constraints + + Form rendering accessibility + + CSRF_COOKIE_MASKED setting +- Drop fix_test_custom_fields_SQLite.patch (already merged) +- Add 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch to fix + test + +------------------------------------------------------------------- +Wed Aug 3 11:48:48 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.7 (CVE-2022-36359, bsc#1201923): + + Django 4.0.7 fixes a security issue with severity “high” in 4.0.6. + +------------------------------------------------------------------- +Tue Jul 5 08:04:12 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.6 + + CVE-2022-34265: Potential SQL injection via Trunc(kind) and + Extract(lookup_name) arguments + +------------------------------------------------------------------- +Thu Jun 2 07:34:17 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.5 + + Fixed a bug in Django 4.0 where not all OPTIONS were passed to a + Redis client + + Fixed a bug in Django 4.0 that caused a crash of QuerySet.filter() + on IsNull() expressions + + Fixed a bug in Django 4.0 where a hidden quick filter toolbar in + the admin’s navigation sidebar was focusable + +------------------------------------------------------------------- +Mon Apr 11 14:21:09 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.4 + + CVE-2022-28346: Potential SQL injection in "QuerySet.annotate()", + "aggregate()", and "extra()" + + CVE-2022-28347: Potential SQL injection via + "QuerySet.explain(**options)" on PostgreSQL + +------------------------------------------------------------------- +Tue Mar 1 10:49:51 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.3 + + Prevented, following a regression in Django 4.0.1, makemigrations + from generating infinite migrations for a model with + ManyToManyField to a lowercased swappable model such as + 'auth.user' + + Fixed a regression in Django 4.0 that caused a crash when + rendering invalid inlines with readonly_fields in the admin + +------------------------------------------------------------------- +Tue Feb 1 10:15:38 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.2 (CVE-2022-22818, bsc#1195086) (CVE-2022-23833, bsc#1195088) + + CVE-2022-22818: Possible XSS via {% debug %} template tag + + CVE-2022-23833: Denial-of-service possibility in file uploads + + Fixed a bug in Django 4.0 where + TestCase.captureOnCommitCallbacks() could execute callbacks + multiple times + + Fixed a regression in Django 4.0 where help_text was HTML-escaped + in automatically-generated forms + + Fixed a regression in Django 4.0 that caused displaying an + incorrect name for class-based views on the technical 404 debug + page + + Fixed a regression in Django 4.0 that caused an incorrect repr of + ResolverMatch for class-based views + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations on models without Meta.order_with_respect_to but + with a field named _order + + Fixed a regression in Django 4.0 that caused incorrect + ModelAdmin.radio_fields layout in the admin + + Fixed a duplicate operation regression in Django 4.0 that caused a + migration crash when altering a primary key type for a concrete + parent model referenced by a foreign key + + Fixed a bug in Django 4.0 that caused a crash of + QuerySet.aggregate() after annotate() on an aggregate function + with a default + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations when renaming a field of a renamed model + +------------------------------------------------------------------- +Wed Jan 12 14:16:23 UTC 2022 - Matej Cepl + +- Add fix_test_custom_fields_SQLite.patch fixing issues with + modern SQLite (gh#django/django#15168). + +------------------------------------------------------------------- +Mon Jan 10 09:27:36 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.1 (CVE-2021-45115, CVE-2021-45452, bsc#1194117) + + CVE-2021-45115: Denial-of-service possibility in + UserAttributeSimilarityValidator + + CVE-2021-45452: Potential directory-traversal via Storage.save() + + Fixed a regression in Django 4.0 that caused a crash of + assertFormsetError() on a formset named form + + Fixed a bug in Django 4.0 that caused a crash on booleans with the + RedisCache backend + + Relaxed the check added in Django 4.0 to reallow use of a + duck-typed HttpRequest in + django.views.decorators.cache.cache_control() and never_cache() + decorators + + Fixed a regression in Django 4.0 that caused creating bogus + migrations for models that reference swappable models such as + auth.User + + Fixed a long standing bug in Geometry Collections and Polygon that + caused a crash on some platforms (reported on macOS based on the + ARM64 architecture) + +------------------------------------------------------------------- +Mon Dec 27 12:11:09 UTC 2021 - Ben Greiner + +- Fix u-a scriptlet dependency. +- Remove python36 conditional on numpy dep. + +------------------------------------------------------------------- +Fri Dec 24 02:26:37 UTC 2021 - John Vandenberg + +- Avoid dependency on backports.zoneinfo except on Python 3.8 + +------------------------------------------------------------------- +Mon Dec 20 10:37:10 UTC 2021 - Matej Cepl + +- Clean up PYTHONPATH to make test_extra_tests_build_suite pass. + +------------------------------------------------------------------- +Tue Dec 7 14:09:24 UTC 2021 - Alberto Planas Dominguez + +- Update to 4.0 + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.0/releases/4.0/. + - Django 4.0 supports Python 3.8, 3.9, and 3.10. We highly + recommend and only officially support the latest release of + each series. + The Django 3.2.x series is the last to support Python 3.6 and + 3.7. + - The Python standard library’s zoneinfo is now the default + timezone implementation in Django. This is the next step in + the migration from using pytz to using zoneinfo. Django 3.2 + allowed the use of non-pytz time zones. Django 4.0 makes + zoneinfo the default implementation. Support for pytz is now + deprecated and will be removed in Django 5.0. + - The new *expressions positional argument of + UniqueConstraint() enables creating functional unique + constraints on expressions and database functions. + - The new scrypt password hasher is more secure and recommended + over PBKDF2. However, it’s not the default as it requires + OpenSSL 1.1+ and more memory. + - Redis cache backend + - Template based form rendering. Forms, Formsets, and ErrorList + are now rendered using the template engine to enhance + customization. + +------------------------------------------------------------------- +Tue Nov 2 12:45:45 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.9 + + Fixed a bug in Django 3.2 that caused a migration crash on SQLite + when altering a field with a functional index + +------------------------------------------------------------------- +Tue Oct 5 14:25:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.8 + + Fixed a bug in Django 3.2 that caused incorrect links on read-only + fields in the admin + + Fixed a regression in Django 3.2 that caused incorrect selection + of items across all pages when actions were placed both on the top + and bottom of the admin change-list view +- Drop failing_test_subparser_invalid_option.patch, as is already in + the upstream code. + +------------------------------------------------------------------- +Thu Sep 9 15:21:45 UTC 2021 - Matej Cepl + +- Add failing_test_subparser_invalid_option.patch fixing + https://code.djangoproject.com/ticket/33082 + +------------------------------------------------------------------- +Wed Sep 1 10:13:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.7 + + Fixed a regression in Django 3.2 that caused the incorrect offset + extraction from fixed offset timezones + +------------------------------------------------------------------- +Mon Aug 16 08:27:28 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.6 + + Fixed a regression in Django 3.2 that caused a crash validating + "NaN" input with a forms.DecimalField when additional constraints, + e.g. max_value, were specified + + Fixed a bug in Django 3.2 where a system check would crash on a + model with a reverse many-to-many relation inherited from a parent + class + +------------------------------------------------------------------- +Thu Jul 1 07:50:35 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.5 (CVE-2021-35042, bsc#1187785) + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values_list(..., named=True) after prefetch_related() + + Fixed a bug in Django 3.2 that caused a migration crash on MySQL + 8.0.13+ when altering BinaryField, JSONField, or TextField to + non-nullable + + Fixed a regression in Django 3.2 that caused a migration crash on + MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or + TextField with a default value + + Fixed a bug in Django 3.2 where a system check would crash on a + model with an invalid app_label + +------------------------------------------------------------------- +Wed Jun 2 10:45:01 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571) + + CVE-2021-33203: Potential directory traversal via admindocs + + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks + since validators accepted leading zeros in IPv4 addresses + + Fixed a bug in Django 3.2 where a final catch-all view in the + admin didn’t respect the server-provided value of SCRIPT_NAME when + redirecting unauthenticated users to the login page + + Fixed a bug in Django 3.2 where a system check would crash on an + abstract model + + Prevented unnecessary initialization of unused caches following a + regression in Django 3.2 + + Fixed a crash in Django 3.2 that could occur when running mod_wsgi + with the recommended settings while the Windows colorama library + was installed + + Fixed a bug in Django 3.2 that would trigger the auto-reloader for + template changes when directory paths were specified with strings + + Fixed a regression in Django 3.2 that caused a crash of + auto-reloader with AttributeError, e.g. inside a Conda environment + + Fixed a regression in Django 3.2 that caused a loss of precision + for operations with DecimalField on MySQL + +------------------------------------------------------------------- +Mon May 17 07:37:47 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.3 + + Prepared for mysqlclient > 2.0.3 support + + Fixed a regression in Django 3.2 that caused the incorrect + filtering of querysets combined with the | operator + + Fixed a regression in Django 3.2.1 where saving FileField would + raise a SuspiciousFileOperation even when a custom upload_to + returns a valid file path + +------------------------------------------------------------------- +Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.2 (CVE-2021-32052) + + CVE-2021-32052: Header injection possibility since URLValidator + accepted newlines in input on Python 3.9.5+ + + Prevented, following a regression in Django 3.2.1, makemigrations + from generating infinite migrations for a model with Meta.ordering + contained OrderBy expressions + +------------------------------------------------------------------- +Wed May 5 17:25:18 UTC 2021 - Ben Greiner + +- Keep rpm runtime requirements in sync. Downstream packages often + read the egg-info and fail if they are not fulfilled. + +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + +------------------------------------------------------------------- +Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Automatic ~django.apps.AppConfig discovery + + Customizing type of auto-created primary keys + + Functional indexes + + pymemcache support + + New decorators for the admin site + + For a complete description of new features check: + https://github.com/django/django/blob/main/docs/releases/3.2.txt +- Update PYTHOPATH to include the local tests +- Drop i18n_test.patch, i18n_test_extraction.patch, + test_clear_site_cache-sort.patch + +------------------------------------------------------------------- +Sat Feb 13 22:41:42 UTC 2021 - Ben Greiner + +- Don't install python36-numpy for testing. It is no longer + available. (The tests or portions of tests requiring numpy + are skipped automatically in this case.) +- Let the singlespec macro do its job to set the primary provider + for python3-django and python3-South on the primary flavor only. +- Fix mtime of cache file by recompiling. + +------------------------------------------------------------------- +Wed Dec 9 12:16:46 UTC 2020 - Ondřej Súkup + +- Update to 3.1.4 + * Fixed setting the Content-Length HTTP header in AsyncRequestFactory + * Fixed passing extra HTTP headers to AsyncRequestFactory request methods + * Fixed crash of key transforms for JSONField on PostgreSQL when usingi + on a Subquery() annotation + * Fixed a regression in Django 3.1 that caused the incorrect grouping + by a Q object annotation + * Fixed a regression in Django 3.1 that caused suppressing connection errors + when JSONField is used on SQLite + * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained + key transforms for JSONField returning non-string primitive values + +------------------------------------------------------------------- +Mon Nov 2 15:03:13 UTC 2020 - Ondřej Súkup + +- Update to 3.1.3 + * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin + changelist search bar + * Fixed a regression in Django 3.1.2 that caused the incorrect width of the + admin changelist search bar on a filtered page + * Fixed displaying Unicode characters in forms.JSONField and read-only + models.JSONField values in the admin + * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg + with ordering on key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using + key transforms for JSONField in the lookup value + * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with + key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL + when adding an ExclusionConstraint with key transforms for JSONField in expressions + * Fixed a regression in Django 3.1 where ProtectedError.protected_objects + and RestrictedError.restricted_objects attributes returned iterators instead + of set of objects + * Fixed a regression in Django 3.1.2 that caused incorrect form input layout + on small screens in the admin change form view + * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens + * Added support for asgiref 3.3 + * Fixed a regression in Django 3.1 that caused incorrect textarea layout + on medium-sized screens in the admin change form view with the sidebar open + * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases + in the GROUP BY clause + * Fixed a bug in Django 3.1 where FileField instances with a callable storage were + not correctly deconstructed + * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned + incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with + Meta.ordering. A model’s Meta.ordering doesn’t affect such queries + * Fixed a regression in Django 3.1 where a queryset would crash if it contained + an aggregation and a Q object annotation + * Fixed a bug in Django 3.1 where a test database was not synced during creation + when using the MIGRATE test database setting + * Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a GenericRelation + * Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar + would not scroll for a long list of available filters + +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + +------------------------------------------------------------------- +Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg + +- Require asgiref >= 3.2.10 per upstream + +------------------------------------------------------------------- +Tue Aug 11 07:48:29 UTC 2020 - Alberto Planas Dominguez + +- Update to 3.1 + * Asynchronous views and middleware support + * JSONField for all supported database backends + * DEFAULT_HASHING_ALGORITHM settings¶ + * Read https://docs.djangoproject.com/en/3.1/releases/3.1/ +- Drop fix-selenium-test.patch. Already upstream. +- Add i18n_test_extraction.patch to support xgettext 0.21 + +------------------------------------------------------------------- +Thu Aug 6 11:36:36 UTC 2020 - Ondřej Súkup + +- update to 3.0.9 + * Allowed setting the SameSite cookie flag in HttpResponse.delete_cookie() + * Fixed crash when sending emails to addresses with display names longer than + 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+ + +------------------------------------------------------------------- +Wed Jul 8 11:52:27 UTC 2020 - Ondřej Súkup + +- update to 3.0.8 + * Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings + raised by cache key validation + * Fixed a regression in Django 3.0.7 that caused a queryset crash + when grouping by a many-to-one relationship + * Reallowed, following a regression in Django 3.0, non-expressions having + a filterable attribute to be used as the right-hand side in queryset filters + * Fixed a regression in Django 3.0.2 that caused a migration crash + on PostgreSQL when adding a foreign key to a model with a namespaced db_table + * Added compatibility for cx_Oracle 8 + +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + +------------------------------------------------------------------- +Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal + +- Add patch to fix the 32bit build: + * 32bit.patch + +------------------------------------------------------------------- +Thu Apr 23 16:58:12 UTC 2020 - Marcus Rueckert + +- Update to 3.0.5 + https://docs.djangoproject.com/en/3.0/releases/3.0.5/ + https://docs.djangoproject.com/en/3.0/releases/3.0.4/ + https://docs.djangoproject.com/en/3.0/releases/3.0.3/ + https://docs.djangoproject.com/en/3.0/releases/3.0.2/ + https://docs.djangoproject.com/en/3.0/releases/3.0.1/ + https://docs.djangoproject.com/en/3.0/releases/3.0/ +- new dependency: python-asgiref + +------------------------------------------------------------------- +Fri Apr 3 06:55:41 UTC 2020 - Tomáš Chvátal + +- Update to 2.2.12: + * Added the ability to handle .po files containing different plural + equations for the same language (#30439). + +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + +------------------------------------------------------------------- +Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup + +- update to 2.2.10 +- drop pyyaml53.patch + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` + +------------------------------------------------------------------- +Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup + +- add pyyaml53.patch - fix tests with PyYAML 5.3 + +------------------------------------------------------------------- +Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup + +- Update to 2.2.9 + * CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447) + * Fixed a data loss possibility in SplitArrayField. + +------------------------------------------------------------------- +Mon Dec 2 09:45:57 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.8 + * CVE-2019-19118: Privilege escalation in the Django admin (boo#1157705) + * Fixed a data loss possibility in the admin changelist view when a + custom formset’s prefix contains regular expression special + characters, e.g. '$' + * Fixed a regression in Django 2.2.1 that caused a crash when + migrating permissions for proxy models with a multiple database + setup if the default entry was empty + * Fixed a data loss possibility in the select_for_update(). When + using 'self' in the of argument with multi-table inheritance, a + parent model was locked instead of the queryset’s model +- Add patch fix-selenium-test.patch to fix a test when selenium is + missing + +------------------------------------------------------------------- +Fri Nov 15 10:53:24 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.7: + * Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform (#30826). + * Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan (#30870). + * Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses (#30903). + * Restored the ability to override get_FOO_display() (#30931). + +------------------------------------------------------------------- +Fri Nov 15 07:49:06 UTC 2019 - Tomáš Chvátal + +- Require full python interpreter on build and runtime + +------------------------------------------------------------------- +Mon Oct 7 13:15:57 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.6: + * Fixed migrations crash on SQLite when altering a model + containing partial indexes (#30754). + * Fixed a regression in Django 2.2.4 that caused a crash when + filtering with a Subquery() annotation of a queryset containing + JSONField or HStoreField (#30769). + +------------------------------------------------------------------- +Mon Sep 16 10:13:08 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.5: + * Relaxed the system check added in Django 2.2 for models to reallow use of the same db_table by multiple models when database routers are installed (#30673). + * Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672). + * Fixed a regression in Django 2.2 where ModelAdmin.list_filter choices to foreign objects don’t respect a model’s Meta.ordering (#30449). + * Fixed a race condition in loading URLconf module that could cause a crash of auto-reloader on Python 3.5 and below (#30500). + +------------------------------------------------------------------- +Thu Aug 1 11:13:37 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.4: + * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 + bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880 + * Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628). + * Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647). + +------------------------------------------------------------------- +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- +Mon Jun 3 11:01:44 UTC 2019 - Ondřej Súkup + +- update to 2.2.2 + * Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468) + * Fixes CVE-2019-11358: Prototype pollution + +------------------------------------------------------------------- +Tue May 7 07:13:09 UTC 2019 - Tomáš Chvátal + +- Update keyring file + +------------------------------------------------------------------- +Mon May 6 14:11:22 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.1 + * Fixed a regression in Django 2.1 that caused the incorrect quoting + of database user password when using dbshell on Oracle (#30307). + * Added compatibility for psycopg2 2.8 (#30331). + * Fixed a regression in Django 2.2 that caused a crash when loading + the template for the technical 500 debug page (#30324). + * Fixed crash of ordering argument in ArrayAgg and StringAgg when it + contains an expression with params (#30332). + * Fixed a regression in Django 2.2 that caused a single instance + fast-delete to not set the primary key to None (#30330). + * Prevented makemigrations from generating infinite migrations for + check constraints and partial indexes when condition contains a + range object (#30350). Reverted an optimization in Django 2.2 + (#29725) that caused the inconsistent behavior of count() and + exists() on a reverse many-to-many relationship with a custom + manager (#30325). + * Fixed a regression in Django 2.2 where Paginator crashes if + object_list is a queryset ordered or aggregated over a nested + JSONField key transform (#30335). + * Fixed a regression in Django 2.2 where IntegerField validation of + database limits crashes if limit_value attribute in a custom + validator is callable (#30328). + * Fixed a regression in Django 2.2 where SearchVector generates SQL + that is not indexable (#30385). + * Fixed a regression in Django 2.2 that caused an exception to be + raised when a custom error handler could not be imported (#30318). + * Relaxed the system check added in Django 2.2 for the admin app’s + dependencies to reallow use of SessionMiddleware subclasses, + rather than requiring django.contrib.sessions to be in + INSTALLED_APPS (#30312). + * Increased the default timeout when using Watchman to 5 seconds to + prevent falling back to StatReloader on larger projects and made + it customizable via the DJANGO_WATCHMAN_TIMEOUT environment + variable (#30361). + * Fixed a regression in Django 2.2 that caused a crash when + migrating permissions for proxy models if the target permissions + already existed. For example, when a permission had been created + manually or a model had been migrated from concrete to proxy + (#30351). + * Fixed a regression in Django 2.2 that caused a crash of runserver + when URLConf modules raised exceptions (#30323). + * Fixed a regression in Django 2.2 where changes were not reliably + detected by auto-reloader when using StatReloader (#30323). + * Fixed a migration crash on Oracle and PostgreSQL when adding a + check constraint with a contains, startswith, or endswith lookup + (or their case-insensitive variant) (#30408). + * Fixed a migration crash on Oracle and SQLite when adding a check + constraint with condition contains | (OR) operator (#30412). + +------------------------------------------------------------------- +Wed Apr 10 07:55:46 UTC 2019 - John Vandenberg + +- Add test_clear_site_cache-sort.patch to workaround flaky test +- Add bcond_with for selenium and memcached, as those tests are inactive, + and add missing dependencies and setup for selenium testing +- Move removal of executable bit from a JavaScript file to %prep +- Fix fdupes + +------------------------------------------------------------------- +Wed Apr 3 11:21:56 UTC 2019 - Ondřej Súkup + +- update to 2.2 +- drop pyyaml5.patch +- add i18n_test.patch + * HttpRequest.headers to allow simple access to a request’s headers. + * Database-level constraints on models. + * Watchman compatibility for runserver to improve the performance + +------------------------------------------------------------------- +Sat Mar 23 16:31:46 UTC 2019 - Tomáš Chvátal + +- Add patch to build with PyYAML >5: + * pyyaml5.patch + +------------------------------------------------------------------- +Tue Feb 12 09:24:53 UTC 2019 - Thomas Bechtold + +- update to 2.1.7 (CVE-2019-6975, bsc#1124991): + * Corrected packaging error from 2.1.6 + * Memory exhaustion in django.utils.numberformat.format() + If django.utils.numberformat.format() – used by contrib.admin as well + as the the floatformat, filesizeformat, and intcomma templates + filters – received a Decimal with a large number of digits or a + large exponent, it could lead to significant memory usage + due to a call to '{:f}'.format(). + To avoid this, decimals with more than 200 digits are now formatted + using scientific notation. + * Made the obj argument of InlineModelAdmin.has_add_permission() optional + to restore backwards compatibility with third-party code that doesn’t + provide it + +------------------------------------------------------------------- +Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold + +- update to 2.1.5 (CVE-2019-3498, bsc#1120932): + * CVE-2019-3498: Content spoofing possibility in the default 404 page + * Fixed compatibility with mysqlclient 1.3.14 (#30013). + * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop + and rebuild your SQLite database if you applied a migration while using + an older version of Django with SQLite 3.26 or later (#29182). + * Prevented SQLite schema alterations while foreign key checks are enabled + to avoid the possibility of schema corruption (#30023). + * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) + where request body data isn’t properly consumed for such + connections (#30015). + * Fixed a regression in Django 2.1.4 where + InlineModelAdmin.has_change_permission() is incorrectly called with + a non-None obj argument during an object add (#30050). + +------------------------------------------------------------------- +Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup + +- Update to version 2.1.4 + * Corrected the default password list that CommonPasswordValidator uses + by lowercasing all passwords to match the format expected by the validator + * Prevented repetitive calls to geos_version_tuple() in the WKBWriter class in + an attempt to fix a random crash involving LooseVersion + * Fixed keep-alive support in runserver after it was disabled o 2.0 + * Fixed admin view-only change form crash when using ModelAdmin.prepopulated_fields + * Fixed “Please correct the errors below” error message when editing an object + in the admin if the user only has the “view” permission on inlines + * Fixed a regression in Django 2.0 where combining Q objects with __in lookups + and lists crashed + * Fixed a regression in Django 2.0 where test databases aren’t reused + with manage.py test --keepdb on MySQL + * Fixed a regression where cached foreign keys that use to_field were + incorrectly cleared in Model.save() + * Fixed a regression in Django 2.0 where FileSystemStorage crashes + with FileExistsError if concurrent saves try to create the same directory + +------------------------------------------------------------------- +Thu Oct 4 13:13:00 UTC 2018 - Alberto Planas Dominguez + +- Update to version 2.1.2 + * CVE-2018-16984: Password hash disclosure to “view only” admin + users + * Fixed a regression where nonexistent joins in F() no longer raised + FieldError (#29727). + * Fixed a regression where files starting with a tilde or underscore + weren’t ignored by the migrations loader (#29749). + * Made migrations detect changes to Meta.default_related_name + (#29755). + * Added compatibility for cx_Oracle 7 (#29759). + * Fixed a regression in Django 2.0 where unique index names weren’t + quoted (#29778). + * Fixed a regression where sliced queries with multiple columns with + the same name crashed on Oracle 12.1 (#29630). + * Fixed a crash when a user with the view (but not change) + permission made a POST request to an admin user change form + (#29809). + +------------------------------------------------------------------- +Tue Sep 18 13:17:15 CEST 2018 - Matěj Cepl + +- Switch of BR selenium for non-Intel platforms. + +------------------------------------------------------------------- +Tue Sep 4 12:24:15 UTC 2018 - Ondřej Súkup + +- update to version 2.1.1 +- drop django-urlencode.patch + * Fixed a race condition in QuerySet.update_or_create() that could result + in data loss + * Fixed a regression where QueryDict.urlencode() crashed if the dictionary + contains a non-string value + * Fixed a regression in Django 2.0 where using manage.py test --keepdb fails + on PostgreSQL if the database exists and the user doesn’t have permission + to create databases + * Fixed a regression in Django 2.0 where combining Q objects with __in + lookups and lists crashed + * Fixed translation failure of DurationField’s “overflow” error message + * Fixed a regression where the admin change form crashed if the user doesn’t + have the ‘add’ permission to a model that uses TabularInline + * Fixed a regression where a related_query_name reverse accessor wasn’t + set up when a GenericRelation is declared on an abstract base model + * Fixed the test client’s JSON serialization of a request data dictionary + for structured content type suffixes + * Made the admin change view redirect to the changelist view after a POST + if the user has the ‘view’ permission + * Fixed admin change view crash for view-only users if the form + has an extra form field + * Fixed a regression in Django 2.0.5 where QuerySet.values() or values_list() + after combining querysets with extra() with union(), difference(), + or intersection() crashed due to mismatching columns + +------------------------------------------------------------------- +Tue Aug 14 07:46:04 UTC 2018 - tchvatal@suse.com + +- Apply patch to fix urlencode nonstring values: + * django-urlencode.patch + +------------------------------------------------------------------- +Wed Aug 8 13:33:57 UTC 2018 - tchvatal@suse.com + +- Enable testsuite + +------------------------------------------------------------------- +Wed Aug 8 09:35:51 UTC 2018 - mimi.vx@gmail.com + +- update to version 2.1 +- move bash completion to right location +- for full chanfges please see https://docs.djangoproject.com/en/2.1/releases/2.1/ + * Dropped support for MySQL 5.5 + * Dropped support for PostgreSQL 9.3 + * Support for SpatiaLite 4.0 is removed + * Support for SQLite < 3.7.15 is removed. + +------------------------------------------------------------------- +Mon Jul 2 13:15:55 UTC 2018 - aplanas@suse.com + +- update to version 2.0.7: + * Fixed admin changelist crash when using a query expression without + asc() or desc() in the page’s ordering (#29428). + * Fixed admin check crash when using a query expression in + ModelAdmin.ordering (#29428). + * Fixed __regex and __iregex lookups with MySQL 8 (#29451). + * Fixed migrations crash with namespace packages on Python 3.7 + (#28814). +- update to version 2.0.6 + * Fixed a regression that broke custom template filters that use + decorators (#29400). + * Fixed detection of custom URL converters in included patterns + (#29415). + * Fixed a regression that added an unnecessary subquery to the GROUP + BY clause on MySQL when using a RawSQL annotation (#29416). + * Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS + 3.6.1+ (#29460). + * Fixed a regression in Django 1.10 that could result in large + memory usage when making edits using ModelAdmin.list_editable + (#28462). +- update to version 2.0.5 + * Corrected the import paths that inspectdb generates for + django.contrib.postgres fields (#29307). + * Fixed a regression in Django 1.11.8 where altering a field with a + unique constraint may drop and rebuild more foreign keys than + necessary (#29193). + * Fixed crashes in django.contrib.admindocs when a view is a + callable object, such as django.contrib.syndication.views.Feed + (#29296). + * Fixed a regression in Django 1.11.12 where QuerySet.values() or + values_list() after combining an annotated and unannotated + queryset with union(), difference(), or intersection() crashed due + to mismatching columns (#29286). + +------------------------------------------------------------------- +Sat Apr 7 19:21:18 UTC 2018 - tbechtold@suse.com + +- update to version 2.0.4: + * Fixed #29265 -- Removed the suggestion to hardcode static URLs. + * Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. + * Fixed #29195 -- Fixed Exists.output_field resolution on single-valued queries. + * Fixed links to Sphinx docs. + * Fixed typo in docs/releases/2.0.4.txt. + * Clarified docs about ISO 8601 week numbering. + * Fixed #29116 -- Fixed OpenLayersWidget deserialization ignoring the widget map's SRID. + * Added CVE-2018-7536,7 to the security release archive. + * Fixed #29221 -- Corrected admin's autocomplete widget to add a space after custom classes. + * Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets. + * Added a pagination example to ListView docs. + * Fixed #28514 -- Clarifed docs about idempotence of RelatedManager.add(). + * isorted import statements in tutorial example. + * Fixed #29192 -- Corrected docs regarding overriding fields from abstract base classes. + * Refs #11278 -- Clarified RelatedManager differences between reverse one-to-many and many-to-many relations. + * Added stub release notes for 1.11.12. + * Fixed #29165 -- Clarified how to load initial data with migrations. + * Fixed #29213 -- Fixed autocomplete widget's translations for zh-hans/zh-hant. + * Reverted "Expanded docs for AbstractBaseUser.has_usable_password()." + * Fixed typo in docs/releases/2.0.4/1.11.12.txt. + * Bumped version for 2.0.4 release. + * Fixed #29250 -- Added 'django_version' context to startapp/project docs. + * Added release date for 2.0.4 and 1.11.12. + * Post-release version bump. + * Clarified a sentence in docs/topics/i18n/translation.txt. + * Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection(). + * Added stub release notes for 2.0.4. + * Fixed a couple mistakes in docs/ref/forms/widgets.txt. + * Fixed #28655 -- Added more examples for customizing widgets in a form. + +------------------------------------------------------------------- +Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com + +- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537): + * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets. + * Added CVE-2018-6188 to the security release archive. + * Post-release version bump. + * Updated translations from Transifex + * Added stub release notes for security releases. + * Fixed incorrect regex in re_path() example. + * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. + * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. + * Used a CSS positioning in tutorial 6 that doesn't differ across browsers. + * Fixed typo in bulk_create() documentation. + * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. + * Removed blank lines per isort 4.3.0. + * Added stub release notes for 2.0.3. + * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. + * Fixed #29172 -- Fixed crash with Window expression in a subquery. + * Fixed #29166 -- Fixed crash in When() expression with a list argument. + * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. + * Improved clarity of docs/topics/install.txt. + * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value. + * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. + * Bumped version for 2.0.3 release. + * Corrected doc'd type of some parameters from string to str. + * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. + * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. + * Switched test requirement to new psycopg2-binary package. + * Added backticks around obj argument in admin docs. + * Fixed typo in docs/topics/forms/media.txt. + * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. + * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). + +------------------------------------------------------------------- +Wed Feb 7 13:54:36 UTC 2018 - tbechtold@suse.com + +- update to 2.0.2 (bsc#1077714, CVE-2018-6188): + * Fixed #28883 -- Doc'd that the uuid URL path converter matches lowercase only letters. + * Fixed a GeoIP2 test failure with the latest GeoIP2 database. + * Added stub release notes for 2.0.1. + * Bumped version for 2.0.2 release. + * Fixed location of spatialite_source label. + * Fixed #28958 -- Fixed admin changelist crash when using a query expression in the page's ordering. + * Fixed #28231 -- Doc'd that QuerySet.bulk_create() casts objs to a list. + * Fixed #29032 -- Fixed an example of using expressions in QuerySet.values(). + * Disambiguated "settings" in SpatiaLite note. + * Fixed typo in docs/topics/testing/advanced.txt. + * Post-release version bump. + * Refs #25604 -- Removed docs for makemigrations --exit. + * Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled. + * Fixed typo in TemplateCommand argument help text. + * Added stub release notes for 1.11.9. + * Fixed #28915 -- Prevented SQLite from truncating trailing zeros in the fractional part of DecimalField. + * Refs #29086 -- Doc'd how to detect bytestring mistakes. + * Fixed #28886 -- Updated prefix for example django.contrib.auth.urls URLs. + * Fixed #29081 -- Clarified comments in QuerySet.select_related() example. + * Refs #27985 -- Reallowed using __exact=None as an alias for __isnull=True if a custom lookup class with lookup_name != None is registered as the exact lookup. + * Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table. + * Removed 'development' word in contributing docs + * Fixed #29055 -- Doc'd that escapejs doesn't make template literals safe. + * Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion. + * Fixed grammar in docs/releases/2.0.txt. + * Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does. + * Fixed #28944 -- Fixed crash when chaining values()/values_list() after QuerySet.select_for_update(of=()). + * Fixed #29091 -- Fixed makemigrations crash if migrations directory doesn't have __init__.py. + * Fixed #28898 -- Corrected admin check to allow a OneToOneField in ModelAdmin.autocomplete_fields. + * Fixed #28896 -- Reallowed filtering a queryset with GeometryField=None. + * Fixed #28891 -- Documented Origin's loader attribute. + * Confirmed support for PostGIS 2.4. + * Wrapped an import per isort. + * Added release date for 2.0.1 and 1.11.9. + * Fixed #28884 -- Fixed crash on SQLite when renaming a field in a model referenced by a ManyToManyField. + * Fixed "template tag" spelling in docs. + * Fixed #28947 -- Fixed crash when coercing a translatable URL pattern to str. + * Fixed typo in docs/topics/i18n/translation.txt. + * Refs #28932 -- Skipped the failing test for refs #28915 on Oracle. + * Refs #25181 -- Updated timezone.now() docs about obtaining the time in the current time zone. + * Updated documented mysqlclient requirement to 1.3.7. + * Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages. + * Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. + * Fixed #29067 -- Fixed regression in QuerySet.values_list(..., flat=True) followed by annotate(). + * Removed note in tutorial about bypassing manage.py. + * Fixed #28929 -- Corrected QUnit examples. + * Refs #28958 -- Added a test for ModelAdmin with query expressions in ordering. + * Updated various links in docs to use HTTPS. + * Expanded docs for AbstractBaseUser.has_usable_password(). + * Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073. + * Doc'd specifying the ENGINE setting as part of configuring contrib.gis. + * Added stub release notes for 1.11.10. + * Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase. + * Fixed #28784 -- Clarified how migrate --fake works. + * Fixed typo in docs/ref/models/expressions.txt. + * Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields. + * Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table. + * Bumped version for 2.0.1 release. + * Fixed #25277 -- Restored test dependency to the original python-memcached. + * Fixed #28761 -- Documented how an inline formset's prefix works. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Fixed #28966 -- Doc'd that the uuid URL path converter requires dashes + * Fixed #29054 -- Fixed a regression where a queryset that annotates with geometry objects crashes. + * Reverted "[1.11.x] Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI." + * Added "Python 3 Only" trove classifier. + * Fixed #28941 -- Fixed crash in testserver command startup. + * Fixed import in docs/ref/models/conditional-expressions.txt example. + * Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. + * Fixed #28594 -- Removed Jython docs and specific code + * Renamed the "Supported versions" label. + * Fixed #28878 -- Added python_requires in setup.py and a warning for older pips that don't recognize it. + * Fixed typo in docs/ref/contrib/admin/index.txt. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Added stub release notes for 2.0.2. + * Fixed #28938 -- Corrected Python compatibility in the tutorial. + * Fixed #28890 -- Removed newlines between MultiWidget's subwidgets. + +------------------------------------------------------------------- +Tue Dec 12 21:12:18 UTC 2017 - mimi.vx@gmail.com + +- update to 2.0 + * drop python 2 support + * Simplified URL routing syntax + * Mobile-friendly contrib.admin + * Window expressions + * Removed support for bytestrings in some places + * Dropped support for Oracle 11.2 +- Please read Release Notes - https://docs.djangoproject.com/en/2.0/releases/2.0/ + +------------------------------------------------------------------- +Tue Dec 12 05:16:57 UTC 2017 - tbechtold@suse.com + +- update to 1.11.8: + * Fixed #28488 -- Reallowed error handlers to access CSRF tokens. + * Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey + pointing to a MTI model. + * Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary + key in an Index's fields. + * Added stub release notes for 1.11.7. + * Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint" + crash on MySQL with a sequence of AlterField or RenameField operations. + * Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef. + * Added assertion helpers for PostgreSQL's server-side cursor tests. + * Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs. + * Fixed #28786 -- Doc'd middleware ordering considerations due to + CommonMiddleware setting Content-Length. + * Added release date for 1.11.8. + * Fixed #28702 -- Made query lookups for CIText fields use citext. + * Added 2017-12794 to the security release archive. + * Fixed typo in docs/topics/cache.txt. + * Bumped version for 1.11.6 release. + * Added release date for 1.11.6. + * Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt. + * Bumped version for 1.11.7 release. + * Added stub release notes for 1.11.8. + * Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered + subquery that uses nulls_first/nulls_last. + * Fixed typo in docs/topics/db/aggregation.txt. + * Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt. + * Fixed typo in docs/topics/forms/media.txt. + * Bumped version for 1.11.8 release. + * Fixed typo in docs/ref/models/querysets.txt. + * Fixed test failures due to ordering differences on PostgreSQL 10. + * Fixed #28710 -- Fixed the Basque DATE_FORMAT string + * Added stub release notes for 1.11.6. + * Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. + * Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after + values() and values_list(). + * Post-release version bump. + * Fixed #28792 -- Fixed index name truncation of namespaced tables. + * Fixed #28781 -- Added QuerySet.values()/values_list() support for union(), + difference(), and intersection(). + * Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last. + * Refs #28710 -- Simplified l10n format test + * Initialized CsrfViewMiddleware once in csrf_tests. + * Added release date for 1.11.7. + * Linked to prefetch_related_objects func in DB optimization docs. + * Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user + error when using ModelBackend. + * Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs. + * Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins. + * Fixed #28555 -- Made CharField convert whitespace-only values to the + empty_value when strip is enabled. + * Fixed #28601 -- Prevented cache.get_or_set() from caching None if default + is a callable that returns None. + +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + +------------------------------------------------------------------- +Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com + +- update to version 1.11.4: + * Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3. + * Fixed #27956 -- Fixed display of errors in an {% extends %} child. + * Updated various links in docs to avoid redirects + * Fixed typo in docs/topics/auth/default.txt. + * Double quoted HTML attributes in widget docs + * Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template. + * Added stub release notes for 1.11.3. + * Documented OSMWidget.default_lat/lon. + * Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field. + * Bumped version for 1.11.4 release. + * Bumped version for 1.11.3 release. + * Updated translations from Transifex + * Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets(). + * Fixed #28242 -- Moved ImageField file extension validation to the form field. + * Made docs/topics/migrations.txt use single quotes consistently. + * Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2. + * Updated name of topics/db/queries link on index. + * Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt. + * Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state. + * Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. + * Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test. + * Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs. + * Fixed typo in docs/topics/testing/advanced.txt. + * Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context. + * Refs #18974 -- Added stacklevel for permalink() deprecation. + * Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field. + * Fixed #28051 -- Made migrations respect Index's name argument. + * Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous. + * Added release date for 1.11.4. + * Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path. + * Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__(). + * Fixed #28148 -- Doc'd ImageField name validation concerns with the test client. + * Added stub release notes for 1.11.2. + * Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+. + * Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor. + * Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt. + * Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms. + * Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible(). + * Fixed docstring typo in django/contrib/admin/actions.py. + * Fixed #28102 -- Doc'd how to compute path to built-in widget template directories. + * Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples. + * Fixed #28181 -- Added detection for GDAL 2.1 and 2.0. + * Refs #23853 -- Updated sql.query.Query.join() docstring. + * Added a test for Model._meta._property_names. + * Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg. + * Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept. + * Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis. + * Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget. + * Added content_type filtering in Permission querying example. + * Corrected FileExtensionValidator doc regarding the value being validated. + * Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash. + * Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. + * Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices. + * Post-release version bump. + * Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False. + * Refs #28192 -- Fixed documentation of ChoiceField choices requirement + * Fixed #27966 -- Bumped required psycopg2 version to 2.5.4. + * Linked GIS QuerySet API docs to corresponding PostGIS docs. + * Fixed #27974 -- Kept resolved templates constant during one rendering cycle. + * Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations + * Fixed typo in docs/ref/request-response.txt. + * Fixed #27963 -- Removed unneeded docstring example in contributing docs. + * Added stub release notes for security releases. + * Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS. + * Fixed typo in docs/ref/forms/fields.txt. + * Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). + * Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount. + * Fixed broken links to Oracle docs. + * Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches. + * Added links and cosmetic edits to docs/ref/request-response.txt. + * Added stub release notes for 1.11.1. + * Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page. + * Removed incorrect "required" attribute in docs/ref/forms/fields.txt. + * Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context. + * Refs #24423 -- Readded inadvertently deleted i18n tests. + * Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939). + * Corrected post-release version bump. + * Made runtests.py run gis_tests only when using a GIS database backend. + * Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool. + * Fixed broken link to QUnit docs. + * Removed MySQL (unsupported) from Perimeter docs. + * Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt. + * Fixed #28139 -- Added another level of headings in the topics index. + * Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like. + * Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed. + * Updated man page for Django 1.11. + * Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt. + * Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST. + * Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. + * Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS. + * Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. + * Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering. + * Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor. + * Tested EmailMessage(attachments=[MIMEText]) + * Clarified return value of NumGeometries GIS function. + * Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL. + * Fixed #28058 -- Restored empty BoundFields evaluating to True. + * Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt. + * Added CVE-2017-7233,4 to the security release archive. + * Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII. + * Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters. + * Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet. + * Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults. + * Refs #27556, #27488 -- Updated support backends docs for isvalid lookup. + * Fixed nondeterministic ordering test failure in model_forms. + * Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__(). + * Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758. + * Made a few cosmetic updates to "Migrations that add unique fields". + * Bumped version for 1.11 release. + * Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory. + * Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input. + * Fixed #27949 -- Doc'd how OpenLayers 3 widgets work. + * Pass type to sql_alter_column_* where it was missing. + * Fixed #27866 -- Made ChoiceWidget.format_value() return a list + * Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667). + * Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed. + * Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet. + * Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date. + * Fixed #28161 -- Fixed return type of ArrayField(CITextField()). + * Corrected docs regarding MySQL support of Length GIS function. + * Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value. + * Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest. + * Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials. + * Fixed #27644 -- Doc'd FileSystemStorage.get_created_time(). + * Added test for intersection() when combining with a queryset raising EmptyResultSet. + * Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL. + * Removed extra characters in docs header underlines. + * Fixed GEOSGeometry reference in GIS tutorial. + * Refs #28066 -- Fixed Python 2 failures in sessions_tests. + * Removed obsolete Widget.format_output() in tests. + * Fixed #28059 -- Restored class attribute in
    of widgets that use multiple_input.html. + * Fixed typo in docs/ref/contrib/postgres/fields.txt. + * Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. + * Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537). + * Removed unexpected initial attribute in data migration examples. + * Renamed "Mac OS X" to "macOS" in docs. + * Sorted imports per isort 4.2.9. + * Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331. + * Back to the future. + * Fixed #27993 -- Fixed model form default fallback for SelectMultiple. + * Refs #27866 -- Adapted backport for Python 2 compatibility + * Removed unused links in docs/internals/contributing/triaging-tickets.txt. + * Clarified QuerySet.iterator()'s docs on server-side cursors. + * Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses + * Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget. + * Corrected REPL example in forms docs for Python 3. + * Refs #28181 -- Corrected detection of GDAL 2.1 on Windows. + * Fixed #28075 -- Prevented ChoiceWidget from localizing option values. + * Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model. + * Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL. + * Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model. + * Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL. + * Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs. + * Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend. + * Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options. + * Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11. + * Fixed a forms test after updated translations. + * Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt. + * Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists(). + * Fixed #28336 -- Fixed typo in docs/ref/settings.txt. + * Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet. + * Refs #28052 -- Cleaned up some indexes in schema tests. + * Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk. + * Added release date for 1.11.1. + * Fixed #28327 -- Removed contradictory description of mod_wsgi docs. + * Clarified "newly-introduced features" in the supported versions policy. + * Fixed docs build with Sphinx 1.6. + * Fixed #28239 -- Removed docs for a removed arg of template.Context. + * Bumped version for 1.11.2 release. + * Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests. + * Updated postgis.net and gaia-gis.it links to https. + * Fixed typos in docs/topic/db/search.txt. + * Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables. + * Fixed typos in docs/howto/static-files/index.txt. + * Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views. + * Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk. + * Fixed db backend discovery in admin_scripts tests. + * Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt. + * Fixed #26028 -- Added overriding templates howto. + * Updated was_published_recently() tutorial test to check boundary condition. + * Fix a typo in django/db/transaction.py + * Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings. + * Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. + * Refs #22397 -- Removed model in test cleanup + * Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False. + * Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField. + * Updated core translations from Transifex + * Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model. + * Added missing import in docs/topics/db/queries.txt. + * Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected. + * Fixed #28229 -- Fixed the value of LoginView's "next" template variable. + * Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None. + * Added release date for 1.11.2. + * Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. + * Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new. + * Removed an obsolete temporal reference in docs/faq/general.txt. + * Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg. + * Fixed #27945 -- Clarified that RegexValidator searches with the regex. + * Linked GIS functions docs to corresponding PostGIS docs. + * Refs #17453 -- Fixed broken link to #django IRC logs. + * Fixed gis_tests.geoapp test with incorrect geodetic coordinates. + * Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data. + * Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it. + * Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5. + * Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms. + * Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails + * Clarified backend support of Area GIS function. + * Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it. + * Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models. + * Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable. + * Fixed #28188 -- Fixed crash when pickling model fields. + * Fixed typo in docs/ref/models/querysets.txt. + * Pointed Dive into Python links to python3 site + * Refs #25240 -- Added ExtractWeek examples. + * Added some shell output in tutorial 2. + * Removed inappropriate highlighting in committing-code.txt. + * Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries. + * Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses. + * Fixed flake8 warning on Python 2. + * Clarified meaning of "Optional" in auth.models.User field docs. + * Clarified HStoreField model/form difference in 1.11 release notes. + * Removed self from method signatures in docs. + * Added stub release notes for 1.11.4. + * Updated tests after French translation update + * Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once. + * Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter. + * Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form. + * Refs #21415 -- Fixed contrib.humanize translations for es_AR + * Fixed #27655 -- Added some guidelines to the coding style docs. + * Updated contrib translations from Transifex + * Removed nonexistent methods from File's docs. + * Doc'd the need to remove default ordering on Subquery aggregates. + * Fixed broken link to mysqlclient docs. + * Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model. + * Removed usage of deprecated sphinx.util.compat.Directive. + * Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da. + * Fixed #28190 -- Clarifed how include/extends treat template names. + * Refs #26294 -- Fixed typo in docs/ref/django-admin.txt. + * Refs #28091 -- Fixed typo and rephrased 1.11.1 release note. + * Fixed typo in docs/ref/class-based-views/mixins-single-object.txt. + * Bumped version for 1.11.1 release. + * Added release date for 1.11.3. + * Bumped version for 1.11 release candidate 1. + * Simplified tutorial's test names and docstrings. + * Fixed typo in django/db/backends/base/schema.py comment. + * Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs. +- Require python-pytz and Recommend python-bcrypt + +------------------------------------------------------------------- +Wed Aug 9 17:58:19 UTC 2017 - toddrme2178@gmail.com + +- Fix building on older Python versions. + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. + +------------------------------------------------------------------- +Mon May 8 14:32:03 UTC 2017 - toddrme2178@gmail.com + +- django-admin.py should be the master, not django-admin. + +------------------------------------------------------------------- +Sat May 6 03:31:54 UTC 2017 - toddrme2178@gmail.com + +- Don't provide python2-django or python2-South, singlespec + packages should use correct name. + +------------------------------------------------------------------- +Thu May 4 15:33:21 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Apr 4 14:38:13 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.7 + Bugfixes + * Made admin’s RelatedFieldWidgetWrapper use the wrapped widget’s + value_omitted_from_data() method (#27905) + * Fixed model form default fallback for SelectMultiple (#27993) + +------------------------------------------------------------------- +Wed Mar 1 14:24:17 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.6 + Bugfixes + * Fixed ClearableFileInput’s “Clear” checkbox on model form fields where the + model field has a default + * Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than + generating a bad request response + * Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or + IntegerField from DateField + * Fixed query expression date subtraction accuracy on PostgreSQL for differences + large an a month + * Fixed a GDALException raised by GDALClose on GDAL >= 2.0 + +------------------------------------------------------------------- +Tue Jan 31 14:00:11 UTC 2017 - michal@cihar.com + +- Update to 1.10.5 + * See https://docs.djangoproject.com/en/1.10/releases/1.10/ + * Full text search for PostgreSQL + * New-style middleware + * Official support for Unicode usernames + +------------------------------------------------------------------- +Fri Dec 2 10:17:25 UTC 2016 - appleonkel@opensuse.org + +- Update to 1.9.12 + Bugfixes + * Quoted the Oracle test user’s password in queries to fix the “ORA-00922: missing + or invalid option” error when the password starts with a number or + special character (#27420) + * DNS rebinding vulnerability when DEBUG=True + * CSRF protection bypass on a site with Google Analytics + +------------------------------------------------------------------- +Sat Sep 24 16:42:55 UTC 2016 - sbahling@suse.com + +- Change Requires: python-Pillow to python-imaging for compatibility + with SLE-12 which provides PIL instead of Pillow. + +------------------------------------------------------------------- +Tue Aug 9 09:11:24 UTC 2016 - aplanas@suse.com + +- Update to 1.9.9 + Bugfixes + * Fixed invalid HTML in template postmortem on the debug page + (#26938). + * Fixed some GIS database function crashes on MySQL 5.7 (#26657). + +- Update to 1.9.8 + Fix XSS in admin’s add/change related popup (bsc#988420) + Unsafe usage of JavaScript’s Element.innerHTML could result in XSS + in the admin’s add/change related popup. Element.textContent is now + used to prevent execution of the data. + The debug view also used innerHTML. Although a security issue wasn’t + identified there, out of an abundance of caution it’s also updated + to use textContent. + + Bugfixes + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AddField on PostgreSQL (#26889). + * Fixed makemessages crash on Python 2 with non-ASCII file names + (#26897). + +- Update to 1.9.7 + Bugfixes + * Removed the need for the request context processor on the admin + login page to fix a regression in 1.9 (#26558). + * Fixed translation of password validators’ help_text in forms + (#26544). + * Fixed a regression causing the cached template loader to crash + when using lazy template names (#26603). + * Fixed on_commit callbacks execution order when callbacks make + transactions (#26627). + * Fixed HStoreField to raise a ValidationError instead of crashing + on non-dictionary JSON input (#26672). + * Fixed dbshell crash on PostgreSQL with an empty database name + (#26698). + * Fixed a regression in queries on a OneToOneField that has to_field + and primary_key=True (#26667). + +------------------------------------------------------------------- +Tue May 3 08:23:48 UTC 2016 - aplanas@suse.com + +- Update to 1.9.6 + Bugfixes + * Added support for relative path redirects to the test client and + to SimpleTestCase.assertRedirects() because Django 1.9 no longer + converts redirects to absolute URIs (#26428). + * Fixed TimeField microseconds round-tripping on MySQL and SQLite + (#26498). + * Prevented makemigrations from generating infinite migrations for a + model field that references a functools.partial (#26475). + * Fixed a regression where SessionBase.pop() returned None rather + than raising a KeyError for nonexistent values (#26520). + * Fixed a regression causing the cached template loader to crash + when using template names starting with a dash (#26536). + * Restored conversion of an empty string to null when saving values + of GenericIPAddressField on SQLite and MySQL (#26557). + * Fixed a makemessages regression where temporary .py extensions + were leaked in source file paths (#26341). + +------------------------------------------------------------------- +Sun May 1 12:29:52 UTC 2016 - michael@stroeder.com + +- Update to 1.9.5 + +------------------------------------------------------------------- +Tue Feb 2 09:21:43 UTC 2016 - aplanas@suse.com + +- Update to 1.9.2 + Security issue + * User with "change" but not "add" permission can create objects for + ModelAdmin's with save_as=True + Backwards incompatible change + * .py-tpl files rewritten in project/app templates + Bugfixes + * Fixed a regression in ConditionalGetMiddleware causing + If-None-Match checks to always return HTTP 200 (#26024). + * Fixed a regression that caused the "user-tools" items to display + on the admin's logout page (#26035). + * Fixed a crash in the translations system when the current language + has no translations (#26046). + * Fixed a regression that caused the incorrect day to be selected + when opening the admin calendar widget for timezones from GMT+0100 + to GMT+1200 (#24980). + * Fixed a regression in the admin's edit related model popup that + caused an escaped value to be displayed in the select dropdown of + the parent window (#25997). + * Fixed a regression in 1.8.8 causing incorrect index handling in + migrations on PostgreSQL when adding db_index=True or unique=True + to a CharField or TextField that already had the other specified, + or when removing one of them from a field that had both, or when + adding unique=True to a field already listed in unique_together + (#26034). + * Fixed a regression where defining a relation on an abstract + model's field using a string model name without an app_label no + longer resolved that reference to the abstract model's app if + using that model in another application (#25858). + * Fixed a crash when destroying an existing test database on MySQL + or PostgreSQL (#26096). + * Fixed CSRF cookie check on POST requests when + USE_X_FORWARDED_PORT=True (#26094). + * Fixed a QuerySet.order_by() crash when ordering by a relational + field of a ManyToManyField through model (#26092). + * Fixed a regression that caused an exception when making database + queries on SQLite with more than 2000 parameters when DEBUG is + True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER + compile-time limit to over 2000, such as Debian (#26063). + * Fixed a crash when using a reverse OneToOneField in + ModelAdmin.readonly_fields (#26060). + * Fixed a crash when calling the migrate command in a test case with + the available_apps attribute pointing to an application with + migrations disabled using the MIGRATION_MODULES setting (#26135). + * Restored the ability for testing and debugging tools to determine + the template from which a node came from, even during template + inheritance or inclusion. Prior to Django 1.9, debugging tools + could access the template origin from the node via + Node.token.source[0]. This was an undocumented, private API. The + origin is now available directly on each node using the + Node.origin attribute (#25848). + * Fixed a regression in Django 1.8.5 that broke copying a + SimpleLazyObject with copy.copy() (#26122). + * Always included geometry_field in the GeoJSON serializer output + regardless of the fields parameter (#26138). + * Fixed the contrib.gis map widgets when using + USE_THOUSAND_SEPARATOR=True (#20415). + * Made invalid forms display the initial of values of their disabled + fields (#26129). + +------------------------------------------------------------------- +Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com + +- Update to 1.9.1 + Bugfixes + * Fixed BaseCache.get_or_set() with the DummyCache backend (#25840). + * Fixed a regression in FormMixin causing forms to be validated + twice (#25548, #26018). + * Fixed a system check crash with nested ArrayFields (#25867). + * Fixed a state bug when migrating a SeparateDatabaseAndState + operation backwards (#25896). + * Fixed a regression in CommonMiddleware causing If-None-Match + checks to always return HTTP 200 (#25900). + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AlterField on PostgreSQL + (#25412). + * Fixed admin’s delete confirmation page’s summary counts of related + objects (#25883). + * Added from __future__ import unicode_literals to the default + apps.py created by startapp on Python 2 (#25909). Add this line to + your own apps.py files created using Django 1.9 if you want your + migrations to work on both Python 2 and Python 3. + * Prevented QuerySet.delete() from crashing on MySQL when querying + across relations. + * Fixed evaluation of zero-length slices of QuerySet.values() + (#25894). + * ... + * https://docs.djangoproject.com/en/1.9/releases/1.9.1/ + +------------------------------------------------------------------- +Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com + +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) + * https://docs.djangoproject.com/en/1.9/releases/1.9/ + * Performing actions after a transaction commit + * Password validation + * Permission mixins for class-based views + * New styling for "contrib.admin" + * Running tests in parallel + +------------------------------------------------------------------- +Tue Nov 10 10:39:22 UTC 2015 - tbechtold@suse.com + +- update to 1.8.6: + * https://docs.djangoproject.com/en/1.8/releases/1.8.5/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.6/ + +------------------------------------------------------------------- +Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com + +- add missing Requires for python-setuptools (bsc#952198) + /usr/bin/django-admin needs the pkg_resources framework from + python-setuptools to run properly. + +------------------------------------------------------------------- +Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com + +- update to 1.8.4 (CVE-2015-5963): + * https://docs.djangoproject.com/en/1.8/releases/1.8.4/ + +------------------------------------------------------------------- +Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com + +- add keyring and verify source signature + +------------------------------------------------------------------- +Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com + +- update to 1.8.3: + * https://docs.djangoproject.com/en/1.8/releases/1.8.3/ + Various bugfixes/security fixes (CVE-2015-5145, bsc#937524) + +------------------------------------------------------------------- +Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com + +- update to 1.8.2 (CVE-2015-3982): + * https://docs.djangoproject.com/en/1.8/releases/1.8.2/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.1/ + +------------------------------------------------------------------- +Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com + +- Update to Django 1.8 + * "Long-Term Support" (LTS) release + New features: + * Model._meta API + * Multiple template engines + * Security enhancements + * New PostgreSQL specific functionality + * New data types + * Query Expressions, Conditional Expressions, and Database Functions + * TestCase data setup + Backwards incompatible changes: + * Related object operations are run in a transaction + * Assigning unsaved objects to relations raises an error + * Management commands that only accept positional arguments + * Custom test management command arguments through test runner + * Model check ensures auto-generated column names are within limits + specified by database + * Query relation lookups now check object types + * select_related() now checks given fields + * Default EmailField.max_length increased to 254 + * (DROP) Support for PostgreSQL versions older than 9.0 + * (DROP) Support for MySQL versions older than 5.5 + * (DROP) Support for Oracle versions older than 11.1 + * Specific privileges used instead of roles for tests on Oracle + * ... + +------------------------------------------------------------------- +Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.7: + Security issues: + * Denial-of-service possibility with strip_tags() + * Mitigated possible XSS attack via user-supplied redirect URLs + Bugfixes: + * Fixed renaming of classes in migrations where renaming a subclass would + cause incorrect state to be recorded for objects that referenced the + superclass (#24354). + * Stopped writing migration files in dry run mode when merging migration + conflicts. When makemigrations --merge is called with verbosity=3 the + migration file is written to stdout (:ticket: 24427). + +------------------------------------------------------------------- +Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com + +- Update to Djano 1.7.6: + Bugfixes + * Mitigated an XSS attack via properties in + "ModelAdmin.readonly_fields" + * Fixed crash when coercing "ManyRelatedManager" to a string + (#24352). + * Fixed a bug that prevented migrations from adding a foreign key + constraint when converting an existing field to a foreign key + (#24447). + +------------------------------------------------------------------- +Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.5: + Bugfixes + * Reverted a fix that prevented a migration crash when unapplying + contrib.contenttypes's or contrib.auth's first migration (#24075) + due to severe impact on the test performance (#24251) and problems + in multi-database setups (#24298). + * Fixed a regression that prevented custom fields inheriting from + ManyToManyField from being recognized in migrations (#24236). + * Fixed crash in contrib.sites migrations when a default database + isn't used (#24332). + * Added the ability to set the isolation level on PostgreSQL with + psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in + Django 1.6 but it didn't work in practice. + * Formats for the Azerbaijani locale (az) have been added. + +------------------------------------------------------------------- +Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.4: + Bugfixes + * Fixed a migration crash when unapplying ``contrib.contenttypes``’s + or ``contrib.auth``’s first migration (:ticket:`24075`). + * Made the migration's ``RenameModel`` operation rename + ``ManyToManyField`` tables (:ticket:`24135`). + * Fixed a migration crash on MySQL when migrating from a + ``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`). + * Prevented the ``static.serve`` view from producing + ``ResourceWarning``\s in certain circumstances (security fix + regression, :ticket:`24193`). + * Fixed schema check for ManyToManyField to look for internal type + instead of checking class instance, so you can write custom + m2m-like fields with the same behavior. (:ticket:`24104`). + +------------------------------------------------------------------- +Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.3: + Security fixes: + * WSGI header spoofing via underscore/dash conflation. + * Mitigated possible XSS attack via user-supplied redirect URLs. + * Denial-of-service attack against django.views.static.serve. + * Database denial-of-service with ModelMultipleChoiceField. + Bug fixes: + * The default iteration count for the PBKDF2 password hasher has been + increased by 25%. This part of the normal major release process was + inadvertently omitted in 1.7. This backwards compatible change will not + affect users who have subclassed + django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default + value. + * Fixed a crash in the CSRF middleware when handling non-ASCII referer + header (#23815). + * Fixed a crash in the django.contrib.auth.redirect_to_login view when + passing a reverse_lazy() result on Python 3 (#24097). + * Added correct formats for Greek (el) (#23967). + * Fixed a migration crash when unapplying a migration where multiple + operations interact with the same model (#24110). + +------------------------------------------------------------------- +Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com + +- South has been merged in main Django; provide and obsolete it + +------------------------------------------------------------------- +Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com + +- Update to Django 1.7.2: + + * Fixed migration’s renaming of auto-created many-to-many tables + when changing Meta.db_table (#23630). + * Fixed a migration crash when adding an explicit id field to a + model on SQLite (#23702). + * Added a warning for duplicate models when a module is + reloaded. Previously a RuntimeError was raised every time two + models clashed in the app registry. (#23621). + * Prevented flush from loading initial data for migrated apps + (#23699). + * Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the + default None value (#23717). + * Added GeoDjango compatibility with mysqlclient database driver. + * Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719). + * Fixed a migration crash when removing a field that is referenced + in AlterIndexTogether or AlterUniqueTogether (#23614). + * Updated the first day of the week in the Ukrainian locale to + Monday. + * Added support for transactional spatial metadata initialization on + SpatiaLite 4.1+ (#23152). + * Fixed a migration crash that prevented changing a nullable field + with a default to non-nullable with the same default (#23738). + * Fixed a migration crash when adding GeometryFields with blank=True + on PostGIS (#23731). + * Allowed usage of DateTimeField() as Transform.output_field + (#23420). + * Fixed a migration serializing bug involving float("nan") and + float("inf") (#23770). + * Fixed a regression where custom form fields having a queryset + attribute but no limit_choices_to could not be used in a ModelForm + (#23795). + * Fixed a custom field type validation error with MySQL backend when + db_type returned None (#23761). + * Fixed a migration crash when a field is renamed that is part of an + index_together (#23859). + * Fixed squashmigrations to respect the --no-optimize parameter + (#23799). + * Made RenameModel reversible (#22248) + * Avoided unnecessary rollbacks of migrations from other apps when + migrating backwards (#23410). + * Fixed a rare query error when using deeply nested subqueries + (#23605). + * Fixed a crash in migrations when deleting a field that is part of + a index/unique_together constraint (#23794). + * Fixed django.core.files.File.__repr__() when the file’s name + contains Unicode characters (#23888). + * Added missing context to the admin’s delete_selected view that + prevented custom site header, etc. from appearing (#23898). + * Fixed a regression with dynamically generated inlines and allowed + field references in the admin (#23754). + * Fixed an infinite loop bug for certain cyclic migration + dependencies, and made the error message for cyclic dependencies + much more helpful. + * Added missing index_together handling for SQLite (#23880). + * Fixed a crash when RunSQL SQL content was collected by the schema + editor, typically when using sqlmigrate (#23909). + * Fixed a regression in contrib.admin add/change views which caused + some ModelAdmin methods to receive the incorrect obj value + (#23934). + * Fixed runserver crash when socket error message contained Unicode + characters (#23946). + * Fixed serialization of type when adding a deconstruct() method + (#23950). + * Prevented the SessionAuthenticationMiddleware from setting a + "Vary: Cookie" header on all responses (#23939). + * Fixed a crash when adding blank=True to TextField() on MySQL + (#23920). + * Fixed index creation by the migration infrastructure, particularly + when dealing with PostgreSQL specific {text|varchar}_pattern_ops + indexes (#23954). + * Fixed bug in makemigrations that created broken migration files + when dealing with multiple table inheritance and inheriting from + more than one model (#23956). + * Fixed a crash when a MultiValueField has invalid data (#23674). + * Fixed a crash in the admin when using “Save as new” and also + deleting a related inline (#23857). + * Always converted related_name to text (unicode), since that is + required on Python 3 for interpolation. Removed conversion of + related_name to text in migration deconstruction (#23455 and + #23982). + * Enlarged the sizes of tablespaces which are created by default for + testing on Oracle (the main tablespace was increased from 200M to + 300M and the temporary tablespace from 100M to 150M). This was + required to accommodate growth in Django’s own test suite + (#23969). + * Fixed timesince filter translations in Korean (#23989). + * Fixed the SQLite SchemaEditor to properly add defaults in the + absence of a user specified default. For example, a CharField with + blank=True didn’t set existing rows to an empty string which + resulted in a crash when adding the NOT NULL constraint (#23987). + * makemigrations no longer prompts for a default value when adding + TextField() or CharField() without a default (#23405). + * Fixed a migration crash when adding order_with_respect_to to a + table with existing rows (#23983). + * Restored the pre_migrate signal if all apps have migrations + (#23975). + * Made admin system checks run for custom AdminSites (#23497). + * Ensured the app registry is fully populated when unpickling + models. When an external script (like a queueing infrastructure) + reloads pickled models, it could crash with an AppRegistryNotReady + exception (#24007). + * Added quoting to field indexes in the SQL generated by migrations + to prevent a crash when the index name requires it (##24015). + * Added datetime.time support to migrations questioner (#23998). + * Fixed admindocs crash on apps installed as eggs (#23525). + * Changed migrations autodetector to generate an AlterModelOptions + operation instead of DeleteModel and CreateModel operations when + changing Meta.managed. This prevents data loss when changing + managed from False to True and vice versa (#24037). + * Enabled the sqlsequencereset command on apps with migrations + (#24054). + * Added tablespace SQL to apps with migrations (#24051). + * Corrected contrib.sites default site creation in a multiple + database setup (#24000). + * Restored support for objects that aren’t str or bytes in + mark_for_escaping() on Python 3. + * Supported strings escaped by third-party libraries with the + __html__ convention in the template engine (#23831). + * Prevented extraneous DROP DEFAULT SQL in migrations (#23581). + * Restored the ability to use more than five levels of subqueries + (#23758). + * Fixed crash when ValidationError is initialized with a + ValidationError that is initialized with a dictionary (#24008). + * Prevented a crash on apps without migrations when running migrate + --list (#23366). + +------------------------------------------------------------------- +Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7.1 + + * Allowed related many-to-many fields to be referenced in the admin + (#23604). + * Added a more helpful error message if you try to migrate an app + without first creating the contenttypes table (#22411). + * Modified migrations dependency algorithm to avoid possible + infinite recursion. + * Fixed a UnicodeDecodeError when the flush error message contained + Unicode characters (#22882). + * Reinstated missing CHECK SQL clauses which were omitted on some + backends when not using migrations (#23416). + * Fixed serialization of type objects in migrations (#22951). + * Allowed inline and hidden references to admin fields (#23431). + * The @deconstructible decorator now fails with a ValueError if the + decorated object cannot automatically be imported (#23418). + * Fixed a typo in an inlineformset_factory() error message that + caused a crash (#23451). + * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the + 'auth.User' model (#11775). As a side effect, the setting now adds + a get_absolute_url() method to any model that appears in + ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). + * Avoided masking some ImportError exceptions during application + loading (#22920). + * Empty index_together or unique_together model options no longer + results in infinite migrations (#23452). + * Fixed crash in contrib.sitemaps if lastmod returned a date rather + than a datetime (#23403). + * Allowed migrations to work with app_labels that have the same last + part (e.g. django.contrib.auth and vendor.auth) (#23483). + * Restored the ability to deepcopy F objects (#23492). + * Formats for Welsh (cy) and several Chinese locales (zh_CN, + zh_Hans, zh_Hant and zh_TW) have been added. Formats for + Macedonian have been fixed (trailing dot removed, #23532). + * Added quoting of constraint names in the SQL generated by + migrations to prevent crash with uppercase characters in the name + (#23065). + * Fixed renaming of models with a self-referential many-to-many + field (ManyToManyField('self')) (#23503). + * Added the get_extra(), get_max_num(), and get_min_num() hooks to + GenericInlineModelAdmin (#23539). + * Made migrations.RunSQL no longer require percent sign + escaping. This is now consistent with cursor.execute() (#23426). + * Made the SERIALIZE entry in the TEST dictionary usable (#23421). + * Fixed bug in migrations that prevented foreign key constraints to + unmanaged models with a custom primary key (#23415). + * Added SchemaEditor for MySQL GIS backend so that spatial indexes + will be created for apps with migrations (#23538). + * Added SchemaEditor for Oracle GIS backend so that spatial metadata + and indexes will be created for apps with migrations (#23537). + * Coerced the related_name model field option to unicode during + migration generation to generate migrations that work with both + Python 2 and 3 (#23455). + * Fixed MigrationWriter to handle builtin types without imports + (#23560). + * Fixed deepcopy on ErrorList (#23594). + * Made the admindocs view to browse view details check if the view + specified in the URL exists in the URLconf. Previously it was + possible to import arbitrary packages from the Python path. This + was not considered a security issue because admindocs is only + accessible to staff users (#23601). + * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII + characters in the request (#23593). + * Fixed missing get_or_create and update_or_create on related + managers causing IntegrityError (#23611). + * Made urlsafe_base64_decode() return the proper type (byte string) + on Python 3 (#23333). + * makemigrations can now serialize timezone-aware values (#23365). + * Added a prompt to the migrations questioner when removing the null + constraint from a field to prevent an IntegrityError on existing + NULL rows (#23609). + * Fixed generic relations in ModelAdmin.list_filter (#23616). + * Restored RFC compliance for the SMTP backend on Python 3 (#23063). + * Fixed a crash while parsing cookies containing invalid content + (#23638). + * The system check framework now raises error models.E020 when the + class method Model.check() is unreachable (#23615). + * Made the Oracle test database creation drop the test user in the + event of an unclean exit of a previous test run (#23649). + * Fixed makemigrations to detect changes to Meta.db_table (#23629). + * Fixed a regression when feeding the Django test client with an + empty data string (#21740). + * Fixed a regression in makemessages where static files were + unexpectedly ignored (#23583). + +------------------------------------------------------------------- +Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7 + + * A new built-in database migration system. Notes on upgrading from + South (a popular third*party application providing migration + functionality) are also available. + * A refactored concept of Django applications. Django applications + are no longer tied to the existence of a models files, and can now + specify both configuration data and code to be executed as Django + starts up. + * Improvements to the model Field API to support migrations and, in + the future, to enable easy addition of composite-key support to + Django's ORM. + * Improvements for custom Manager and QuerySet classes, allowing + reverse relationship traversal to specify the Manager to use, and + creation of a Manager from a custom QuerySet class. + * An extensible system check framework which can assist developers + in detecting and diagnosing errors. + + Please refer to the release notes for all details and migration + instructions: + https://docs.djangoproject.com/en/1.7/releases/1.7/ + +- Added python-setuptools as a BuildRequires. + +- Fixed Source URL from Django Project site. + +- Reordered sources. + +- Fixed deduplication to avoid wrong mtimes in pyc files. + +------------------------------------------------------------------- +Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- +Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com + +- Fix update-alternatives + +------------------------------------------------------------------- +Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com + +- Update to version 1.6.2: + + Prevented the base geometry object of a prepared geometry to be garbage + collected, which could lead to crash Django (#21662). + + Fixed a crash when executing the changepassword command when the user + object representation contained non-ASCII characters (#21627). + + The collectstatic command will raise an error rather than default to + using the current working directory if STATIC_ROOT is not set. Combined + with the --clear option, the previous behavior could wipe anything + below the current working directory (#21581). + + Fixed mail encoding on Python 3.3.3+ (#21093). + + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, + the connection wasn’t in autocommit mode but Django pretended it was. + + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + + Added missing items to django.utils.timezone.__all__ (#21880). + + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + + Fixed join promotion for negated AND conditions (#21748). + + Oracle database introspection now works with boolean and float fields (#19884). + + Fixed an issue where lazy objects weren’t actually marked as safe when + passed through mark_safe() and could end up being double-escaped (#21882). + +------------------------------------------------------------------- +Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.1: + - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 + release notes. + +------------------------------------------------------------------- +Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com + +- Update-alternatives also for bash-completion + +------------------------------------------------------------------- +Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com + +- Only ghost /etc/alternatives on 12.3 or newer + +------------------------------------------------------------------- +Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com + +- Require python-Pillow for image-related functionality +- Package was renamed from python-django +- Drop Django-1.2-completion-only-for-bash.patch: Useless + +------------------------------------------------------------------- +Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br + +- Update to version 1.6: + - Please read the release notes + https://docs.djangoproject.com/en/1.6/releases/1.6 +- Removed Patch2 as it is no needed anymore: + Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch + +------------------------------------------------------------------- +Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed directory traversal with ssi template tag + +------------------------------------------------------------------- +Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.2: + - Security release, please check release notes for details: + https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued + +------------------------------------------------------------------- +Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.1: + - Memory leak fix, please read release announcement at + https://www.djangoproject.com/weblog/2013/mar/28/django-151. + +------------------------------------------------------------------- +Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5: + - Please read the release notes + https://docs.djangoproject.com/en/1.5/releases/1.5 + +------------------------------------------------------------------- +Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.3: + - Security release: + - Host header poisoning + - Redirect poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/dec/10/security + +------------------------------------------------------------------- +Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- +Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.1: + - Security release: + - Cross-site scripting in authentication views + - Denial-of-service in image validation + - Denial-of-service via get_image_dimensions() + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued + +------------------------------------------------------------------- +Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de + +- Add patch to support CSRF_COOKIE_HTTPONLY config + +------------------------------------------------------------------- +Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4: + - Please read the release notes + https://docs.djangoproject.com/en/dev/releases/1.4 +- Removed Patch2, it was merged on upstream, + +------------------------------------------------------------------- +Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de + +- Set license to SDPX style (BSD-3-Clause) +- Package AUTHORS, LICENE and README files +- No CFLAGS for noarch package +- Drop runtime dependency on gettext-tools + +------------------------------------------------------------------- +Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3.1 to fix security issues, please read + https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. + +------------------------------------------------------------------- +Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br + +- Fix build on SLES_9. + +------------------------------------------------------------------- +Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3 final; +- Refresh patch empty-ip-2.diff. + +------------------------------------------------------------------- +Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3-rc1; +- Regenerated spec file with py2pack; +- No more need to fix wrong line endings; +- Refresh patch empty-ip-2.diff with -p0. + +------------------------------------------------------------------- +Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de + +- Spec file cleanup: + * Removed empty lines, package authors from description + * Cleanup duplicates + * Corrected wrong file endings + * Added zero-length rpmlint filter +- Added AUTHORS, LICENSE and doc files + +------------------------------------------------------------------- +Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.2.5: + - This is a security update that fix: + - Flaw in CSRF handling; + - Potential XSS in file field rendering. + +------------------------------------------------------------------- +Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.4: + - Information leakage in Django administrative interface; + - Denial-of-service attack in password-reset mechanism. +- This is a mandatory security update. + +------------------------------------------------------------------- +Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.3: + - The patch applied for the security issue covered in Django + 1.2.2 caused issues with non-ASCII responses using CSRF + tokens. This has been remedied; + - The patch also caused issues with some forms, most notably + the user-editing forms in the Django administrative interface. + This has been remedied. + - The packaging manifest did not contain the full list of + required files. This has been remedied. + +------------------------------------------------------------------- +Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.2. +- This is a ciritical security update fixing a default XSS bug! + +------------------------------------------------------------------- +Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca + +- Added patch to fix upstream bug 5622: Empty ipaddress raises an error + +------------------------------------------------------------------- +Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.1. + +------------------------------------------------------------------- +Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2. + +------------------------------------------------------------------- +Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-rc-1. + +------------------------------------------------------------------- +Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br + +- Spec file cleaned with spec-cleaner; +- Minor manual adjusts on spec file. + +------------------------------------------------------------------- +Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br + +- Moved autocomplete file path from /etc/profile.d to + /etc/bash_completion.d. Then it works with konsole too. + +------------------------------------------------------------------- +Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-beta-1; +- Using -q option on prep section of spec file; +- Using INSTALLED_FILES instead of declaring files; +- Removed dummy changelog section of spec file; +- Update completion bash patch. + +------------------------------------------------------------------- +Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org + +- Update to 1.1.1 due to security issue described at + http://www.djangoproject.com/weblog/2009/oct/09/security/ + +------------------------------------------------------------------- +Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br + +- Removed old tarball file (Django-1.1.tar.bz2). + +------------------------------------------------------------------- +Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de + +- Fix python version check. + +------------------------------------------------------------------- +Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de + +- Don't require python-sqlite2 for python >= 2.6. + +------------------------------------------------------------------- +Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de + +- Build as noarch on factory. + +------------------------------------------------------------------- +Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de + +- don't run bash completion on shells other than bash. Avoiding + error messages produced at login when using other shells. + +------------------------------------------------------------------- +Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br + +- Added bash auto-complete to openSUSE. + +------------------------------------------------------------------- +Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net + +- update to version 1.1 +- add python-django-rpmlintrc to quiet rpmlint complaints about -lang + +------------------------------------------------------------------- +Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de + +- add python-xml to the Requires (./manage.py syncdb crashes + otherwise) + +------------------------------------------------------------------- +Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 1.0 +- Fix build on SLES9 + +------------------------------------------------------------------- +Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de + +- update to version 1.0 final + +------------------------------------------------------------------- +Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 0.96.2 + +------------------------------------------------------------------- +Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca + +- The way simplejson is included in this package is not useful to other + packages. Removed from provides + +------------------------------------------------------------------- +Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de + +- verion 0.96.1 fixes D.o.S attack in the i18n module + +------------------------------------------------------------------- +Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de + +- update to version 0.96 + see http://www.djangoproject.com/documentation/release_notes_0.96 for details +- this package provides python-simplejson too. diff --git a/python-Django.keyring b/python-Django.keyring new file mode 100644 index 0000000..591726f --- /dev/null +++ b/python-Django.keyring @@ -0,0 +1,132 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBErcoVkRBACt1HBsLQQ9HeRHrqMbYfWEW3d0KoWzjKU9ZW59oq8ceVCYfhyT +ZKxyLobyed+NhL3SJCE5e4hs5UfyBdS4c8I97MFDKCA5TBu3pMnYGxWje3fSwP6o +RGcP8Ji4/tISclyGrkMruDNzpT93R8H/SixPGFcH7kCp4xQxPBc0esdU4wCg1azF +kUuFijNryusT+i58hVE3dMkD/iAfCh4bcLyZ8aygLZxg3bn3YauJASEjuqVXUgTB +diBdhXnldq0xs2IwQJY1paAajXf5FsjlTVQrQWMtTQ5qWKpQr0lAanufnEDNu6GW +orWBzLaSWQWEkcRALmZS6MBkmVCx/JiIvt0sUxrG4boQ6qYlQYZsaHaAMUZT997v +1ktqA/4kPUfV2gqJuVzWwbhrKhAyhSivmhhe+1lUFa7phRmoMNw7/jXi9OV1lmL2 +ty+0LkeCXUChrXarey4AnPI58aR0xshiAxGEI2jPi+vWkgGblOG3TBoZBH5jV+d2 +/5mmlCs/KkJkdsN+LXR3m5o/oFs7MgGD8pxa1jwK9xcu1xKIqrQyTmF0YWxpYSBC +aWRhcnQgKG5lc3NpdGEpIDxuYXRhbGlhYmlkYXJ0QGdtYWlsLmNvbT6IYgQTEQIA +IgUCTG1snwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQrlwdYDo57Zf7 +lQCeIHmWQQek0zboTqMuy60phrUIzowAn0ONlnzzL0oWiNUpbY8nDsernILWiGAE +ExECACAFAkrcoVkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCuXB1gOjnt +l5FdAKCSLwUJNZXs3WXqKabi2adRcdqZ8gCeLgbbqJ2Dqqaeb3tXK6zWC7ZO9CK0 +NE5hdGFsaWEgQmlkYXJ0IChuZXNzaXRhKSA8bmF0YWxpYS5iaWRhcnRAdWJ1bnR1 +LmNvbT6IZQQTEQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk8oONcC +GQEACgkQrlwdYDo57ZejrgCdFyBg4VipDYmoQ5eOpXe4Vegiwl4AoK00YytEeMvO +EFqZY+qVvqaV3It6iGIEExECACIFAkvrLFwCGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAAAoJEK5cHWA6Oe2XD+QAoK02osWaLzROXg54drLpJMNLs/DGAJ9XlSak +dQv6uX5QFT1QZCp/WwozIrQzTmF0YWxpYSBCaWRhcnQgKG5lc3NpdGEpIDxuYXRh +bGlhLmJpZGFydEBnbWFpbC5jb20+iGIEExECACIFAkvrLBMCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJEK5cHWA6Oe2XrQoAoIpzDPsuwhwuVcelVh3F8q3w +qhk2AKCj6rF6x+kzUwtT6lM8wkUj4x+CgLQ3TmF0YWxpYSBCaWRhcnQgKG5lc3Np +dGEpIDxuYXRhbGlhLmJpZGFydEBjYW5vbmljYWwuY29tPohgBBMRAgAgBQJK3gu6 +AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQrlwdYDo57ZfaNgCfXhjx28H4 +WQ8CjWsdyJU2Kmh44qoAn0zp3TeEFuSPCEBZ0jAR4dwuSrpguQINBErcoVkQCACX +mxZ+acE5irfOe09OclJ+vKxqrnaEpveyLJZzKiWz5GlZLV3gPEMs3Pu0tGtTjadG +CRck2xIYArDz1aPwvM4dHswIy3TyzoSTgW1ybz5TXzkxWDcdwukYm1gKlWMb8JQW +v76KtoiNuY/EIUAaO9M7ZyUPSWunh5CK+ttYKs+KrD8wt8Te7PdsrstUMP2uplOt +I0zKK8P+gcCNZQTZh71Z8WAhZF/tn9LpkE9p0Au3pVEVk7Z8492TO4DySFhBNVEM +IY9KVNiZoEMAaiRUFgG3gPj3MD4wDyaiWp+5b8XQylXcfWsPx3nujLJNUiaJlV4u +Wjv0ZgwMHHLgORAlOJ2rAAMFB/94QWkhOmIzzx0iCob4fILZ2lqTt1fAAbaQxyq/ +LIaI6iSHqebEVVR9OUVTzqNtc0yDifxsbDZXEHmU2qx+aARoYmonxNmNoUS/U6Io +2iPgP1Jwt13dbd284xlgDTx8QO/TjX9lFyvt7AEHIrcHaomwVS0Il7wIfzG24kqX +j17VhD2j/2V6uA7ADAh8u0WFO93i30qNSCaCRphCU4K7gLdHLIp8TsGLdx/gf2mB +5SyhNOkHwEx80kSiFt+H5fER7XQep/w51XybqAt7SsWaIjYLsyMYXyiVdQChwzBd +vusRKv9qjg9eiyHI6aOw6foOUFlpfMx1oeknFDJrjJ3PKUPyiEkEGBECAAkFAkrc +oVkCGwwACgkQrlwdYDo57ZffZACfS9pUk1P5poP86jh8K2K6jpjU0y0AoNQ4ejtn +mpJC4x7FruZyi1wVdkMxmQINBGQu6XIBEADAnmu8HNENZh7UTuu5GfTeFhpmyj5K +yz//txfrm0/b6uTW5TXPgLjuvMzGG8PtaZHRIgZ0gzA+x7T5zKMTaoKs3EvgR5D3 +Y9NjteUWpf8FjvPhN01HZfaZ7yChwHwKobW0JYinNpBh0Cz51unGdLIDtELMaEFO +D8qdcpe63qG111S4G+4hcJUkXt4ALBpSnY9GOhlYQDn+ZDRGk1M9rjeMo+QsIJns +UZRlvBroJyg0toUXclw5QXFGp1+mrjOzKqdD0DmSN7LWlU0yCJB8H5bWZTiPAPOE +SW1Kb3kEW+Qy8YkcH7SkQ7N72wsuIwKJNiddMLZnXeR0Lcvt0t7ftUfs44VEZSwm +V0I7lyZZWr+Pei8nGaLxxCI4OtASXcQ+VVKF/HoR/necD1QmqmuCeiMLmYT5jEPZ +oovOri5onkWIQfjfWeUVErxNi9Uz18mi9P7PfAWOzNCmdkuVqsPtpymyDcKYYh9u +D/CTH9w1B69CRjld6NOfal05fIrfKuVgPvmQnPeCn+KgTBwv8T+mgGVjkBlDGpYy +6Y24s13R6WoawJnjIEjA/Q5QOSDXYtpgF8D3cMW+LUlD9lu2A6OO64H33rInIaut +8IFgKcTf3pXbzh1J6Zs+fcjOryitM7t4Fo1ClJ+DSn4yoUHxP2UEZL6LL0DF6LrE +kJjKxwRp20lPwwARAQABtDFOYXRhbGlhIDwxMjQzMDQrbmVzc2l0YUB1c2Vycy5u +b3JlcGx5LmdpdGh1Yi5jb20+iQJOBBMBCAA4FiEEW1sboQ2FrHxcduOPLugqjZRw +mD4FAmQu6XICGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQLugqjZRwmD56 +rQ//UvzX9/4Eo3HPBMDEIwExjmYGyTqiQQm2KW9Z4U0zQVdeLVF8ZOdaIKn1RBUw +M02RJWI2HjovdLN3LbXpTtQtamSvvU6fv7vy5zLBJdVL9eKXXG+3MPCWDHOqwp/u +L/4lq0pUy5ejb4AnIQw1RIQiz6/pprDzgF0celWLhL3krxEqts76X1Jv9wCIYMXV +3reCBqpcfIqWQETLP/NdPVcOIRv0al1qcBw2hUOvEyx72n+17Hb30rFQp+35BaZZ +IjnL3H6pATgjk52EiDdRkyWL9CFrbJ/wkbAvEO29GcUPg1+bT6UZq8LKXyDs/WSL +UkxQ/6w8DzicBiFj/oT7GSMr8KfO4YUMzh/kAFA4v8Q+a53Dq1Icbk9LqkWpu1pA +Hopw3lpGdADuC0z/iYO/U04uUSN5YGyUUOgk5w+CkV8NuL/g2yniNf9AXrbt4ByI +V7cqBt9qdS6z6leuW1M8yrPhX1IcKKqj25sPKAgzp3A6Bt7orr1NZGOVJ4alR4ff +pYvq+wfmIPKf0AbzHGOkYjF4BMvkLRchhi28q+qX5cCuMr+aoqKUtJ2IFiXsvbFN +k0aYWUr5y5qSJoAVf0GMkByQW6+F6bXRRdCpS/JX5JA8qrYp+oV8VhveOOslHVqj +ILAlkMMXoTx6G79DdvQ87fdb4+aIQ96U4T8B6zMxazvmU1i5Ag0EZC7pcgEQAL9n +X/eaWY+v4GgeGjRIWmmrjMBYyeeyJIyL9Mk3iyH/gIOnTDmlX+njjyvyWKfMYIl1 +HmMtzlF3OgsuLeekwbDrXA8xvslp1xmiKLOamPvXwPG/XqkJrYtzVUDEFCtRpEJ0 +c38d+P8WEMjbviyIwJ9PxLllamEK61dRtj1NCMc/Ix4+b54UHxi44Jz1bqQxfgjj +u2o8sPnyZio+DRFWVE3Eocp0rdZ3rlKjUsBXKEElTuIScoKjGwKwaMfxoBgwRhzx +oESwk8CqlH7WzNookx1M1/JjKYdrwln2aNuChtlKLRmUqT7qqTNtett2vy73VM3b +zfXdor94S3q+YtMEvNbo9QCzn6La7HOx+PMm8XM2d9aC7Hz4FBK0xIQB+HLZEIhP +7KQ7GJ2Xn3LStyoO5K64uqi2X2YjsYUcPzvI3uUK+gtH3H1SSIazh7UAUbcEuo7N +K8vF9Vtqp6S2qkjoeV6Dnvy+6735b1WIBZieAmbKaz74IW1IP0lZn3pXeRFo2Wjq +Ojf8zkNacf61exysAkGU2fubsXSZxuxc8DVXKbkpK69tXDSOUmSKTBPVzzmIM79S +yYH1MMRZqQ52Y471qiEZxEPasJXIEVcWbdJxEC/eEiuptPAtojRQH6kJ/AF3Z9Xd +eBaxyuMQ249jqTYwjCehfumTbhP5VhO3QOxs31G/ABEBAAGJAjYEGAEIACAWIQRb +WxuhDYWsfFx2448u6CqNlHCYPgUCZC7pcgIbDAAKCRAu6CqNlHCYPhz3EACx3Hqf +KUMeqUTVOiDyHguBr1FrhMtU5m/nkjdbLWlBHOGHkM4RNDNQTPyQb/C8vcuHYv5l +DPFrzOawdjTyFCuo6f0TMIx38Bbjxo9C8XTnvKbUpyTEQ3dJm67ppF4n6cui+0IC +UefzPkkCbdIPzt2pYopMDB4Hv4Yv6hqeq987Iz1erh7dQe1TDTxIv9PXLYZT60Ro +K0+g+caU9LwVjYiLoeCM1Zhndy6fDV5mu3ctEzcqr/YVH9kDZAuF0O1SX9y42neJ +7hictnE0KrRymVL5d9pp2WKtPny+itSax/a///Q43m1gA9KFuKHtOuGUpYzf76FS +Ld0cC4xjDpPcVTGc8To4+CjNTIrjzbBYa3JU/3J2kwyEw/k1EucRb/RFPbklUSph +Kmd2ewcDLUvcasTwoR/0uplA8gAuV1x7wPBgAW7kmpjiQevl1KLj08HA/jTdfrdx +Yd1GGiNjBmHGu9C8YZ/7fJU50dhv4jWF4dw8OyXtAI4wk5aoJHsJ5iGIMVOVzNLe +mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe +SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv +eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA== +=ul9f +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k +cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW +qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR +vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa +bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz +mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB +a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3 +okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl +EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93 +KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+ +iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm +j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu +NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev +BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK +waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1 +CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC +1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5 +AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi +IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H +MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW +4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C +aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS +h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i +SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU +PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu +tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb +pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA +AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV +sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7 +G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk +334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf +07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj ++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK +qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL +5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8 +BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF +z+gZLcBuv/NdNg== +=B8gH +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python-Django.spec b/python-Django.spec new file mode 100644 index 0000000..0588b1c --- /dev/null +++ b/python-Django.spec @@ -0,0 +1,149 @@ +# +# spec file for package python-Django +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# Selenium and memcached are not operational +%bcond_with selenium +%bcond_with memcached +%{?sle15_python_module_pythons} +Name: python-Django +Version: 5.2.4 +Release: 0 +Summary: A high-level Python Web framework +License: BSD-3-Clause +URL: https://www.djangoproject.com +Source: https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz +Source1: https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt +Source2: %{name}.keyring +Source99: python-Django-rpmlintrc +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. +Patch0: test_strip_tags.patch +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25. +Patch1: support-msgfmt-0.25.patch +BuildRequires: %{python_module Jinja2 >= 2.9.2} +BuildRequires: %{python_module Pillow >= 6.2.0} +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module argon2-cffi >= 19.1.0} +BuildRequires: %{python_module asgiref >= 3.7.0} +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module bcrypt} +BuildRequires: %{python_module docutils} +BuildRequires: %{python_module geoip2} +BuildRequires: %{python_module numpy} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytz} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module sqlparse >= 0.3.1} +BuildRequires: %{python_module tblib >= 1.5.0} +BuildRequires: %{python_module wheel} +BuildRequires: %{pythons} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: python +Requires: python-asgiref >= 3.7.0 +Requires: python-sqlparse >= 0.3.1 +Requires(post): update-alternatives +Requires(postun): update-alternatives +Recommends: python-Jinja2 >= 2.9.2 +Recommends: python-Pillow >= 6.2.0 +Recommends: python-PyYAML +Recommends: python-argon2-cffi >= 19.1.0 +Recommends: python-bcrypt +Recommends: python-geoip2 +Recommends: python-pylibmc +Recommends: python-pymemcache +Provides: python-django = %{version} +Obsoletes: python-django < %{version} +Provides: python-South = %{version} +Obsoletes: python-South < %{version} +BuildArch: noarch +%if %{with memcached} +BuildRequires: %{python_module pylibmc} +BuildRequires: %{python_module pymemcache} +%endif +%if %{with selenium} +# python-selenium is supported only on the Intel architecture. +# Additionally chromedriver is only available on x86_64. +%ifarch %{ix86} x86_64 +BuildRequires: %{python_module selenium} +BuildRequires: chromedriver +BuildRequires: xvfb-run +%endif +%endif +%python_subpackages + +%description +Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. + +%prep +# The publisher doesn't sign the source tarball, but a signatures file +# containing multiple hashes. +gpg --import %{SOURCE2} +gpg --verify %{SOURCE1} +# +# Verify hashes in that file against source tarball. +echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-32` %{SOURCE0}" | md5sum -c +echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-40` %{SOURCE0}" | sha1sum -c +echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-64` %{SOURCE0}" | sha256sum -c + +%autosetup -p1 -n django-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install + +%python_clone -a %{buildroot}%{_bindir}/django-admin + +%{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%%{_datadir}/bash-completion/completions/django_bash_completion-%{$python_bin_suffix}.sh +# Fix wrong-script-interpreter +sed -i "s|^#!%{_bindir}/env python$|#!%{_bindir}/$python|" \ + %{buildroot}%{$python_sitelib}/django/conf/project_template/manage.py-tpl +} +%python_compileall +%{python_expand # +%fdupes %{buildroot}%{$python_sitelib}/django/ +%fdupes %{buildroot}%{$python_sitelib}/Django-%{version}-py*.egg-info/ +} + +%check +export LANG=en_US.UTF8 +export PYTHONDONTWRITEBYTECODE=1 +%if %{with selenium} +export PATH=%{_libdir}/chromium:$PATH +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} xvfb-run $python tests/runtests.py -v 2 --selenium=chrome +%else +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2 +%endif + +%post +%{python_install_alternative django-admin} + +%postun +%{python_uninstall_alternative django-admin} + +%files %{python_files} +%doc AUTHORS README.rst +%license LICENSE +%python_alternative %{_bindir}/django-admin +%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh +%{python_sitelib}/django +%{python_sitelib}/[Dd]jango-%{version}*-info + +%changelog diff --git a/sanitize_address.patch b/sanitize_address.patch new file mode 100644 index 0000000..f9a5916 --- /dev/null +++ b/sanitize_address.patch @@ -0,0 +1,40 @@ +From da2f8e8257d1bea4215381684ca4abfcee333c43 Mon Sep 17 00:00:00 2001 +From: Mariusz Felisiak +Date: Mon, 17 Jul 2023 11:03:36 +0200 +Subject: [PATCH] Refs #34118 -- Improved sanitize_address() error message for + tuple with empty strings. + +--- + django/core/mail/message.py | 2 ++ + tests/mail/tests.py | 3 ++- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/django/core/mail/message.py b/django/core/mail/message.py +index f3fe6186c7f5..4f8c93e9e55e 100644 +--- a/django/core/mail/message.py ++++ b/django/core/mail/message.py +@@ -97,6 +97,8 @@ def sanitize_address(addr, encoding): + domain = token.domain or "" + else: + nm, address = addr ++ if "@" not in address: ++ raise ValueError(f'Invalid address "{address}"') + localpart, domain = address.rsplit("@", 1) + + address_parts = nm + localpart + domain +diff --git a/tests/mail/tests.py b/tests/mail/tests.py +index 54a136c1a98b..848ee32e9f80 100644 +--- a/tests/mail/tests.py ++++ b/tests/mail/tests.py +@@ -1084,9 +1084,10 @@ def test_sanitize_address_invalid(self): + "@", + "to@", + "@example.com", ++ ("", ""), + ): + with self.subTest(email_address=email_address): +- with self.assertRaises(ValueError): ++ with self.assertRaisesMessage(ValueError, "Invalid address"): + sanitize_address(email_address, encoding="utf-8") + + def test_sanitize_address_header_injection(self): diff --git a/support-msgfmt-0.25.patch b/support-msgfmt-0.25.patch new file mode 100644 index 0000000..535692a --- /dev/null +++ b/support-msgfmt-0.25.patch @@ -0,0 +1,69 @@ +From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001 +From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com> +Date: Fri, 6 Jun 2025 04:58:29 +0800 +Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii + compatible with msgfmt 0.25. + +--- + tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py +index 4b0bb9f6bb1..3a57dbf0765 100644 +--- a/tests/i18n/test_compilation.py ++++ b/tests/i18n/test_compilation.py +@@ -1,5 +1,6 @@ + import gettext as gettext_module + import os ++import re + import stat + import unittest + from io import StringIO +@@ -8,10 +9,12 @@ + from unittest import mock + + from django.core.management import CommandError, call_command, execute_from_command_line +-from django.core.management.utils import find_command ++from django.core.management.utils import find_command, popen_wrapper + from django.test import SimpleTestCase, override_settings + from django.test.utils import captured_stderr, captured_stdout + from django.utils import translation ++from django.utils.encoding import DEFAULT_LOCALE_ENCODING ++from django.utils.functional import cached_property + from django.utils.translation import gettext + + from .utils import RunInTmpDirMixin, copytree +@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self): + + + class CompilationErrorHandling(MessageCompilationTests): ++ @cached_property ++ def msgfmt_version(self): ++ # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt ++ # version should align to gettext. ++ out, err, status = popen_wrapper( ++ ["msgfmt", "--version"], ++ stdout_encoding=DEFAULT_LOCALE_ENCODING, ++ ) ++ m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out) ++ return tuple(int(d) for d in m.groups() if d is not None) ++ + def test_error_reported_by_msgfmt(self): + # po file contains wrong po formatting. + with self.assertRaises(CommandError): +@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self): + call_command( + "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr + ) +- self.assertIn("' cannot start a field name", stderr.getvalue()) ++ if self.msgfmt_version < (0, 25): ++ error_msg = "' cannot start a field name" ++ else: ++ error_msg = ( ++ "a field name starts with a character that is not alphanumerical " ++ "or underscore" ++ ) ++ self.assertIn(error_msg, stderr.getvalue()) + + + class ProjectAndAppTests(MessageCompilationTests): diff --git a/test_strip_tags.patch b/test_strip_tags.patch new file mode 100644 index 0000000..2f1363f --- /dev/null +++ b/test_strip_tags.patch @@ -0,0 +1,46 @@ +From 578ef30376fd279865d1719fcad064a00c625a6b Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Mon, 14 Jul 2025 14:45:03 -0300 +Subject: [PATCH] Fixed #36499 -- Adjusted + utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's + HTMLParser new behavior. + +--- + tests/test_utils/tests.py | 4 ++-- + tests/utils_tests/test_html.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/tests/test_utils/tests.py b/tests/test_utils/tests.py +index 494a0ea8d384..0de19eae9072 100644 +--- a/tests/test_utils/tests.py ++++ b/tests/test_utils/tests.py +@@ -959,10 +959,10 @@ def test_parsing_errors(self): + self.assertHTMLEqual("", "

    ") + error_msg = ( + "First argument is not valid HTML:\n" +- "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" ++ "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))" + ) + with self.assertRaisesMessage(AssertionError, error_msg): +- self.assertHTMLEqual("< div>", "

    ") ++ self.assertHTMLEqual("", "
    ") + with self.assertRaises(HTMLParseError): + parse_html("

    ") + +diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py +index 4ce552e79a0d..205eaeca1668 100644 +--- a/tests/utils_tests/test_html.py ++++ b/tests/utils_tests/test_html.py +@@ -142,10 +142,10 @@ def test_strip_tags(self): + ("&gotcha&#;<>", "&gotcha&#;<>"), + ("ript>test</script>", "ript>test"), + ("&h", "alert()h"), +- (">"), + ("X<<<
    br>br>br>X", "XX"), + ("<" * 50 + "a>" * 50, ""), +- (">" + "" + "" + ""), + (" Date: Fri, 1 Aug 2025 02:09:29 +0000 Subject: [PATCH 2/6] - Reinstate Requires on tzdata, a lot of packages use it. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=210 --- .gitattributes | 23 + .gitignore | 1 + Django-4.2.13.checksum.txt | 67 + Django-4.2.13.tar.gz | 3 + Django-5.0.7.checksum.txt | 67 + Django-5.0.7.tar.gz | 3 + Django-5.1.1.checksum.txt | 67 + Django-5.1.1.tar.gz | 3 + Django-5.1.2.checksum.txt | 67 + Django-5.1.2.tar.gz | 3 + Django-5.1.4.checksum.txt | 65 + Django-5.1.4.tar.gz | 3 + Django-5.1.5.checksum.txt | 67 + Django-5.1.5.tar.gz | 3 + Django-5.1.6.checksum.txt | 67 + Django-5.1.6.tar.gz | 3 + Django-5.1.checksum.txt | 67 + Django-5.1.tar.gz | 3 + Django-5.2.1.checksum.txt | 68 + Django-5.2.2.checksum.txt | 68 + Django-5.2.4.checksum.txt | 68 + Django-5.2.checksum.txt | 66 + Django-5.2.tar.gz | 3 + dirty-hack-remove-assert.patch | 25 + django-5.2.1.tar.gz | 3 + django-5.2.2.tar.gz | 3 + django-5.2.4.tar.gz | 3 + python-Django-rpmlintrc | 5 + python-Django.changes | 3033 ++++++++++++++++++++++++++++++++ python-Django.keyring | 132 ++ python-Django.spec | 150 ++ sanitize_address.patch | 40 + support-msgfmt-0.25.patch | 69 + test_strip_tags.patch | 46 + 34 files changed, 4364 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Django-4.2.13.checksum.txt create mode 100644 Django-4.2.13.tar.gz create mode 100644 Django-5.0.7.checksum.txt create mode 100644 Django-5.0.7.tar.gz create mode 100644 Django-5.1.1.checksum.txt create mode 100644 Django-5.1.1.tar.gz create mode 100644 Django-5.1.2.checksum.txt create mode 100644 Django-5.1.2.tar.gz create mode 100644 Django-5.1.4.checksum.txt create mode 100644 Django-5.1.4.tar.gz create mode 100644 Django-5.1.5.checksum.txt create mode 100644 Django-5.1.5.tar.gz create mode 100644 Django-5.1.6.checksum.txt create mode 100644 Django-5.1.6.tar.gz create mode 100644 Django-5.1.checksum.txt create mode 100644 Django-5.1.tar.gz create mode 100644 Django-5.2.1.checksum.txt create mode 100644 Django-5.2.2.checksum.txt create mode 100644 Django-5.2.4.checksum.txt create mode 100644 Django-5.2.checksum.txt create mode 100644 Django-5.2.tar.gz create mode 100644 dirty-hack-remove-assert.patch create mode 100644 django-5.2.1.tar.gz create mode 100644 django-5.2.2.tar.gz create mode 100644 django-5.2.4.tar.gz create mode 100644 python-Django-rpmlintrc create mode 100644 python-Django.changes create mode 100644 python-Django.keyring create mode 100644 python-Django.spec create mode 100644 sanitize_address.patch create mode 100644 support-msgfmt-0.25.patch create mode 100644 test_strip_tags.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Django-4.2.13.checksum.txt b/Django-4.2.13.checksum.txt new file mode 100644 index 0000000..abd0174 --- /dev/null +++ b/Django-4.2.13.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 4.2.13, released May 7, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-4.2.13.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/4.2/Django-4.2.13-py3-none-any.whl +https://www.djangoproject.com/m/releases/4.2/Django-4.2.13.tar.gz + +MD5 checksums +============= + +449eeffe35a7a748bf9acc4169ea7492 Django-4.2.13-py3-none-any.whl +a243a2c1e7c0752947d16d4ffae30376 Django-4.2.13.tar.gz + +SHA1 checksums +============== + +75a19218f248f0010685b471d1be86cad7602872 Django-4.2.13-py3-none-any.whl +56373bedaef33ee29b2d240b6b06ebe2e1e2fc58 Django-4.2.13.tar.gz + +SHA256 checksums +================ + +a17fcba2aad3fc7d46fdb23215095dbbd64e6174bf4589171e732b18b07e426a Django-4.2.13-py3-none-any.whl +837e3cf1f6c31347a1396a3f6b65688f2b4bb4a11c580dcb628b5afe527b68a5 Django-4.2.13.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmY6YWsoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPtEKD/9S +rZ+yadh7sQGszWtJEIZZS/YBQRcNyM+26aUkpk+3XT1SUDUs0whtX6U/P3tP+h+P +0vIk0wxTc3RhRCp8WETYulekRhPFc5HJFwlD/vh9AkEyDKW8QFuV+IBswvlfG/wK +D+QcuERl31Y1qcrCeFCM+XIRxGR9lQ0DuoCa1FuPl0bvAlNDOfNSmp4OzcPzGm4a +wE9wtsHqKkL8BAc836JIXHj5wdQK+HOkOv30ZcUU+nD3Lp5N44ESzzSe7IOutN02 +PBAixmwMf6EqjHC7JN49EwiPbEDTmg5HNj7LBM1Teqp5Hms11xGMfzxsh3AbEtoT +xeqZjrrcwoVf+wASVCKCv33Gfka45Z5X5f5G2O8//yJdLogwr6994rJ1MB7k18Yd +ObOl17pUctdrNKWuESJXz3l2c1DPbFQNKHiqI66fFm4L/fLMubMzkDlWzWH1jqSo +8tbSH9ATjEp/aLYKuGgr1gdazl4YbpiTkEjzFXYGmyjF7hPLT7xH2rrGCT4J7Bjc +TGnZGXdl4yaGcC8Q0Ma5ybMv3GgEsaa1wRnbNv5nQyNXIWrt9rcMfBDwcaSkq6NR +d7WpYUy5JT0IbR1SAazMY+NjUy+vzq26KkcUcbkoOng3guba0uPuoSphWM607MzK +UVab1KcJwNOC7/Di4Ul9vlh7dLMVg5yG+o7kFEJU/A== +=o/kY +-----END PGP SIGNATURE----- diff --git a/Django-4.2.13.tar.gz b/Django-4.2.13.tar.gz new file mode 100644 index 0000000..dde4fc1 --- /dev/null +++ b/Django-4.2.13.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:837e3cf1f6c31347a1396a3f6b65688f2b4bb4a11c580dcb628b5afe527b68a5 +size 10430886 diff --git a/Django-5.0.7.checksum.txt b/Django-5.0.7.checksum.txt new file mode 100644 index 0000000..c96a8ee --- /dev/null +++ b/Django-5.0.7.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.0.7, released July 9, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.0.7.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.0/Django-5.0.7.tar.gz +https://www.djangoproject.com/m/releases/5.0/Django-5.0.7-py3-none-any.whl + +MD5 checksums +============= + +454d23ea901892fd544541f4a1a33a3e Django-5.0.7.tar.gz +c687175397b8d6d98b8e0e35e6f142fb Django-5.0.7-py3-none-any.whl + +SHA1 checksums +============== + +ed070e21b5bf0b188104338a3b8a495b9d59593d Django-5.0.7.tar.gz +4aecb9aeab348f003c32952906eef7556a5be54b Django-5.0.7-py3-none-any.whl + +SHA256 checksums +================ + +bd4505cae0b9bd642313e8fb71810893df5dc2ffcacaa67a33af2d5cd61888f2 Django-5.0.7.tar.gz +f216510ace3de5de01329463a315a629f33480e893a9024fc93d8c32c22913da Django-5.0.7-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmaNPRgoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPgnUD/47 +sPedXK17iCelw70BRY7EqWxwVwSbTxKcnw14y2qejS923MlnEEraeOll2HbCqOmL ++O3coVJsTc9GAMrQLyip8sHCwb4SSCWmwRqQZbTdNRrZOWfCPRLsbVccEabdwTNC +7YDyDc+3FQhHIszNI0zkJ1H3G7280euwIrMIhnCbwH1PC/hqAwdlhf1+nc4BiIMg +dz/Bg65abruY/6LM0btMP72avHrM0BRiRs5kOYn7+xgh1cqnI64RHROgrymK7JkT +LxoZDhWvDv68IvyNWEuLU4yDXnv/3ZglhwUA8q+leMqtURwBWs8UMnLhHhR52kie +okrK6eBkYeHls3vMGOTKxe7nJHhfEjl6V9XJShIdU1ir+/iCeaRMzYjpr4H5591H +TMs8Hgm27Wt7U/OT5EsF+vIpLaAR9AnZfNfB1eYU34BUAloZSQCxz+Y65LCN5wKk +jfaG7phOiO33NJMUxhfemjwJIJymw7uZnuRQJ8KUMbr9Q/iCVWsMG+QXhJs96KRO +y1SYVgPgU5Jll9VN/H2WJCj9I1YOVZPDVAbMcB+hKklw6ZhZx2fxgxLO/3/REQJs +iBJ1ETPdCHct5HJyAoBD++NCeioUKd5pXxqMvtuNH7winRC9NMGw4XX1CbpBBB+1 +y1mkGxw+QvBh4rivA6TSQQwTDQXAnoT7ida+Ye2FVw== +=GcbG +-----END PGP SIGNATURE----- diff --git a/Django-5.0.7.tar.gz b/Django-5.0.7.tar.gz new file mode 100644 index 0000000..35d8d66 --- /dev/null +++ b/Django-5.0.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bd4505cae0b9bd642313e8fb71810893df5dc2ffcacaa67a33af2d5cd61888f2 +size 10642686 diff --git a/Django-5.1.1.checksum.txt b/Django-5.1.1.checksum.txt new file mode 100644 index 0000000..5bd377b --- /dev/null +++ b/Django-5.1.1.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.1, released September 3, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.1.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.1-py3-none-any.whl + +MD5 checksums +============= + +8024c23d7efe9e7acb04496ae22739c7 Django-5.1.1.tar.gz +7782d604d5b7cbb56e6b7da90595b6fa Django-5.1.1-py3-none-any.whl + +SHA1 checksums +============== + +8dedfc247c7bf010c93c5e5e30bca2012704a7ce Django-5.1.1.tar.gz +a038998584b227243ae6c1d29b3e7c2a166db918 Django-5.1.1-py3-none-any.whl + +SHA256 checksums +================ + +021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 Django-5.1.1.tar.gz +71603f27dac22a6533fb38d83072eea9ddb4017fead6f67f2562a40402d61c3f Django-5.1.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmbXARwoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmSPEACs +vwz2HvzWF+YpeXx1jLQJ6/JdQjmRPT/6pp+r0GW6KG6UqmawMsvRSX/k4zdvceYx +c7SVAIJwWNwZsPHbrjetGAI1NbAoWYxl8soCTIMR9A0mSlZebBSHb0+oUMQcwiZ5 +E4OMBv7QYYo8QVGs1KH1dMx4Unn+5VlAlaxo9BOa94PtCzUWxsIuji+yv1uKDVVa +BQivwy0ZuzBPMkHHaTAb5byWtsbLFhHeXkWirEzivecIVxvd88mO1GXh5zY3wjRW +UKLHQCNT6e3s7UB/ZS7IsQp7bPCmFfLsVp8+8pbABXqYHn6rM4/VCLhN06s/xVID +DSPkqNQz39gRbn5UNVSTLVNv/yoQ6crIHw9AiRECrJ3UaRzeDcQStnmxJx92duDr +bDLnmTI0Sx7+hqQjNOrGCFg6vO8ZVosxOgM/FgbXDKyA+FqtfbdR+/tW9KKtunPy +AHs87A6VqYMRzyTvRChzVpKKYrdMckjRUuyrogQJEuE5VJ0o5579FxBy9OekA3km +FTscEn8GiC4EZTR48IWSsNOCYn7VjihHvZGo4eO0uZRYFChTKc6Sah7p+i41XV1W +FLhOqCqF/4Kl6u3dWkWPAnm8mmWDsARpGbAoxCkd8AJtlR0nScdYuwOshlpixIVa +XgUJwJ3rzCSTd35tq+sF7y3WT3bPyUl/DwkuJVHhFA== +=i1OF +-----END PGP SIGNATURE----- diff --git a/Django-5.1.1.tar.gz b/Django-5.1.1.tar.gz new file mode 100644 index 0000000..ae180ad --- /dev/null +++ b/Django-5.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 +size 10675933 diff --git a/Django-5.1.2.checksum.txt b/Django-5.1.2.checksum.txt new file mode 100644 index 0000000..f089c52 --- /dev/null +++ b/Django-5.1.2.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.2, released October 8, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.2.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.2-py3-none-any.whl + +MD5 checksums +============= + +bdd601132b94080200e71137a20d0d6a Django-5.1.2.tar.gz +39bf6f252e055aa54b48c9ae96a57bf8 Django-5.1.2-py3-none-any.whl + +SHA1 checksums +============== + +d974a07780b80a79203631e6f4ce9bfd8d1fd119 Django-5.1.2.tar.gz +0bb112f3f251c81f0d6aef367cf73c5b03de5334 Django-5.1.2-py3-none-any.whl + +SHA256 checksums +================ + +bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0 Django-5.1.2.tar.gz +f11aa87ad8d5617171e3f77e1d5d16f004b79a2cf5d2e1d2b97a6a1f8e9ba5ed Django-5.1.2-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmcFRjcoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPklRD/9N +Sx+4arBpIcKm9w4ou7Y0dxBUW7HJBAc9o5rAIGjgCIjmM99nEclUznZqTbjtO3JS +MjkZxSO/Q9r1Ty3aWAWjfvjICIxps2vcSIxJbETiYWfyGDp/z8uMTGKTut5fn7ZN +8yCDMZBeQMsYbU0z/H5R7iSD3gr9w2UmQR3LjtV6NLdyMIvwystFGcFCo7a934nX +b8UmIyyMj+787pxciTWeFRTOJY5pSWfYPqtrI3KzTO4MLDhQzIH9anIY8G4BA9kN +0oL13ezUTWEARmeje11vLDui5SJEJ9EIUaic8MLMqMN3hPNmrClL1x3ggOMj+iP9 +XyAF7jGOaxhEy10LR4GlgJXifuqHgM3Q1CwT4+FH7nJ6ifHQTLOpZsIhTR1OHnsS +s7L1yv8L4eW+D8ZjCfJvQ+46sV4vwsR9iw5IxWfhjeB2RT6ujODJ3uPjWzm3S3ZH +mUJJ22M4qQEA1gA13VCxc1j4XC20mKvZ6yHl66QE2CiL7GhmEUp0iwaoealneUGg +88JXXJjPmdmS+AxQE5NquDmUnxlQnB7pDrQpadsbs4JLxh7Q6vAcC0vX7VMJ8qcT +gLxgtx2LeVieu8Lk0iTEmcBwa0u7nNTwRxXeUwQK0+mqPxPVaiTw8RZLSsfFY0ZM +ngxOEOrna3c+KTtbef+dBexdX5ooIUL7r9cCVQr3+A== +=YZlq +-----END PGP SIGNATURE----- diff --git a/Django-5.1.2.tar.gz b/Django-5.1.2.tar.gz new file mode 100644 index 0000000..e6cbe3b --- /dev/null +++ b/Django-5.1.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0 +size 10711674 diff --git a/Django-5.1.4.checksum.txt b/Django-5.1.4.checksum.txt new file mode 100644 index 0000000..09ae0b5 --- /dev/null +++ b/Django-5.1.4.checksum.txt @@ -0,0 +1,65 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.4, released December 4, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.4.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.4-py3-none-any.whl +https://www.djangoproject.com/m/releases/5.1/Django-5.1.4.tar.gz + +MD5 checksums +============= + +3ab67eb0e297ab798f572d38159a4301 Django-5.1.4-py3-none-any.whl +03ec3e0f2d6cbcb9eb11c629ca1c538b Django-5.1.4.tar.gz + +SHA1 checksums +============== + +0e61a94ba38a41b967ebbaaddde2b1e0edf1c583 Django-5.1.4-py3-none-any.whl +6e47f95d8b22cfd314c8b2676b2f854016f498b5 Django-5.1.4.tar.gz + +SHA256 checksums +================ + +236e023f021f5ce7dee5779de7b286565fdea5f4ab86bae5338e3f7b69896cf0 Django-5.1.4-py3-none-any.whl +de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a Django-5.1.4.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmdQV2ktHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +lJAL/3EBWgN3FlChHJ4zGNbYh8ZDhOlfujm6JSSyibTV5xStVdOY4Q+/enbZ+NTh +nHXOmbmM6own9x4+0Es/KLsw4CBB1gYCoMJ3CwOVqj845cxQY6BrWy2cFQyDcuZ5 +Ae5UBDQxPxLDWUZyLfAHeArR1+I2elFO2L778HFduzrqWm+Ht+WFRiSnEtBZbkql +4fNSWCTxs1EIMdZNzt4m8SclrRRwJMZ87Zgn8RTmG8X5DAJMUzMnTN3+w6VohsX9 +/ThSSFQEMckGbFh+eOzj1MiIKHzgULoGLOLsOCDATvfz+4iUDM8BqS5KJpOHKbMZ +XYWHOefWdEfB3vGKigiYAKcykbT97BX6/UitVqrB+WhQpdmJZ1u1Kzc6zYr4ZH1b +s3v31rgK+wp9PTx3A9CKjgFpap/NYTkbksIJD/rhR/JblqCrOPV3hvd6D+GwJc+G +DPSj1WvTvda5Vl7MqdcHuKPnp9sM1IvW/DIXalvhWN0v75yr2YkBluEhbdg6fMEu +OxXc+Q== +=/WMm +-----END PGP SIGNATURE----- diff --git a/Django-5.1.4.tar.gz b/Django-5.1.4.tar.gz new file mode 100644 index 0000000..e0c461f --- /dev/null +++ b/Django-5.1.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a +size 10716397 diff --git a/Django-5.1.5.checksum.txt b/Django-5.1.5.checksum.txt new file mode 100644 index 0000000..1f2386d --- /dev/null +++ b/Django-5.1.5.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.5, released January 14, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.5.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.5.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.5-py3-none-any.whl + +MD5 checksums +============= + +272e951dbc4ccb7854c5a69aa5650749 Django-5.1.5.tar.gz +7effbd0a8ec3bf8c9d5f0c857138a07a Django-5.1.5-py3-none-any.whl + +SHA1 checksums +============== + +b41593f64adf86667e6a36c97aebe7ec832fc474 Django-5.1.5.tar.gz +df1802610c7e6be090140650cd4e6e656cc5364a Django-5.1.5-py3-none-any.whl + +SHA256 checksums +================ + +19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 Django-5.1.5.tar.gz +c46eb936111fffe6ec4bc9930035524a8be98ec2f74d8a0ff351226a3e52f459 Django-5.1.5-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmeGUCgoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPkTrEACU +0rwddvqE/tg0JcZxTUh4kQOY5H70jlo0nwmBZkyjS9441STQEPohY0KTk3i2BgAO +z2KcGPfBmzLJU5khx0orJK/BS4J9tpw3eIZ7yg32R1ZrbGEUkxO2dFDcTq0eS7wt +7x8K8FXWWzXT3BPKKio1aah4lFoCzzNf/x3dlOrqp3cRVU4QYPB7Ap0xW0wa4XaG +H9Nas+LR9eBUKEqKQHyKT5jA8ny0ytpYzL1ItQQSUhsgOPQu726xBseGYOogUTY0 +T625X/tQcUIGn9HmqTbszn6o9QjqL/BWHTeg+8zwhZK8O0o03sQdGWf2meGxR75d +/tlM9uYTo0LBnKW5nZi+0jYuF8vnIHb47pYRMAeSudbtX0sc8Uxtf4Jn4tnU58NQ +JeGDAR6zyDvYlrWo2y2g7CN/z277VS7Aw2lxDhNUaVqW4JxVqkktg6ODmtnp8lbl +1UACgw/gFHgSJ6DbmvyiPaewh6jkKnPDukvNb/MZ3uYIG5ndgLwZ5bt/3AEV7JYs +jqgEgZdH3sN9A7ZFfDx3C1H0K87aMMvVK2rBg6FQt1B59U3OrGwh2kO1sB+LIXrw +bzxSnSR4PThgISnJbNptFInMgDNOVuKnD7cDvSiH5sl+xmLS0GiMHVH1wNhNotVF +stWL1lY20xHeiRgTutpTsDjF4dX24x7d89av8I3jlA== +=L8Sc +-----END PGP SIGNATURE----- diff --git a/Django-5.1.5.tar.gz b/Django-5.1.5.tar.gz new file mode 100644 index 0000000..ed1f465 --- /dev/null +++ b/Django-5.1.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 +size 10700031 diff --git a/Django-5.1.6.checksum.txt b/Django-5.1.6.checksum.txt new file mode 100644 index 0000000..37ec9d3 --- /dev/null +++ b/Django-5.1.6.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.6, released February 5, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.6.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.6.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.6-py3-none-any.whl + +MD5 checksums +============= + +39585ffad0b04e7d5d7726a6b4e45d41 Django-5.1.6.tar.gz +27ad2093eaef2c1aeb76cb8025cbbbf5 Django-5.1.6-py3-none-any.whl + +SHA1 checksums +============== + +c96db1b845d9f3a0982c6297f5cd78c43b3280d2 Django-5.1.6.tar.gz +70a0ffed34bb16e4373f95e91018bde4d0ef1b2f Django-5.1.6-py3-none-any.whl + +SHA256 checksums +================ + +1e39eafdd1b185e761d9fab7a9f0b9fa00af1b37b25ad980a8aa0dac13535690 Django-5.1.6.tar.gz +8d203400bc2952fbfb287c2bbda630297d654920c72a73cc82a9ad7926feaad5 Django-5.1.6-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmejcjsoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPuO7D/9i +NqPgKoFDRpo47uqA7791xrWGspAlk1AXtaqdoGDWK0fyb6tetELAB05gICoAZk1q +3BN5qTU22dftpn6k26Vt3b16myrBUb3samncQ1z4DHWctnFUrTSs0ztkqc55w/SE +E2klPzON/D/4PBTfOPAq+1rXk9r/EVMmv6s9pOrgvr+Xjo+OiWshoBXVPxmTRws5 +Sv3Ll1a/ifMg22bN5bgMBuY03UdFbXA4a52DvEmA3DC56EaRZsqzFbzlvldYYUgi +7Fy3u8fl1Gpl1XYTggnIcOogltAUeRomj5i5xo+Ge5Em8pI/F5EtuHH7zWL+2VDK +NyjYSSB9hY5dzJmGSTdv6yf+JtMNgG5n2fd2786Qcb5/NhtVjEMQPWMKiLZaCIZ6 +5Y33gEmMCKXekaOk60PwwMZaqEQMirNcnSNEzOX2yjP/VIPixcQKm9iDhVg91t8G +UZVhsDV+1KrHseV+byMeXmHPHBx4WOi0+X5deU71aZn4NZSUmIyfMIDpag/B9Wis +OJZ7BNaUJXNl1JS9A2gxt8Kt3S6xZUdPbFXYXvpniuKOSBFl397oaqOtGPoP63Fw +QSnyExHibH57k7tq43hw04hLLMBEghhHA7TvYZrtoF10E/xEKJIflOAoicejYFmm +0UNCpq6lznK36fLJaA6cnuBYqJftKOSmVbMHOeQ7vw== +=mt6z +-----END PGP SIGNATURE----- diff --git a/Django-5.1.6.tar.gz b/Django-5.1.6.tar.gz new file mode 100644 index 0000000..ba05271 --- /dev/null +++ b/Django-5.1.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1e39eafdd1b185e761d9fab7a9f0b9fa00af1b37b25ad980a8aa0dac13535690 +size 10700620 diff --git a/Django-5.1.checksum.txt b/Django-5.1.checksum.txt new file mode 100644 index 0000000..8d29bff --- /dev/null +++ b/Django-5.1.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1, released August 7, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1-py3-none-any.whl + +MD5 checksums +============= + +77f44885427c09458e1abd0b48e09517 Django-5.1.tar.gz +e8a8edeeb894fcba4830653e450ef8ea Django-5.1-py3-none-any.whl + +SHA1 checksums +============== + +34e73c5ea536989ce8b59d4dcbcad81f8df042b0 Django-5.1.tar.gz +c1c96089c6a5d90439ae6849f8ab4d11f22cfaec Django-5.1-py3-none-any.whl + +SHA256 checksums +================ + +848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d Django-5.1.tar.gz +d3b811bf5371a26def053d7ee42a9df1267ef7622323fe70a601936725aa4557 Django-5.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmazdjMoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPoWDD/0S +xuoCMIvhc7m8FWAZ8VS0zkzT0e7TZonySEG5Oa1GrEMEZLe7C98HIXXptGDBuJkQ +W8WPbOgoc8iylA6/X3Q74guZMiZ2x/yK1XH3W/TwahMO0ii7bjcBkMJX0hB0zSph +SndMUCmBLuyfPNKUWQrBfGHtegmtm6tyHi5pLBLNgZjebh5Poy+3lrYlIL95sVG9 +5ckvE9B4+5z/muZlJzSf3784mMirWRnHLsOsvFZLuEBESyaS7C4gjUaRFX2JUzKG +0HRw/CUFR5BlsNefYRXZGAdW0rWMk9ucgc6BYbqTfwDfRUyFE+0jxQgNLP+t2hVj +W4Jr0hNyYJ6fLvW+L9owIBdL8dUBGEOoFKQmudnKEKFyfa2uXJcPnHPzTOMX28WT +CvN0kh55v8IqBpMlXZY7/6Cc2E6LTNvDRMygNJbV8Jl9bhQDvl9vII8PhmEv8774 +bJBExGvgTluySZQHUr2/aJXC0ldUiHAyleq8iD4lq3z7jOHN7W4T1TNFPI9+m34D +nTzOJSu7H/sYGp11UoyvW1MyHrocxgn+GE1Lg4MOlFpbwsRXG8vBBP8n00w6srqO +/0wfOtmwHK+Kf2VjW6VtzKIg5LUTpEKZC9FOgAweiZ80BVZRXqB0pSIkHIRTqswJ +ygDLRvq/Cp4D0OxHDM3DVZW/vKNn1zi0WH+9zlCLrA== +=XAjV +-----END PGP SIGNATURE----- diff --git a/Django-5.1.tar.gz b/Django-5.1.tar.gz new file mode 100644 index 0000000..049e68e --- /dev/null +++ b/Django-5.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d +size 10681050 diff --git a/Django-5.2.1.checksum.txt b/Django-5.2.1.checksum.txt new file mode 100644 index 0000000..88bd451 --- /dev/null +++ b/Django-5.2.1.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.2.1, released May 6, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.1/tarball/ +https://www.djangoproject.com/download/5.2.1/wheel/ + +MD5 checksums +============= + +317174c6e0593c40e58ec1bd428b1091 django-5.2.1.tar.gz +7821a8fa6b4193707af79c9b4bc64236 django-5.2.1-py3-none-any.whl + +SHA1 checksums +============== + +c8c6571401bede943be6b1ca4babe93cf2612e16 django-5.2.1.tar.gz +0c2f04440b66d67223e74146ff94b577c7da2dff django-5.2.1-py3-none-any.whl + +SHA256 checksums +================ + +57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 django-5.2.1.tar.gz +a9b680e84f9a0e71da83e399f1e922e1ab37b2173ced046b541c72e1589a5961 django-5.2.1-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmgatvooHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPo5pEACE +tPY3ZQqbCCvhD17CXkDKU2S/4kJPtQbbvd183nj1MMOwWhNBR5VV15Gvgf9v4sp1 +QaufUfaCUdrbuOsaapU2lf61Q3XKSTZZ6EoBlsmAjfcMbJrV3DzW2dK2L4awGi0/ +bm4tI+94qapSLQAwLK8IJai7Z9kpuptQeeBlNFo52XXuzESL4+ZpvIgqQzbjRU8x +fMM7+1Wf3mS2wt5vG5araxVovYAJvgXYnlHoGbu8DM9tmO0x2iFCkUuGbCcxTAiJ +CwSuZOOPiHdIZWgu6M/WR8jZ8c67YMgamb4kukfP3NnNScqvUi+rPCyGGFpnrMwj +iVHFmKulSI7lBnbjAgkwNNQ1asTiZO/W76MQKgFecUU592RGZKV/oH1rt5vbXeWu +MkBcaVL6GEgV66bXb13a3P/XB1PQKiCSOO28DJyhYj9eIJnQsuOKN43UUZzrmvEB +1cJ2/dHj+wJGWs8D9Bx2Yl5bcTgxFoSjb1gt6Vth0NgQuLb8aRP5/DuoNEIAxDdb +Dv7O2uSE5JFK0P1GxF/N7DIHzSoyUr7vkm5cb1bGBVhxtCa2XPdluojEDKqduxjR +4jZjB8nswRdZY63V6n4pEVQdkbIgFJdyFaWmoylfqGfZ3JiIGz8WyQQ+jw17V2L1 +sjRHd1y1JPOZKyb2g+QGR0H+AQvqedWZ95XJGirNtw== +=b+2b +-----END PGP SIGNATURE----- diff --git a/Django-5.2.2.checksum.txt b/Django-5.2.2.checksum.txt new file mode 100644 index 0000000..2c9ffc7 --- /dev/null +++ b/Django-5.2.2.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.2, released June 4, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.2/tarball/ +https://www.djangoproject.com/download/5.2.2/wheel/ + +MD5 checksums +============= + +782577f532efab32f8119a7071f55d04 django-5.2.2.tar.gz +5d85fa7778bd65981714e562012a5626 django-5.2.2-py3-none-any.whl + +SHA1 checksums +============== + +87dff3ef8d00b15491d5bb64b2404caf66d8ae59 django-5.2.2.tar.gz +7964171a3e17b3e3e8aeb2d2bff763d128836d74 django-5.2.2-py3-none-any.whl + +SHA256 checksums +================ + +85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952 django-5.2.2.tar.gz +997ef2162d04ead6869551b22cde4e06da1f94cf595f4af3f3d3afeae1f3f6fe django-5.2.2-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhAMRIoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmgqD/9b +ON8sroesSKb2lAdjUe2XFKceWBpSjySACsPwLko5gPhfxJ9gn0XEDQccYw6U4KkJ +PbRlrKKNr1zqX3IfRoggg3E6GU/rw9LUqgB2GByuBRjyZe29bF0KWiLWVmjLL6c8 +WszgKZxYu73vBfHcY1StLVSGMHxMlolvWikhpS4taHKOsYLmYxFnPdDeLjC/hYyb +tYjfdaKgDm5czpy9Put+Kzu15KcW0PqHAuPJtcGHo3l7lfRSd/m9X6iNtUXmsN8J +H8kLEzfG91tUuHl7UgFpZpSEGqnRV/dM+s+fKeVJC9t6Jsu8lbQp3omMaBl/SCwV +qicA9Go9cqUoDLz8JSkv0YCOGAyUZyOvjlW8zAkoRQuCcEkDxLh2VsdRRB7Z0E7K +SvDq03XZwXeBUpQAbkoZ+TpS4EoiydY7I7PTq5k+yzMEoid+k7sRclfndeTpAmPf +7Xtq3KDPnIKo+7maECiKVeEfCUIgxXygEz3fbrYTn9LcDcFnGWKA9/DH/9yD4+zR +AS4RI0k0PUWzbq/6+A+3BqQTo75dLxm/BHpyd9NoddYIsuhwlLq3IU+SopR8vG2/ +bydqaovZuiyHS59vGgMuAFJIaeW5/TW8zoLvRVekVG0nCVgcj17pR7zqa6EGKefS +6ydabjbxzeFC3qdYiOIneghfIUnk3HeVQRLd0Vw58w== +=Pk1M +-----END PGP SIGNATURE----- diff --git a/Django-5.2.4.checksum.txt b/Django-5.2.4.checksum.txt new file mode 100644 index 0000000..9c39d41 --- /dev/null +++ b/Django-5.2.4.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.4, released July 2, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.4.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.4/tarball/ +https://www.djangoproject.com/download/5.2.4/wheel/ + +MD5 checksums +============= + +6ecc4875e8cdc08706faea1cc4740fdf django-5.2.4.tar.gz +fee657f7686462d388f274c5f92b634a django-5.2.4-py3-none-any.whl + +SHA1 checksums +============== + +de45d44e1bb2ceb1c08b8fd0846de920874f71a1 django-5.2.4.tar.gz +a6a7904e3749a0e8937a50643293889929b4b6f7 django-5.2.4-py3-none-any.whl + +SHA256 checksums +================ + +a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f django-5.2.4.tar.gz +60c35bd96201b10c6e7a78121bd0da51084733efa303cc19ead021ab179cef5e django-5.2.4-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhlfcIoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPj5DD/94 +KOuOZ5JHtZWknqi1JeV1akzB/RpY7lhL9SbJbVXhdAxOY9Cn4eUG7NsPWa9JnhX1 +F/2geBE5mjOZen4ARtGHWxa5vqidqUbscrU9AkqPLn6aecEKi2jXXNkYmmWw/37K +wb92BQtuWkaXyiZ4E6Sledx9yFhcqMDFg27CdNYfAqUWofI6zzSmLIzOlOSVR9Sc +uDrfRqQ4GXlRGT5pIkcIxE0ZKToUYrKgn99PZOmBcLfJgQ4VBt62J6SzZAhhElb3 +DUMcVhG2XNIhg7v7DwlVodowDYQdRi2H/ahAa7/m1+uugRbysoGSLLwP+50tDjlj +07zxoJsrL5R9zaMp4pcXQN4bUy3rDz94DkjlXO51f8LwDdStvk4VOYan1W5S9BhP +R0conCFfcg4+iK0pV5e/GeeTwBRHQw8p5RuWfrEpKFi/XQtT0u01hqUGppeuZ9wI +f+Ud9RA8Nrw0ouli4WvfH0RVFuMgUFqScwO88oatuUH5CDPjlV+5usNb7FrmZXv6 +AWRopONOcYGF07+FYh0nsoE8enWyxE+JWTJzxT5PGZ3buUO0hlnJ+auoJv8yOVii +ELCSUyi93glWonCBrS41XrNO6+6K/8V9V6iv9/PdGwF1GszbX5Rx4e2lDMA7crYh +1qKGaV3+iAO+Y+vXt6VTy6h5GLg9hun+RQ8TU3Guyg== +=d9C5 +-----END PGP SIGNATURE----- diff --git a/Django-5.2.checksum.txt b/Django-5.2.checksum.txt new file mode 100644 index 0000000..e7d38e4 --- /dev/null +++ b/Django-5.2.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.2, released April 2, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2/tarball/ +https://www.djangoproject.com/download/5.2/wheel/ + +MD5 checksums +============= + +2365e2eb1228298df5bc63bbde049eb2 Django-5.2.tar.gz +1279aff7c80b1bdc921e28703e0f93b4 Django-5.2-py3-none-any.whl + +SHA1 checksums +============== + +691d9be1935e40b102fa599a2d54c1dc0289e707 Django-5.2.tar.gz +bfc1f7d9276c137d477389e71fbb4e849101af75 Django-5.2-py3-none-any.whl + +SHA256 checksums +================ + +1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89 Django-5.2.tar.gz +91ceed4e3a6db5aedced65e3c8f963118ea9ba753fc620831c77074e620e7d83 Django-5.2-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmftNIotHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +h0QMAJAgwXxMa/HElDElvmxojqY7H/oZ4obF7QtaywMKrV2IXGDi63RgCr6IIpD/ +rgWgEiyGUT6Mz/LxifkApDG8QQCDpvBW2suVQqDFgDwthX3h7URpypI98OnErskB +b/ZlD/WGIRUDl8rC5YLHEp+aYXSsoR76cIEuPSnvyXkKGikcB4ti1IJBttjBbbgk +uMn2WSgpFs1DMfuXvasZ2El3orwYgV7RCdC/GxurmzBcQE4Vdk5tLNHNvxzyZQnG +K5BO2dHhG6bUMhn75cxOsVfpjcrcSrZt/WzLE8b0JRK6IUto99R8RCGgTPVYbQE1 +5Bo4vaHnjRAjVw6YtT1KKrgYdTf8vDE3I+oNxbljmH92lVQ/g2uoPnqB91hXVboh +/EQX99MsRMVn6Ja00p40hPzjVvApbSuaBg/CDTlYCfnrj+0Ry0UanqPxnsJNxJmj +C2rYfYQa6vsd4t99/pzc9pgS4oW8h4Kl1MjBYAft5OlFCbUmYOPRNNjz4TsGlbAq +8SDOpQ== +=O1eA +-----END PGP SIGNATURE----- diff --git a/Django-5.2.tar.gz b/Django-5.2.tar.gz new file mode 100644 index 0000000..57e23ec --- /dev/null +++ b/Django-5.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89 +size 10824891 diff --git a/dirty-hack-remove-assert.patch b/dirty-hack-remove-assert.patch new file mode 100644 index 0000000..fadb3c1 --- /dev/null +++ b/dirty-hack-remove-assert.patch @@ -0,0 +1,25 @@ +From 36736edaf595d2bbf1fe881609b2a4c8e3bac68a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= +Date: Thu, 29 Jun 2023 12:29:21 +0200 +Subject: [PATCH] Dirty hack: Remove a failing assert, failure does not seem + critical + +--- + tests/settings_tests/tests.py | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/tests/settings_tests/tests.py b/tests/settings_tests/tests.py +index 62cbffb..b7432d3 100644 +--- a/tests/settings_tests/tests.py ++++ b/tests/settings_tests/tests.py +@@ -397,7 +397,6 @@ class TestComplexSettingOverride(SimpleTestCase): + with self.assertWarnsMessage(UserWarning, msg) as cm: + with override_settings(TEST_WARN="override"): + self.assertEqual(settings.TEST_WARN, "override") +- self.assertEqual(cm.filename, __file__) + + + class SecureProxySslHeaderTest(SimpleTestCase): +-- +2.40.1 + diff --git a/django-5.2.1.tar.gz b/django-5.2.1.tar.gz new file mode 100644 index 0000000..47f140b --- /dev/null +++ b/django-5.2.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 +size 10818735 diff --git a/django-5.2.2.tar.gz b/django-5.2.2.tar.gz new file mode 100644 index 0000000..6192ba9 --- /dev/null +++ b/django-5.2.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952 +size 10827542 diff --git a/django-5.2.4.tar.gz b/django-5.2.4.tar.gz new file mode 100644 index 0000000..0638a82 --- /dev/null +++ b/django-5.2.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f +size 10831909 diff --git a/python-Django-rpmlintrc b/python-Django-rpmlintrc new file mode 100644 index 0000000..0159bae --- /dev/null +++ b/python-Django-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("file-not-in-%lang") +# Empty model.py files should be kept around: +addFilter("zero-length") +# Bash completion isn't config: +# addFilter("non-conffile-in-etc /etc/bash_completion.d/django_bash_completion*") diff --git a/python-Django.changes b/python-Django.changes new file mode 100644 index 0000000..8e87340 --- /dev/null +++ b/python-Django.changes @@ -0,0 +1,3033 @@ +------------------------------------------------------------------- +Fri Aug 1 02:09:01 UTC 2025 - Steve Kowalik + +- Reinstate Requires on tzdata, a lot of packages use it. + +------------------------------------------------------------------- +Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik + +- Add patch support-msgfmt-0.25.patch: + * Support msgfmt 0.25 error messages changes. (bsc#1246966) +- Remove unneeded Requires on tzdata. + +------------------------------------------------------------------- +Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová + +- Add upstream test_strip_tags.patch to fix test errors with + at-this-point future python interpreters + +------------------------------------------------------------------- +Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová + +- Update to 5.2.4 + * Fixed a log injection possibility by migrating remaining response logging + to django.utils.log.log_response(), which safely escapes arguments + such as the request path to prevent unsafe log output (CVE 2025-48432). + * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to + incorrectly convert None to JSON null instead of SQL NULL for JSONField + * Fixed a regression in Django 5.2.2 where the q parameter was removed from + the internal django.http.MediaType.params property + * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type() + incorrectly preferred more specific media types with a lower quality + * Fixed a crash in Django 5.2 when performing an __in lookup involving a + composite primary key and a subquery on certain backends + +------------------------------------------------------------------- +Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová + +- Update to 5.2.2 (bsc#1244095) + * CVE-2025-48432: Potential log injection via unescaped request path + * Fixed a crash when using select_related against a ForeignObject + originating from a model with a CompositePrimaryKey + * Fixed a regression in Django 5.2 that caused a crash when no + arguments were passed into QuerySet.union(). + * Fixed a regression in Django 5.2 that caused a crash when using OuterRef + in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg. + * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not + account for media type parameters in Accept headers, reducing specificity + in content negotiation. + +------------------------------------------------------------------- +Mon May 12 08:20:40 UTC 2025 - Markéta Machová + +- Update to 5.2.1 (bsc#1242210) + * This release was built using an upgraded setuptools, producing + filenames compliant with PEP 491 and PEP 625 and thus addressing + a PyPI warning about non-compliant distribution filenames. This + change only affects the Django packaging process and does not + impact Django’s behavior. + * CVE-2025-32873: Denial-of-service possibility in strip_tags() + * Fixed a data corruption possibility in file_move_safe() when + allow_overwrite=True + * Fixed a regression introduced when fixing CVE 2025-26699, where + the wordwrap template filter did not preserve empty lines between + paragraphs after wrapping text + * Fixed many bugs and regressions in Django 5.2, see upstream changelog + +------------------------------------------------------------------- +Tue Apr 22 15:46:20 UTC 2025 - Markéta Machová + +- Add missing runtime dependency on tzdata + +------------------------------------------------------------------- +Mon Apr 7 15:02:18 UTC 2025 - Markéta Machová + +- Update to 5.2 + * Django 5.2 is designated as a long-term support release. It will receive + security updates for at least three years after its release. + * Django 5.2 supports Python 3.10, 3.11, 3.12, and 3.13. + ** What’s new in Django 5.2 ** + * Automatic models import in the shell + * Composite Primary Keys + * Simplified override of BoundField + * ... and many more smaller features + ** Backwards incompatible changes in 5.2 ** + * Database backend API changes + * Dropped support for PostgreSQL 13 + * Changed MySQL connection character set default + * ... and more, see upstream changelog + ** Features deprecated in 5.2 ** + * The all argument for the django.contrib.staticfiles.finders.find() + function is deprecated in favor of the find_all argument. + * The ordering keyword argument of the PostgreSQL specific aggregation + functions is deprecated in favor of the order_by argument. + +------------------------------------------------------------------- +Mon Apr 7 14:19:10 UTC 2025 - Markéta Machová + +- Update to 5.1.8 + * CVE-2025-27556: Potential denial-of-service vulnerability in + LoginView, LogoutView, and set_language() on Windows + * Fixed a regression in Django 5.1.7 where the removal of the single_object + parameter unintentionally altered the signature and return type of + LogEntryManager.log_actions() + +------------------------------------------------------------------- +Sun Mar 30 08:28:57 UTC 2025 - Dirk Müller + +- update filelist to be compatible with newer setuptools + +------------------------------------------------------------------- +Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová + +- Update to 5.1.7 (bsc#1239052) + * CVE-2025-26699: Potential denial-of-service vulnerability in + django.utils.text.wrap() + * Fixed a bug in Django 5.1 where the {% querystring %} template tag + returned an empty string rather than "?" + * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite + set to True, did not truncate the overwritten file content + * Fixed a regression in Django 5.1 where the count and exists methods of + ManyToManyField related managers would always return 0 and False when + the intermediary model back references used to_field + * Fixed a regression in Django 5.1 where the pre_save and post_save signals + for LogEntry were not sent when deleting a single object in the admin + +------------------------------------------------------------------- +Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová + +- Update to 5.1.6 + * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() + and validate_ipv46_address() to crash when handling non-string values + * Fixed a regression in Django 5.1 where password fields, despite being + set to required=False, were still treated as required in forms derived + from BaseUserCreationForm + +------------------------------------------------------------------- +Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová + +- Update to 5.1.5 (bsc#1235856) + * CVE-2024-56374: Potential denial-of-service vulnerability in + IPv6 validation + * Fixed a crash when applying migrations with references to the + removed Meta.index_together option + +------------------------------------------------------------------- +Mon Dec 9 09:13:02 UTC 2024 - Markéta Machová + +- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) + * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() + * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle + * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError + * Fixed a regression in Django 5.1 where relational fields were not updated + * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value + that contained a valid domain name, rather than only input values that were + a valid domain name + * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 + * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed + when rendering admin fieldsets + +------------------------------------------------------------------- +Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová + +- Update to 5.1.2 + * Fixed a regression in Django 5.1 that caused a crash when using + the PostgreSQL lookup trigram_similar on output fields from Concat + * Fixed a regression in Django 5.1 that caused a crash of JSONObject() + when using server-side binding with PostgreSQL 16+ + * Fixed a regression in Django 5.1 that made selected items in + multi-select widgets indistinguishable from non-selected items in + the admin dark theme + +------------------------------------------------------------------- +Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.1.1 (bsc#1229823, bsc#1229824) + * CVE-2024-45230: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-45231: Potential user email enumeration via response + status on password reset + * Fixed a regression in Django 5.1 that caused a crash of Window() + when passing an empty sequence to the order_by parameter, and a + crash of Prefetch() for a sliced queryset without ordering + * Fixed a regression in Django 5.1 where a new usable_password field + was included in BaseUserCreationForm (and children). A new + AdminUserCreationForm including this field was added, isolating + the feature to the admin where it was intended + * Adjusted the deprecation warning stacklevel in Model.save() and + Model.asave() to correctly point to the offending call site + * Adjusted the deprecation warning stacklevel when using + OS_OPEN_FLAGS in FileSystemStorage to correctly point to the + offending call site + * Adjusted the deprecation warning stacklevel in + FieldCacheMixin.get_cache_name() to correctly point to the + offending call site + * Restored, following a regression in Django 5.1, the ability to + override the timezone and role setting behavior used within the + init_connection_state method of the PostgreSQL backend + * Fixed a bug in Django 5.1 where variable lookup errors were logged + when rendering admin fieldsets + +------------------------------------------------------------------- +Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová + +- Update to 5.1 + * Supports Python >= 3.10. + * Easier guardrails for authentication: the new and shiny + LoginRequiredMiddleware, when added to MIDDLEWARE, enforces + authentication for all views by default. + * A more inclusive framework: Django 5.1 includes several accessibility + enhancements, such as improved screen reader support in the admin + interface, more semantic HTML elements, and better association of + help text and labels with form fieldsets. + * The second oldest ticket fixed in this release provides the long awaited + querystring template tag, which greatly simplifies the handling of query + strings when building URLs in templates. + * For a detailed list of changes see https://docs.djangoproject.com/en/5.1/releases/5.1/ +- Refreshed python-Django.keyring + +------------------------------------------------------------------- +Wed Aug 7 06:07:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632) + * CVE-2024-41989: Memory exhaustion in + django.utils.numberformat.floatformat() + * CVE-2024-41990: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-41991: Potential denial-of-service vulnerability in + django.utils.html.urlize() and AdminURLFieldWidget + * CVE-2024-42005: Potential SQL injection in QuerySet.values() and + values_list() + * Added missing validation for + UniqueConstraint(nulls_distinct=False) when using *expressions + * Fixed a regression in Django 5.0 where ModelAdmin.action_checkbox + could break the admin changelist HTML page when rendering a model + instance with a __html__ method + * Fixed a crash when creating a model with a Field.db_default and a + Meta.constraints constraint composed of __endswith, __startswith, + or __contains lookups + * Fixed a regression in Django 5.0.7 that caused a crash in + LocaleMiddleware when processing a language code over 500 + characters + * Fixed a bug in Django 5.0 that caused a system check crash when + ModelAdmin.date_hierarchy was a GeneratedField with an + output_field of DateField or DateTimeField + * Fixed a bug in Django 5.0 which caused constraint validation to + either crash or incorrectly raise validation errors for + constraints referring to fields using Field.db_default + * Fixed a crash in Django 5.0 when saving a model containing a + FileField with a db_default set + +------------------------------------------------------------------- +Tue Jul 9 14:03:46 UTC 2024 - Markéta Machová + +- Update to 5.0.7 + * Supports Python >= 3.10. + * Facet counts are now shown for applied filters in the admin changelist + when toggled on via the UI. This behavior can be changed via the new + ModelAdmin.show_facets attribute. + * Django 5.0 introduces the concept of a field group, and field group + templates. This simplifies rendering of the related elements of a + Django form field such as its label, widget, help text, and errors. + * The new Field.db_default parameter sets a database-computed default value. + * The new GeneratedField allows creation of database generated columns. + This field can be used on all supported database backends to create + a field that is always computed from other fields. + * More options for declaring field choices + * Few backwards-incompatible changes in the database backend API, + django.contrib.gis and django.contrib.sitemaps + * Dropped support for MySQL < 8.0.11 + * Using create_defaults__exact may now be required with QuerySet.update_or_create() + * Migrating existing UUIDField on MariaDB 10.7+ +- This release also fixes several security issues: + * bsc#1227590 (CVE-2024-38875) + * bsc#1227593 (CVE-2024-39329) + * bsc#1227594 (CVE-2024-39330) + * bsc#1227595 (CVE-2024-39614) +- Drop no-longer-needed patches: + * dirty-hack-remove-assert.patch + * sanitize_address.patch + +------------------------------------------------------------------- +Wed May 8 07:30:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.13 + + Django 4.2.13 fixes a packaging error in 4.2.12. +- Update to 4.2.12 + + Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+. + + Fixed a crash in Django 4.2 when validating email max line lengths + with content decoded using the surrogateescape error handling + scheme +- Drop fix-safemimetext-set_payload.patch, already merged upstream + +------------------------------------------------------------------- +Thu Apr 18 06:39:36 UTC 2024 - Daniel Garcia + +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) + +------------------------------------------------------------------- +Mon Mar 4 14:05:28 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +------------------------------------------------------------------- +Fri Feb 9 10:18:37 UTC 2024 - Daniel Garcia + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. + +------------------------------------------------------------------- +Thu Jan 4 09:27:51 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.9: + * Fixed a regression in Django 4.2.8 where admin fields on the same + line could overflow the page and become non-interactive + +------------------------------------------------------------------- +Mon Dec 4 10:21:00 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.8 + * Fixed a regression in Django 4.2 that caused makemigrations + --check to stop displaying pending migrations + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing other aggregates + or window functions through conditional expressions + * Fixed a regression in Django 4.2 that caused a crash when + annotating a QuerySet with a Window expressions composed of a + partition_by clause mixing field types and aggregation expressions + * Fixed a regression in Django 4.2 where the admin’s change list + page had misaligned pagination links and inputs when using + list_editable + * Fixed a regression in Django 4.2 where checkboxes in the admin + would be centered on narrower screen widths + * Fixed a regression in Django 4.2 that caused a crash of querysets + with aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode + was enabled + * Fixed a regression in Django 4.2 where the admin’s read-only + password widget and some help texts were incorrectly aligned at + tablet widths + * Fixed a regression in Django 4.2 that caused a migration crash on + SQLite when altering unsupported Meta.db_table_comment + +------------------------------------------------------------------- +Mon Nov 27 12:20:48 UTC 2023 - Dirk Müller + +- add dirty-hack-remove-assert.patch from fedora to fix + minor test failure with python 3.12 + +------------------------------------------------------------------- +Wed Nov 1 08:12:59 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.7 + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing expressions + containing subqueries + * Restored, following a regression in Django 4.2, creating + varchar/text_pattern_ops indexes on CharField and TextField with + deterministic collations on PostgreSQL + +------------------------------------------------------------------- +Mon Oct 16 08:33:05 UTC 2023 - Daniel Garcia Moreno + +- Update to 4.2.6 (bsc#1215978, CVE-2023-43665) + * CVE-2023-43665: Denial-of-service possibility in + django.utils.text.Truncator + The input processed by Truncator, when operating in HTML mode, has + been limited to the first five million characters in order to + avoid potential performance and memory issues. + * Fixed a regression in Django 4.2.5 where overriding the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests + caused the main STORAGES to mutate (#34821). + * Fixed a regression in Django 4.2 that caused unnecessary casting + of string based fields (CharField, EmailField, TextField, + CICharField, CIEmailField, and CITextField) used with the __isnull + lookup on PostgreSQL. As a consequence, indexes using an __isnull + expression or condition created before Django 4.2 wouldn’t be used + by the query planner, leading to a performance regression + (#34840). + +------------------------------------------------------------------- +Mon Sep 4 12:10:50 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.5 (CVE-2023-41164) + + Bugfixes + * Fixed a regression in Django 4.2 that caused an incorrect + validation of CheckConstraints on __isnull lookups against + JSONField + * Fixed a bug in Django 4.2 where the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings were not + synced with STORAGES + * Fixed a regression in Django 4.2.2 that caused an unnecessary + selection of a non-nullable ManyToManyField without a natural + key during serialization + * Fixed a regression in Django 4.2 that caused a crash of a + queryset when filtering against deeply nested OuterRef() + annotations + +------------------------------------------------------------------- +Wed Aug 2 07:35:04 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.4 + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing window + functions + * Fixed a regression in Django 4.2 that caused a crash when + grouping by a reference in a subquery + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping by multi-valued annotations to + group against the wrong columns + +------------------------------------------------------------------- +Tue Jul 18 12:50:29 UTC 2023 - Markéta Machová + +- Add upstream sanitize_address.patch + * fixes build with yet another CPython upstream fix (bsc#1210638) + +------------------------------------------------------------------- +Mon Jul 10 09:28:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.3 (bsc#1212742, CVE-2023-36053) + + CVE-2023-36053: Potential regular expression denial of service + vulnerability in EmailValidator/URLValidator + + Bugfixes + * Fixed a regression in Django 4.2 that caused incorrect alignment + of timezone warnings for DateField and TimeField in the admin + * Fixed a regression in Django 4.2 that caused incorrect + highlighting of rows in the admin changelist view when + ModelAdmin.list_editable contained a BooleanField + +------------------------------------------------------------------- +Fri Jun 9 11:41:19 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Tue Jun 6 06:35:28 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.2 + + Bugfixes + * Fixed a regression in Django 4.2 that caused an unnecessary + DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None + lookups for TextField()/BinaryField() on Oracle + * Restored, following a regression in Django 4.2, get_prep_value() + call in JSONField subclasses + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when passing a ManyToManyField or + GenericForeignKey reference. While doing so is a no-op, it was + allowed in older version + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.only() when passing a reverse OneToOneField reference + * Fixed a bug in Django 4.2 where makemigrations --update didn’t + respect the --name option + * Fixed a performance regression in Django 4.2 when compiling + queries without ordering + * Fixed a regression in Django 4.2 where nonexistent stylesheet + was linked on a “Congratulations!” page + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with expressions referencing other + aggregates + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing subqueries + * Fixed a regression in Django 4.2 that caused a crash of + querysets on SQLite when filtering on DecimalField against + values outside of the defined range + * Fixed a regression in Django 4.2 that caused a serialization + crash on a ManyToManyField without a natural key when its + Manager’s base QuerySet used select_related() + +------------------------------------------------------------------- +Thu May 4 07:02:58 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.1 + + CVE-2023-31047: Potential bypass of validation when uploading + multiple files using one form field (bsc#1210866) + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when deferring fields by attribute names + * Fixed a regression in Django 4.2 that caused a crash of + SearchVector function with % characters + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping to group against the wrong + columns + * Reallowed, following a regression in Django 4.2, setting the + "cursor_factory" option in OPTIONS on PostgreSQL + * Enforced UTF-8 client encoding on PostgreSQL, following a + regression in Django 4.2 + * Fixed a regression in Django 4.2 where i18n_patterns() didn’t + respect the prefix_default_language argument when a fallback + language of the default language was used + * Fixed a regression in Django 4.2 where translated URLs of the + default language from i18n_patterns() with + prefix_default_language set to False raised 404 errors for a + request with a different language + * Fixed a regression in Django 4.2 where creating copies and deep + copies of HttpRequest, HttpResponse, and their subclasses didn’t + always work correctly + * Fixed a regression in Django 4.2 where timesince and timeuntil + template filters returned incorrect results for a datetime with + a non-UTC timezone when a time difference is less than 1 day + * Fixed a regression in Django 4.2 that caused a crash of + SearchHeadline function with psycopg 3 + * Fixed a regression in Django 4.2 that caused incorrect + ClearableFileInput margins in the admin + * Fixed a regression in Django 4.2 where breadcrumbs didn’t appear + on admin site app index views + * Made squashing migrations reduce AddIndex, RemoveIndex, + RenameIndex, and CreateModel operations which allows removing a + deprecated Meta.index_together option from historical migrations + and use Meta.indexes instead + +------------------------------------------------------------------- +Thu Apr 6 06:38:13 UTC 2023 - David Anes + +- Update minimal dependency versions. + +------------------------------------------------------------------- +Tue Apr 4 07:19:56 UTC 2023 - David Anes + +- Update to 4.2: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.2/releases/4.2/ + + Psycopg 3 support + + Comments on columns and tables + + Mitigation for the BREACH attack + + In-memory file storage + + Custom file storages + + For backwards incompatible changes in 4.2 see + https://docs.djangoproject.com/en/4.2/releases/4.2/#backwards-incompatible-changes-in-4-2 + +- Update of keyring file + +------------------------------------------------------------------- +Tue Feb 14 09:59:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.7: + + CVE-2023-24580: Potential denial-of-service vulnerability in file + uploads (bsc#1208082) + + Fixed a bug in Django 4.1 that caused a crash of model validation + on ValidationError with no code + +------------------------------------------------------------------- +Wed Feb 1 12:48:49 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.6: + + CVE-2023-23969: Potential denial-of-service via Accept-Language + headers Bugfixes + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint with ordered expressions + +------------------------------------------------------------------- +Mon Jan 2 19:07:30 UTC 2023 - David Anes + +- Update to 4.1.5: + + Fixed a long standing bug in the __len lookup for ArrayField + that caused a crash of model validation on Meta.constraints. +- Update keyring file. + +------------------------------------------------------------------- +Wed Dec 21 09:39:56 UTC 2022 - Daniel Garcia + +- Recommends python-pymemcache instead of the deprecated + python-python-memcached. This is the module used in Django since 3.2 + https://docs.djangoproject.com/en/3.2/releases/3.2/#pymemcache-support + +------------------------------------------------------------------- +Tue Dec 6 13:30:53 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.4 + + Fixed a regression in Django 4.1 that caused an unnecessary table + rebuild when adding a ManyToManyField on SQLite + + Fixed a bug in Django 4.1 that caused a crash of the sitemap index + view with an empty Sitemap.items() and a callable lastmod + + Fixed a bug in Django 4.1 that caused a crash using acreate(), + aget_or_create(), and aupdate_or_create() asynchronous methods of + related managers + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() with "pk" in unique_fields + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() on fields with db_column + +------------------------------------------------------------------- +Wed Nov 2 15:50:11 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.3 + + Fixed a bug in Django 4.1 that caused non-Python files created by + startproject and startapp management commands from custom + templates to be incorrectly formatted using the black command + +------------------------------------------------------------------- +Tue Oct 4 08:22:42 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.2 (bsc#1203793, CVE-2022-41323) + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when adding a model with ExclusionConstraint + + Fixed a regression in Django 4.1 that caused aggregation over a + queryset that contained an Exists annotation to crash due to too + many selected columns + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint on NULL values + + Fixed a regression in Django 4.1 that caused a + QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg() + + Fixed a bug in Django 4.1 that caused + ModelAdmin.autocomplete_fields to be incorrectly selected after + adding/changing related instances via popups + + Fixed a regression in Django 4.1 where the app registry was not + populated when running parallel tests with the multiprocessing + start method spawn + + Fixed a regression in Django 4.1 where the --debug-mode argument + to test did not work when running parallel tests with the + multiprocessing start method spawn + + Fixed a regression in Django 4.1 that didn’t alter a sequence type + when altering type of pre-Django 4.1 serial columns on PostgreSQL + + Fixed a regression in Django 4.1 that caused a crash for View + subclasses with asynchronous handlers when handling non-allowed + HTTP methods + + Reverted caching related managers for ForeignKey, ManyToManyField, + and GenericRelation that caused the incorrect refreshing of + related objects + + Relaxed the system check added in Django 4.1 for the same name + used for multiple template tag modules to a warning + +------------------------------------------------------------------- +Mon Sep 5 11:14:19 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.1 + + Reallowed, following a regression in Django 4.1, using GeoIP2() + when GEOS is not installed + + Fixed a regression in Django 4.1 that caused a crash of admin’s + autocomplete widgets when translations are deactivated + + Fixed a regression in Django 4.1 that caused a crash of the test + management command when running in parallel and multiprocessing + start method is spawn + + Fixed a regression in Django 4.1 that caused an incorrect + redirection to the admin changelist view when using "Save and + continue editing" and "Save and add another" options + + Fixed a regression in Django 4.1 that caused a crash of Window + expressions with ArrayAgg + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite 3.35.5+ when removing an indexed field + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint() with field names in expressions + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint() with range fields on PostgreSQL + + Fixed a regression in Django 4.1 that caused an incorrect + migration when adding AutoField, BigAutoField, or SmallAutoField + on PostgreSQL + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when altering AutoField, BigAutoField, or + SmallAutoField to OneToOneField + + Fixed a migration crash on ManyToManyField fields with through + referencing models in different apps + + Fixed a regression in Django 4.1 that caused an incorrect + migration when renaming a model with ManyToManyField and db_table + + Reallowed, following a regression in Django 4.1, creating reverse + foreign key managers on unsaved instances + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite < 3.20 + + Fixed a regression in Django 4.1 that caused an admin crash when + the admindocs app was used +- Remove 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch + (already upstream) +- Verify the tarball with gpg + +------------------------------------------------------------------- +Wed Aug 3 13:20:52 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.1/releases/4.1/ + + Django 4.1 supports Python 3.8, 3.9, and 3.10 + + Asynchronous handlers for class-based views + + Asynchronous ORM interface + + Validation of Constraints + + Form rendering accessibility + + CSRF_COOKIE_MASKED setting +- Drop fix_test_custom_fields_SQLite.patch (already merged) +- Add 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch to fix + test + +------------------------------------------------------------------- +Wed Aug 3 11:48:48 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.7 (CVE-2022-36359, bsc#1201923): + + Django 4.0.7 fixes a security issue with severity “high” in 4.0.6. + +------------------------------------------------------------------- +Tue Jul 5 08:04:12 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.6 + + CVE-2022-34265: Potential SQL injection via Trunc(kind) and + Extract(lookup_name) arguments + +------------------------------------------------------------------- +Thu Jun 2 07:34:17 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.5 + + Fixed a bug in Django 4.0 where not all OPTIONS were passed to a + Redis client + + Fixed a bug in Django 4.0 that caused a crash of QuerySet.filter() + on IsNull() expressions + + Fixed a bug in Django 4.0 where a hidden quick filter toolbar in + the admin’s navigation sidebar was focusable + +------------------------------------------------------------------- +Mon Apr 11 14:21:09 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.4 + + CVE-2022-28346: Potential SQL injection in "QuerySet.annotate()", + "aggregate()", and "extra()" + + CVE-2022-28347: Potential SQL injection via + "QuerySet.explain(**options)" on PostgreSQL + +------------------------------------------------------------------- +Tue Mar 1 10:49:51 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.3 + + Prevented, following a regression in Django 4.0.1, makemigrations + from generating infinite migrations for a model with + ManyToManyField to a lowercased swappable model such as + 'auth.user' + + Fixed a regression in Django 4.0 that caused a crash when + rendering invalid inlines with readonly_fields in the admin + +------------------------------------------------------------------- +Tue Feb 1 10:15:38 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.2 (CVE-2022-22818, bsc#1195086) (CVE-2022-23833, bsc#1195088) + + CVE-2022-22818: Possible XSS via {% debug %} template tag + + CVE-2022-23833: Denial-of-service possibility in file uploads + + Fixed a bug in Django 4.0 where + TestCase.captureOnCommitCallbacks() could execute callbacks + multiple times + + Fixed a regression in Django 4.0 where help_text was HTML-escaped + in automatically-generated forms + + Fixed a regression in Django 4.0 that caused displaying an + incorrect name for class-based views on the technical 404 debug + page + + Fixed a regression in Django 4.0 that caused an incorrect repr of + ResolverMatch for class-based views + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations on models without Meta.order_with_respect_to but + with a field named _order + + Fixed a regression in Django 4.0 that caused incorrect + ModelAdmin.radio_fields layout in the admin + + Fixed a duplicate operation regression in Django 4.0 that caused a + migration crash when altering a primary key type for a concrete + parent model referenced by a foreign key + + Fixed a bug in Django 4.0 that caused a crash of + QuerySet.aggregate() after annotate() on an aggregate function + with a default + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations when renaming a field of a renamed model + +------------------------------------------------------------------- +Wed Jan 12 14:16:23 UTC 2022 - Matej Cepl + +- Add fix_test_custom_fields_SQLite.patch fixing issues with + modern SQLite (gh#django/django#15168). + +------------------------------------------------------------------- +Mon Jan 10 09:27:36 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.1 (CVE-2021-45115, CVE-2021-45452, bsc#1194117) + + CVE-2021-45115: Denial-of-service possibility in + UserAttributeSimilarityValidator + + CVE-2021-45452: Potential directory-traversal via Storage.save() + + Fixed a regression in Django 4.0 that caused a crash of + assertFormsetError() on a formset named form + + Fixed a bug in Django 4.0 that caused a crash on booleans with the + RedisCache backend + + Relaxed the check added in Django 4.0 to reallow use of a + duck-typed HttpRequest in + django.views.decorators.cache.cache_control() and never_cache() + decorators + + Fixed a regression in Django 4.0 that caused creating bogus + migrations for models that reference swappable models such as + auth.User + + Fixed a long standing bug in Geometry Collections and Polygon that + caused a crash on some platforms (reported on macOS based on the + ARM64 architecture) + +------------------------------------------------------------------- +Mon Dec 27 12:11:09 UTC 2021 - Ben Greiner + +- Fix u-a scriptlet dependency. +- Remove python36 conditional on numpy dep. + +------------------------------------------------------------------- +Fri Dec 24 02:26:37 UTC 2021 - John Vandenberg + +- Avoid dependency on backports.zoneinfo except on Python 3.8 + +------------------------------------------------------------------- +Mon Dec 20 10:37:10 UTC 2021 - Matej Cepl + +- Clean up PYTHONPATH to make test_extra_tests_build_suite pass. + +------------------------------------------------------------------- +Tue Dec 7 14:09:24 UTC 2021 - Alberto Planas Dominguez + +- Update to 4.0 + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.0/releases/4.0/. + - Django 4.0 supports Python 3.8, 3.9, and 3.10. We highly + recommend and only officially support the latest release of + each series. + The Django 3.2.x series is the last to support Python 3.6 and + 3.7. + - The Python standard library’s zoneinfo is now the default + timezone implementation in Django. This is the next step in + the migration from using pytz to using zoneinfo. Django 3.2 + allowed the use of non-pytz time zones. Django 4.0 makes + zoneinfo the default implementation. Support for pytz is now + deprecated and will be removed in Django 5.0. + - The new *expressions positional argument of + UniqueConstraint() enables creating functional unique + constraints on expressions and database functions. + - The new scrypt password hasher is more secure and recommended + over PBKDF2. However, it’s not the default as it requires + OpenSSL 1.1+ and more memory. + - Redis cache backend + - Template based form rendering. Forms, Formsets, and ErrorList + are now rendered using the template engine to enhance + customization. + +------------------------------------------------------------------- +Tue Nov 2 12:45:45 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.9 + + Fixed a bug in Django 3.2 that caused a migration crash on SQLite + when altering a field with a functional index + +------------------------------------------------------------------- +Tue Oct 5 14:25:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.8 + + Fixed a bug in Django 3.2 that caused incorrect links on read-only + fields in the admin + + Fixed a regression in Django 3.2 that caused incorrect selection + of items across all pages when actions were placed both on the top + and bottom of the admin change-list view +- Drop failing_test_subparser_invalid_option.patch, as is already in + the upstream code. + +------------------------------------------------------------------- +Thu Sep 9 15:21:45 UTC 2021 - Matej Cepl + +- Add failing_test_subparser_invalid_option.patch fixing + https://code.djangoproject.com/ticket/33082 + +------------------------------------------------------------------- +Wed Sep 1 10:13:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.7 + + Fixed a regression in Django 3.2 that caused the incorrect offset + extraction from fixed offset timezones + +------------------------------------------------------------------- +Mon Aug 16 08:27:28 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.6 + + Fixed a regression in Django 3.2 that caused a crash validating + "NaN" input with a forms.DecimalField when additional constraints, + e.g. max_value, were specified + + Fixed a bug in Django 3.2 where a system check would crash on a + model with a reverse many-to-many relation inherited from a parent + class + +------------------------------------------------------------------- +Thu Jul 1 07:50:35 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.5 (CVE-2021-35042, bsc#1187785) + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values_list(..., named=True) after prefetch_related() + + Fixed a bug in Django 3.2 that caused a migration crash on MySQL + 8.0.13+ when altering BinaryField, JSONField, or TextField to + non-nullable + + Fixed a regression in Django 3.2 that caused a migration crash on + MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or + TextField with a default value + + Fixed a bug in Django 3.2 where a system check would crash on a + model with an invalid app_label + +------------------------------------------------------------------- +Wed Jun 2 10:45:01 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571) + + CVE-2021-33203: Potential directory traversal via admindocs + + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks + since validators accepted leading zeros in IPv4 addresses + + Fixed a bug in Django 3.2 where a final catch-all view in the + admin didn’t respect the server-provided value of SCRIPT_NAME when + redirecting unauthenticated users to the login page + + Fixed a bug in Django 3.2 where a system check would crash on an + abstract model + + Prevented unnecessary initialization of unused caches following a + regression in Django 3.2 + + Fixed a crash in Django 3.2 that could occur when running mod_wsgi + with the recommended settings while the Windows colorama library + was installed + + Fixed a bug in Django 3.2 that would trigger the auto-reloader for + template changes when directory paths were specified with strings + + Fixed a regression in Django 3.2 that caused a crash of + auto-reloader with AttributeError, e.g. inside a Conda environment + + Fixed a regression in Django 3.2 that caused a loss of precision + for operations with DecimalField on MySQL + +------------------------------------------------------------------- +Mon May 17 07:37:47 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.3 + + Prepared for mysqlclient > 2.0.3 support + + Fixed a regression in Django 3.2 that caused the incorrect + filtering of querysets combined with the | operator + + Fixed a regression in Django 3.2.1 where saving FileField would + raise a SuspiciousFileOperation even when a custom upload_to + returns a valid file path + +------------------------------------------------------------------- +Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.2 (CVE-2021-32052) + + CVE-2021-32052: Header injection possibility since URLValidator + accepted newlines in input on Python 3.9.5+ + + Prevented, following a regression in Django 3.2.1, makemigrations + from generating infinite migrations for a model with Meta.ordering + contained OrderBy expressions + +------------------------------------------------------------------- +Wed May 5 17:25:18 UTC 2021 - Ben Greiner + +- Keep rpm runtime requirements in sync. Downstream packages often + read the egg-info and fail if they are not fulfilled. + +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + +------------------------------------------------------------------- +Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Automatic ~django.apps.AppConfig discovery + + Customizing type of auto-created primary keys + + Functional indexes + + pymemcache support + + New decorators for the admin site + + For a complete description of new features check: + https://github.com/django/django/blob/main/docs/releases/3.2.txt +- Update PYTHOPATH to include the local tests +- Drop i18n_test.patch, i18n_test_extraction.patch, + test_clear_site_cache-sort.patch + +------------------------------------------------------------------- +Sat Feb 13 22:41:42 UTC 2021 - Ben Greiner + +- Don't install python36-numpy for testing. It is no longer + available. (The tests or portions of tests requiring numpy + are skipped automatically in this case.) +- Let the singlespec macro do its job to set the primary provider + for python3-django and python3-South on the primary flavor only. +- Fix mtime of cache file by recompiling. + +------------------------------------------------------------------- +Wed Dec 9 12:16:46 UTC 2020 - Ondřej Súkup + +- Update to 3.1.4 + * Fixed setting the Content-Length HTTP header in AsyncRequestFactory + * Fixed passing extra HTTP headers to AsyncRequestFactory request methods + * Fixed crash of key transforms for JSONField on PostgreSQL when usingi + on a Subquery() annotation + * Fixed a regression in Django 3.1 that caused the incorrect grouping + by a Q object annotation + * Fixed a regression in Django 3.1 that caused suppressing connection errors + when JSONField is used on SQLite + * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained + key transforms for JSONField returning non-string primitive values + +------------------------------------------------------------------- +Mon Nov 2 15:03:13 UTC 2020 - Ondřej Súkup + +- Update to 3.1.3 + * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin + changelist search bar + * Fixed a regression in Django 3.1.2 that caused the incorrect width of the + admin changelist search bar on a filtered page + * Fixed displaying Unicode characters in forms.JSONField and read-only + models.JSONField values in the admin + * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg + with ordering on key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using + key transforms for JSONField in the lookup value + * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with + key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL + when adding an ExclusionConstraint with key transforms for JSONField in expressions + * Fixed a regression in Django 3.1 where ProtectedError.protected_objects + and RestrictedError.restricted_objects attributes returned iterators instead + of set of objects + * Fixed a regression in Django 3.1.2 that caused incorrect form input layout + on small screens in the admin change form view + * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens + * Added support for asgiref 3.3 + * Fixed a regression in Django 3.1 that caused incorrect textarea layout + on medium-sized screens in the admin change form view with the sidebar open + * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases + in the GROUP BY clause + * Fixed a bug in Django 3.1 where FileField instances with a callable storage were + not correctly deconstructed + * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned + incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with + Meta.ordering. A model’s Meta.ordering doesn’t affect such queries + * Fixed a regression in Django 3.1 where a queryset would crash if it contained + an aggregation and a Q object annotation + * Fixed a bug in Django 3.1 where a test database was not synced during creation + when using the MIGRATE test database setting + * Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a GenericRelation + * Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar + would not scroll for a long list of available filters + +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + +------------------------------------------------------------------- +Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg + +- Require asgiref >= 3.2.10 per upstream + +------------------------------------------------------------------- +Tue Aug 11 07:48:29 UTC 2020 - Alberto Planas Dominguez + +- Update to 3.1 + * Asynchronous views and middleware support + * JSONField for all supported database backends + * DEFAULT_HASHING_ALGORITHM settings¶ + * Read https://docs.djangoproject.com/en/3.1/releases/3.1/ +- Drop fix-selenium-test.patch. Already upstream. +- Add i18n_test_extraction.patch to support xgettext 0.21 + +------------------------------------------------------------------- +Thu Aug 6 11:36:36 UTC 2020 - Ondřej Súkup + +- update to 3.0.9 + * Allowed setting the SameSite cookie flag in HttpResponse.delete_cookie() + * Fixed crash when sending emails to addresses with display names longer than + 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+ + +------------------------------------------------------------------- +Wed Jul 8 11:52:27 UTC 2020 - Ondřej Súkup + +- update to 3.0.8 + * Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings + raised by cache key validation + * Fixed a regression in Django 3.0.7 that caused a queryset crash + when grouping by a many-to-one relationship + * Reallowed, following a regression in Django 3.0, non-expressions having + a filterable attribute to be used as the right-hand side in queryset filters + * Fixed a regression in Django 3.0.2 that caused a migration crash + on PostgreSQL when adding a foreign key to a model with a namespaced db_table + * Added compatibility for cx_Oracle 8 + +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + +------------------------------------------------------------------- +Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal + +- Add patch to fix the 32bit build: + * 32bit.patch + +------------------------------------------------------------------- +Thu Apr 23 16:58:12 UTC 2020 - Marcus Rueckert + +- Update to 3.0.5 + https://docs.djangoproject.com/en/3.0/releases/3.0.5/ + https://docs.djangoproject.com/en/3.0/releases/3.0.4/ + https://docs.djangoproject.com/en/3.0/releases/3.0.3/ + https://docs.djangoproject.com/en/3.0/releases/3.0.2/ + https://docs.djangoproject.com/en/3.0/releases/3.0.1/ + https://docs.djangoproject.com/en/3.0/releases/3.0/ +- new dependency: python-asgiref + +------------------------------------------------------------------- +Fri Apr 3 06:55:41 UTC 2020 - Tomáš Chvátal + +- Update to 2.2.12: + * Added the ability to handle .po files containing different plural + equations for the same language (#30439). + +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + +------------------------------------------------------------------- +Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup + +- update to 2.2.10 +- drop pyyaml53.patch + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` + +------------------------------------------------------------------- +Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup + +- add pyyaml53.patch - fix tests with PyYAML 5.3 + +------------------------------------------------------------------- +Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup + +- Update to 2.2.9 + * CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447) + * Fixed a data loss possibility in SplitArrayField. + +------------------------------------------------------------------- +Mon Dec 2 09:45:57 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.8 + * CVE-2019-19118: Privilege escalation in the Django admin (boo#1157705) + * Fixed a data loss possibility in the admin changelist view when a + custom formset’s prefix contains regular expression special + characters, e.g. '$' + * Fixed a regression in Django 2.2.1 that caused a crash when + migrating permissions for proxy models with a multiple database + setup if the default entry was empty + * Fixed a data loss possibility in the select_for_update(). When + using 'self' in the of argument with multi-table inheritance, a + parent model was locked instead of the queryset’s model +- Add patch fix-selenium-test.patch to fix a test when selenium is + missing + +------------------------------------------------------------------- +Fri Nov 15 10:53:24 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.7: + * Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform (#30826). + * Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan (#30870). + * Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses (#30903). + * Restored the ability to override get_FOO_display() (#30931). + +------------------------------------------------------------------- +Fri Nov 15 07:49:06 UTC 2019 - Tomáš Chvátal + +- Require full python interpreter on build and runtime + +------------------------------------------------------------------- +Mon Oct 7 13:15:57 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.6: + * Fixed migrations crash on SQLite when altering a model + containing partial indexes (#30754). + * Fixed a regression in Django 2.2.4 that caused a crash when + filtering with a Subquery() annotation of a queryset containing + JSONField or HStoreField (#30769). + +------------------------------------------------------------------- +Mon Sep 16 10:13:08 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.5: + * Relaxed the system check added in Django 2.2 for models to reallow use of the same db_table by multiple models when database routers are installed (#30673). + * Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672). + * Fixed a regression in Django 2.2 where ModelAdmin.list_filter choices to foreign objects don’t respect a model’s Meta.ordering (#30449). + * Fixed a race condition in loading URLconf module that could cause a crash of auto-reloader on Python 3.5 and below (#30500). + +------------------------------------------------------------------- +Thu Aug 1 11:13:37 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.4: + * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 + bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880 + * Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628). + * Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647). + +------------------------------------------------------------------- +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- +Mon Jun 3 11:01:44 UTC 2019 - Ondřej Súkup + +- update to 2.2.2 + * Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468) + * Fixes CVE-2019-11358: Prototype pollution + +------------------------------------------------------------------- +Tue May 7 07:13:09 UTC 2019 - Tomáš Chvátal + +- Update keyring file + +------------------------------------------------------------------- +Mon May 6 14:11:22 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.1 + * Fixed a regression in Django 2.1 that caused the incorrect quoting + of database user password when using dbshell on Oracle (#30307). + * Added compatibility for psycopg2 2.8 (#30331). + * Fixed a regression in Django 2.2 that caused a crash when loading + the template for the technical 500 debug page (#30324). + * Fixed crash of ordering argument in ArrayAgg and StringAgg when it + contains an expression with params (#30332). + * Fixed a regression in Django 2.2 that caused a single instance + fast-delete to not set the primary key to None (#30330). + * Prevented makemigrations from generating infinite migrations for + check constraints and partial indexes when condition contains a + range object (#30350). Reverted an optimization in Django 2.2 + (#29725) that caused the inconsistent behavior of count() and + exists() on a reverse many-to-many relationship with a custom + manager (#30325). + * Fixed a regression in Django 2.2 where Paginator crashes if + object_list is a queryset ordered or aggregated over a nested + JSONField key transform (#30335). + * Fixed a regression in Django 2.2 where IntegerField validation of + database limits crashes if limit_value attribute in a custom + validator is callable (#30328). + * Fixed a regression in Django 2.2 where SearchVector generates SQL + that is not indexable (#30385). + * Fixed a regression in Django 2.2 that caused an exception to be + raised when a custom error handler could not be imported (#30318). + * Relaxed the system check added in Django 2.2 for the admin app’s + dependencies to reallow use of SessionMiddleware subclasses, + rather than requiring django.contrib.sessions to be in + INSTALLED_APPS (#30312). + * Increased the default timeout when using Watchman to 5 seconds to + prevent falling back to StatReloader on larger projects and made + it customizable via the DJANGO_WATCHMAN_TIMEOUT environment + variable (#30361). + * Fixed a regression in Django 2.2 that caused a crash when + migrating permissions for proxy models if the target permissions + already existed. For example, when a permission had been created + manually or a model had been migrated from concrete to proxy + (#30351). + * Fixed a regression in Django 2.2 that caused a crash of runserver + when URLConf modules raised exceptions (#30323). + * Fixed a regression in Django 2.2 where changes were not reliably + detected by auto-reloader when using StatReloader (#30323). + * Fixed a migration crash on Oracle and PostgreSQL when adding a + check constraint with a contains, startswith, or endswith lookup + (or their case-insensitive variant) (#30408). + * Fixed a migration crash on Oracle and SQLite when adding a check + constraint with condition contains | (OR) operator (#30412). + +------------------------------------------------------------------- +Wed Apr 10 07:55:46 UTC 2019 - John Vandenberg + +- Add test_clear_site_cache-sort.patch to workaround flaky test +- Add bcond_with for selenium and memcached, as those tests are inactive, + and add missing dependencies and setup for selenium testing +- Move removal of executable bit from a JavaScript file to %prep +- Fix fdupes + +------------------------------------------------------------------- +Wed Apr 3 11:21:56 UTC 2019 - Ondřej Súkup + +- update to 2.2 +- drop pyyaml5.patch +- add i18n_test.patch + * HttpRequest.headers to allow simple access to a request’s headers. + * Database-level constraints on models. + * Watchman compatibility for runserver to improve the performance + +------------------------------------------------------------------- +Sat Mar 23 16:31:46 UTC 2019 - Tomáš Chvátal + +- Add patch to build with PyYAML >5: + * pyyaml5.patch + +------------------------------------------------------------------- +Tue Feb 12 09:24:53 UTC 2019 - Thomas Bechtold + +- update to 2.1.7 (CVE-2019-6975, bsc#1124991): + * Corrected packaging error from 2.1.6 + * Memory exhaustion in django.utils.numberformat.format() + If django.utils.numberformat.format() – used by contrib.admin as well + as the the floatformat, filesizeformat, and intcomma templates + filters – received a Decimal with a large number of digits or a + large exponent, it could lead to significant memory usage + due to a call to '{:f}'.format(). + To avoid this, decimals with more than 200 digits are now formatted + using scientific notation. + * Made the obj argument of InlineModelAdmin.has_add_permission() optional + to restore backwards compatibility with third-party code that doesn’t + provide it + +------------------------------------------------------------------- +Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold + +- update to 2.1.5 (CVE-2019-3498, bsc#1120932): + * CVE-2019-3498: Content spoofing possibility in the default 404 page + * Fixed compatibility with mysqlclient 1.3.14 (#30013). + * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop + and rebuild your SQLite database if you applied a migration while using + an older version of Django with SQLite 3.26 or later (#29182). + * Prevented SQLite schema alterations while foreign key checks are enabled + to avoid the possibility of schema corruption (#30023). + * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) + where request body data isn’t properly consumed for such + connections (#30015). + * Fixed a regression in Django 2.1.4 where + InlineModelAdmin.has_change_permission() is incorrectly called with + a non-None obj argument during an object add (#30050). + +------------------------------------------------------------------- +Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup + +- Update to version 2.1.4 + * Corrected the default password list that CommonPasswordValidator uses + by lowercasing all passwords to match the format expected by the validator + * Prevented repetitive calls to geos_version_tuple() in the WKBWriter class in + an attempt to fix a random crash involving LooseVersion + * Fixed keep-alive support in runserver after it was disabled o 2.0 + * Fixed admin view-only change form crash when using ModelAdmin.prepopulated_fields + * Fixed “Please correct the errors below” error message when editing an object + in the admin if the user only has the “view” permission on inlines + * Fixed a regression in Django 2.0 where combining Q objects with __in lookups + and lists crashed + * Fixed a regression in Django 2.0 where test databases aren’t reused + with manage.py test --keepdb on MySQL + * Fixed a regression where cached foreign keys that use to_field were + incorrectly cleared in Model.save() + * Fixed a regression in Django 2.0 where FileSystemStorage crashes + with FileExistsError if concurrent saves try to create the same directory + +------------------------------------------------------------------- +Thu Oct 4 13:13:00 UTC 2018 - Alberto Planas Dominguez + +- Update to version 2.1.2 + * CVE-2018-16984: Password hash disclosure to “view only” admin + users + * Fixed a regression where nonexistent joins in F() no longer raised + FieldError (#29727). + * Fixed a regression where files starting with a tilde or underscore + weren’t ignored by the migrations loader (#29749). + * Made migrations detect changes to Meta.default_related_name + (#29755). + * Added compatibility for cx_Oracle 7 (#29759). + * Fixed a regression in Django 2.0 where unique index names weren’t + quoted (#29778). + * Fixed a regression where sliced queries with multiple columns with + the same name crashed on Oracle 12.1 (#29630). + * Fixed a crash when a user with the view (but not change) + permission made a POST request to an admin user change form + (#29809). + +------------------------------------------------------------------- +Tue Sep 18 13:17:15 CEST 2018 - Matěj Cepl + +- Switch of BR selenium for non-Intel platforms. + +------------------------------------------------------------------- +Tue Sep 4 12:24:15 UTC 2018 - Ondřej Súkup + +- update to version 2.1.1 +- drop django-urlencode.patch + * Fixed a race condition in QuerySet.update_or_create() that could result + in data loss + * Fixed a regression where QueryDict.urlencode() crashed if the dictionary + contains a non-string value + * Fixed a regression in Django 2.0 where using manage.py test --keepdb fails + on PostgreSQL if the database exists and the user doesn’t have permission + to create databases + * Fixed a regression in Django 2.0 where combining Q objects with __in + lookups and lists crashed + * Fixed translation failure of DurationField’s “overflow” error message + * Fixed a regression where the admin change form crashed if the user doesn’t + have the ‘add’ permission to a model that uses TabularInline + * Fixed a regression where a related_query_name reverse accessor wasn’t + set up when a GenericRelation is declared on an abstract base model + * Fixed the test client’s JSON serialization of a request data dictionary + for structured content type suffixes + * Made the admin change view redirect to the changelist view after a POST + if the user has the ‘view’ permission + * Fixed admin change view crash for view-only users if the form + has an extra form field + * Fixed a regression in Django 2.0.5 where QuerySet.values() or values_list() + after combining querysets with extra() with union(), difference(), + or intersection() crashed due to mismatching columns + +------------------------------------------------------------------- +Tue Aug 14 07:46:04 UTC 2018 - tchvatal@suse.com + +- Apply patch to fix urlencode nonstring values: + * django-urlencode.patch + +------------------------------------------------------------------- +Wed Aug 8 13:33:57 UTC 2018 - tchvatal@suse.com + +- Enable testsuite + +------------------------------------------------------------------- +Wed Aug 8 09:35:51 UTC 2018 - mimi.vx@gmail.com + +- update to version 2.1 +- move bash completion to right location +- for full chanfges please see https://docs.djangoproject.com/en/2.1/releases/2.1/ + * Dropped support for MySQL 5.5 + * Dropped support for PostgreSQL 9.3 + * Support for SpatiaLite 4.0 is removed + * Support for SQLite < 3.7.15 is removed. + +------------------------------------------------------------------- +Mon Jul 2 13:15:55 UTC 2018 - aplanas@suse.com + +- update to version 2.0.7: + * Fixed admin changelist crash when using a query expression without + asc() or desc() in the page’s ordering (#29428). + * Fixed admin check crash when using a query expression in + ModelAdmin.ordering (#29428). + * Fixed __regex and __iregex lookups with MySQL 8 (#29451). + * Fixed migrations crash with namespace packages on Python 3.7 + (#28814). +- update to version 2.0.6 + * Fixed a regression that broke custom template filters that use + decorators (#29400). + * Fixed detection of custom URL converters in included patterns + (#29415). + * Fixed a regression that added an unnecessary subquery to the GROUP + BY clause on MySQL when using a RawSQL annotation (#29416). + * Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS + 3.6.1+ (#29460). + * Fixed a regression in Django 1.10 that could result in large + memory usage when making edits using ModelAdmin.list_editable + (#28462). +- update to version 2.0.5 + * Corrected the import paths that inspectdb generates for + django.contrib.postgres fields (#29307). + * Fixed a regression in Django 1.11.8 where altering a field with a + unique constraint may drop and rebuild more foreign keys than + necessary (#29193). + * Fixed crashes in django.contrib.admindocs when a view is a + callable object, such as django.contrib.syndication.views.Feed + (#29296). + * Fixed a regression in Django 1.11.12 where QuerySet.values() or + values_list() after combining an annotated and unannotated + queryset with union(), difference(), or intersection() crashed due + to mismatching columns (#29286). + +------------------------------------------------------------------- +Sat Apr 7 19:21:18 UTC 2018 - tbechtold@suse.com + +- update to version 2.0.4: + * Fixed #29265 -- Removed the suggestion to hardcode static URLs. + * Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. + * Fixed #29195 -- Fixed Exists.output_field resolution on single-valued queries. + * Fixed links to Sphinx docs. + * Fixed typo in docs/releases/2.0.4.txt. + * Clarified docs about ISO 8601 week numbering. + * Fixed #29116 -- Fixed OpenLayersWidget deserialization ignoring the widget map's SRID. + * Added CVE-2018-7536,7 to the security release archive. + * Fixed #29221 -- Corrected admin's autocomplete widget to add a space after custom classes. + * Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets. + * Added a pagination example to ListView docs. + * Fixed #28514 -- Clarifed docs about idempotence of RelatedManager.add(). + * isorted import statements in tutorial example. + * Fixed #29192 -- Corrected docs regarding overriding fields from abstract base classes. + * Refs #11278 -- Clarified RelatedManager differences between reverse one-to-many and many-to-many relations. + * Added stub release notes for 1.11.12. + * Fixed #29165 -- Clarified how to load initial data with migrations. + * Fixed #29213 -- Fixed autocomplete widget's translations for zh-hans/zh-hant. + * Reverted "Expanded docs for AbstractBaseUser.has_usable_password()." + * Fixed typo in docs/releases/2.0.4/1.11.12.txt. + * Bumped version for 2.0.4 release. + * Fixed #29250 -- Added 'django_version' context to startapp/project docs. + * Added release date for 2.0.4 and 1.11.12. + * Post-release version bump. + * Clarified a sentence in docs/topics/i18n/translation.txt. + * Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection(). + * Added stub release notes for 2.0.4. + * Fixed a couple mistakes in docs/ref/forms/widgets.txt. + * Fixed #28655 -- Added more examples for customizing widgets in a form. + +------------------------------------------------------------------- +Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com + +- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537): + * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets. + * Added CVE-2018-6188 to the security release archive. + * Post-release version bump. + * Updated translations from Transifex + * Added stub release notes for security releases. + * Fixed incorrect regex in re_path() example. + * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. + * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. + * Used a CSS positioning in tutorial 6 that doesn't differ across browsers. + * Fixed typo in bulk_create() documentation. + * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. + * Removed blank lines per isort 4.3.0. + * Added stub release notes for 2.0.3. + * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. + * Fixed #29172 -- Fixed crash with Window expression in a subquery. + * Fixed #29166 -- Fixed crash in When() expression with a list argument. + * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. + * Improved clarity of docs/topics/install.txt. + * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value. + * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. + * Bumped version for 2.0.3 release. + * Corrected doc'd type of some parameters from string to str. + * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. + * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. + * Switched test requirement to new psycopg2-binary package. + * Added backticks around obj argument in admin docs. + * Fixed typo in docs/topics/forms/media.txt. + * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. + * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). + +------------------------------------------------------------------- +Wed Feb 7 13:54:36 UTC 2018 - tbechtold@suse.com + +- update to 2.0.2 (bsc#1077714, CVE-2018-6188): + * Fixed #28883 -- Doc'd that the uuid URL path converter matches lowercase only letters. + * Fixed a GeoIP2 test failure with the latest GeoIP2 database. + * Added stub release notes for 2.0.1. + * Bumped version for 2.0.2 release. + * Fixed location of spatialite_source label. + * Fixed #28958 -- Fixed admin changelist crash when using a query expression in the page's ordering. + * Fixed #28231 -- Doc'd that QuerySet.bulk_create() casts objs to a list. + * Fixed #29032 -- Fixed an example of using expressions in QuerySet.values(). + * Disambiguated "settings" in SpatiaLite note. + * Fixed typo in docs/topics/testing/advanced.txt. + * Post-release version bump. + * Refs #25604 -- Removed docs for makemigrations --exit. + * Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled. + * Fixed typo in TemplateCommand argument help text. + * Added stub release notes for 1.11.9. + * Fixed #28915 -- Prevented SQLite from truncating trailing zeros in the fractional part of DecimalField. + * Refs #29086 -- Doc'd how to detect bytestring mistakes. + * Fixed #28886 -- Updated prefix for example django.contrib.auth.urls URLs. + * Fixed #29081 -- Clarified comments in QuerySet.select_related() example. + * Refs #27985 -- Reallowed using __exact=None as an alias for __isnull=True if a custom lookup class with lookup_name != None is registered as the exact lookup. + * Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table. + * Removed 'development' word in contributing docs + * Fixed #29055 -- Doc'd that escapejs doesn't make template literals safe. + * Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion. + * Fixed grammar in docs/releases/2.0.txt. + * Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does. + * Fixed #28944 -- Fixed crash when chaining values()/values_list() after QuerySet.select_for_update(of=()). + * Fixed #29091 -- Fixed makemigrations crash if migrations directory doesn't have __init__.py. + * Fixed #28898 -- Corrected admin check to allow a OneToOneField in ModelAdmin.autocomplete_fields. + * Fixed #28896 -- Reallowed filtering a queryset with GeometryField=None. + * Fixed #28891 -- Documented Origin's loader attribute. + * Confirmed support for PostGIS 2.4. + * Wrapped an import per isort. + * Added release date for 2.0.1 and 1.11.9. + * Fixed #28884 -- Fixed crash on SQLite when renaming a field in a model referenced by a ManyToManyField. + * Fixed "template tag" spelling in docs. + * Fixed #28947 -- Fixed crash when coercing a translatable URL pattern to str. + * Fixed typo in docs/topics/i18n/translation.txt. + * Refs #28932 -- Skipped the failing test for refs #28915 on Oracle. + * Refs #25181 -- Updated timezone.now() docs about obtaining the time in the current time zone. + * Updated documented mysqlclient requirement to 1.3.7. + * Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages. + * Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. + * Fixed #29067 -- Fixed regression in QuerySet.values_list(..., flat=True) followed by annotate(). + * Removed note in tutorial about bypassing manage.py. + * Fixed #28929 -- Corrected QUnit examples. + * Refs #28958 -- Added a test for ModelAdmin with query expressions in ordering. + * Updated various links in docs to use HTTPS. + * Expanded docs for AbstractBaseUser.has_usable_password(). + * Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073. + * Doc'd specifying the ENGINE setting as part of configuring contrib.gis. + * Added stub release notes for 1.11.10. + * Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase. + * Fixed #28784 -- Clarified how migrate --fake works. + * Fixed typo in docs/ref/models/expressions.txt. + * Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields. + * Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table. + * Bumped version for 2.0.1 release. + * Fixed #25277 -- Restored test dependency to the original python-memcached. + * Fixed #28761 -- Documented how an inline formset's prefix works. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Fixed #28966 -- Doc'd that the uuid URL path converter requires dashes + * Fixed #29054 -- Fixed a regression where a queryset that annotates with geometry objects crashes. + * Reverted "[1.11.x] Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI." + * Added "Python 3 Only" trove classifier. + * Fixed #28941 -- Fixed crash in testserver command startup. + * Fixed import in docs/ref/models/conditional-expressions.txt example. + * Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. + * Fixed #28594 -- Removed Jython docs and specific code + * Renamed the "Supported versions" label. + * Fixed #28878 -- Added python_requires in setup.py and a warning for older pips that don't recognize it. + * Fixed typo in docs/ref/contrib/admin/index.txt. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Added stub release notes for 2.0.2. + * Fixed #28938 -- Corrected Python compatibility in the tutorial. + * Fixed #28890 -- Removed newlines between MultiWidget's subwidgets. + +------------------------------------------------------------------- +Tue Dec 12 21:12:18 UTC 2017 - mimi.vx@gmail.com + +- update to 2.0 + * drop python 2 support + * Simplified URL routing syntax + * Mobile-friendly contrib.admin + * Window expressions + * Removed support for bytestrings in some places + * Dropped support for Oracle 11.2 +- Please read Release Notes - https://docs.djangoproject.com/en/2.0/releases/2.0/ + +------------------------------------------------------------------- +Tue Dec 12 05:16:57 UTC 2017 - tbechtold@suse.com + +- update to 1.11.8: + * Fixed #28488 -- Reallowed error handlers to access CSRF tokens. + * Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey + pointing to a MTI model. + * Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary + key in an Index's fields. + * Added stub release notes for 1.11.7. + * Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint" + crash on MySQL with a sequence of AlterField or RenameField operations. + * Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef. + * Added assertion helpers for PostgreSQL's server-side cursor tests. + * Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs. + * Fixed #28786 -- Doc'd middleware ordering considerations due to + CommonMiddleware setting Content-Length. + * Added release date for 1.11.8. + * Fixed #28702 -- Made query lookups for CIText fields use citext. + * Added 2017-12794 to the security release archive. + * Fixed typo in docs/topics/cache.txt. + * Bumped version for 1.11.6 release. + * Added release date for 1.11.6. + * Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt. + * Bumped version for 1.11.7 release. + * Added stub release notes for 1.11.8. + * Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered + subquery that uses nulls_first/nulls_last. + * Fixed typo in docs/topics/db/aggregation.txt. + * Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt. + * Fixed typo in docs/topics/forms/media.txt. + * Bumped version for 1.11.8 release. + * Fixed typo in docs/ref/models/querysets.txt. + * Fixed test failures due to ordering differences on PostgreSQL 10. + * Fixed #28710 -- Fixed the Basque DATE_FORMAT string + * Added stub release notes for 1.11.6. + * Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. + * Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after + values() and values_list(). + * Post-release version bump. + * Fixed #28792 -- Fixed index name truncation of namespaced tables. + * Fixed #28781 -- Added QuerySet.values()/values_list() support for union(), + difference(), and intersection(). + * Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last. + * Refs #28710 -- Simplified l10n format test + * Initialized CsrfViewMiddleware once in csrf_tests. + * Added release date for 1.11.7. + * Linked to prefetch_related_objects func in DB optimization docs. + * Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user + error when using ModelBackend. + * Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs. + * Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins. + * Fixed #28555 -- Made CharField convert whitespace-only values to the + empty_value when strip is enabled. + * Fixed #28601 -- Prevented cache.get_or_set() from caching None if default + is a callable that returns None. + +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + +------------------------------------------------------------------- +Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com + +- update to version 1.11.4: + * Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3. + * Fixed #27956 -- Fixed display of errors in an {% extends %} child. + * Updated various links in docs to avoid redirects + * Fixed typo in docs/topics/auth/default.txt. + * Double quoted HTML attributes in widget docs + * Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template. + * Added stub release notes for 1.11.3. + * Documented OSMWidget.default_lat/lon. + * Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field. + * Bumped version for 1.11.4 release. + * Bumped version for 1.11.3 release. + * Updated translations from Transifex + * Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets(). + * Fixed #28242 -- Moved ImageField file extension validation to the form field. + * Made docs/topics/migrations.txt use single quotes consistently. + * Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2. + * Updated name of topics/db/queries link on index. + * Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt. + * Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state. + * Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. + * Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test. + * Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs. + * Fixed typo in docs/topics/testing/advanced.txt. + * Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context. + * Refs #18974 -- Added stacklevel for permalink() deprecation. + * Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field. + * Fixed #28051 -- Made migrations respect Index's name argument. + * Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous. + * Added release date for 1.11.4. + * Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path. + * Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__(). + * Fixed #28148 -- Doc'd ImageField name validation concerns with the test client. + * Added stub release notes for 1.11.2. + * Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+. + * Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor. + * Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt. + * Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms. + * Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible(). + * Fixed docstring typo in django/contrib/admin/actions.py. + * Fixed #28102 -- Doc'd how to compute path to built-in widget template directories. + * Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples. + * Fixed #28181 -- Added detection for GDAL 2.1 and 2.0. + * Refs #23853 -- Updated sql.query.Query.join() docstring. + * Added a test for Model._meta._property_names. + * Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg. + * Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept. + * Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis. + * Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget. + * Added content_type filtering in Permission querying example. + * Corrected FileExtensionValidator doc regarding the value being validated. + * Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash. + * Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. + * Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices. + * Post-release version bump. + * Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False. + * Refs #28192 -- Fixed documentation of ChoiceField choices requirement + * Fixed #27966 -- Bumped required psycopg2 version to 2.5.4. + * Linked GIS QuerySet API docs to corresponding PostGIS docs. + * Fixed #27974 -- Kept resolved templates constant during one rendering cycle. + * Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations + * Fixed typo in docs/ref/request-response.txt. + * Fixed #27963 -- Removed unneeded docstring example in contributing docs. + * Added stub release notes for security releases. + * Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS. + * Fixed typo in docs/ref/forms/fields.txt. + * Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). + * Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount. + * Fixed broken links to Oracle docs. + * Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches. + * Added links and cosmetic edits to docs/ref/request-response.txt. + * Added stub release notes for 1.11.1. + * Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page. + * Removed incorrect "required" attribute in docs/ref/forms/fields.txt. + * Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context. + * Refs #24423 -- Readded inadvertently deleted i18n tests. + * Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939). + * Corrected post-release version bump. + * Made runtests.py run gis_tests only when using a GIS database backend. + * Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool. + * Fixed broken link to QUnit docs. + * Removed MySQL (unsupported) from Perimeter docs. + * Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt. + * Fixed #28139 -- Added another level of headings in the topics index. + * Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like. + * Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed. + * Updated man page for Django 1.11. + * Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt. + * Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST. + * Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. + * Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS. + * Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. + * Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering. + * Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor. + * Tested EmailMessage(attachments=[MIMEText]) + * Clarified return value of NumGeometries GIS function. + * Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL. + * Fixed #28058 -- Restored empty BoundFields evaluating to True. + * Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt. + * Added CVE-2017-7233,4 to the security release archive. + * Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII. + * Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters. + * Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet. + * Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults. + * Refs #27556, #27488 -- Updated support backends docs for isvalid lookup. + * Fixed nondeterministic ordering test failure in model_forms. + * Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__(). + * Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758. + * Made a few cosmetic updates to "Migrations that add unique fields". + * Bumped version for 1.11 release. + * Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory. + * Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input. + * Fixed #27949 -- Doc'd how OpenLayers 3 widgets work. + * Pass type to sql_alter_column_* where it was missing. + * Fixed #27866 -- Made ChoiceWidget.format_value() return a list + * Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667). + * Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed. + * Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet. + * Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date. + * Fixed #28161 -- Fixed return type of ArrayField(CITextField()). + * Corrected docs regarding MySQL support of Length GIS function. + * Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value. + * Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest. + * Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials. + * Fixed #27644 -- Doc'd FileSystemStorage.get_created_time(). + * Added test for intersection() when combining with a queryset raising EmptyResultSet. + * Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL. + * Removed extra characters in docs header underlines. + * Fixed GEOSGeometry reference in GIS tutorial. + * Refs #28066 -- Fixed Python 2 failures in sessions_tests. + * Removed obsolete Widget.format_output() in tests. + * Fixed #28059 -- Restored class attribute in
      of widgets that use multiple_input.html. + * Fixed typo in docs/ref/contrib/postgres/fields.txt. + * Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. + * Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537). + * Removed unexpected initial attribute in data migration examples. + * Renamed "Mac OS X" to "macOS" in docs. + * Sorted imports per isort 4.2.9. + * Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331. + * Back to the future. + * Fixed #27993 -- Fixed model form default fallback for SelectMultiple. + * Refs #27866 -- Adapted backport for Python 2 compatibility + * Removed unused links in docs/internals/contributing/triaging-tickets.txt. + * Clarified QuerySet.iterator()'s docs on server-side cursors. + * Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses + * Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget. + * Corrected REPL example in forms docs for Python 3. + * Refs #28181 -- Corrected detection of GDAL 2.1 on Windows. + * Fixed #28075 -- Prevented ChoiceWidget from localizing option values. + * Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model. + * Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL. + * Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model. + * Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL. + * Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs. + * Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend. + * Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options. + * Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11. + * Fixed a forms test after updated translations. + * Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt. + * Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists(). + * Fixed #28336 -- Fixed typo in docs/ref/settings.txt. + * Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet. + * Refs #28052 -- Cleaned up some indexes in schema tests. + * Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk. + * Added release date for 1.11.1. + * Fixed #28327 -- Removed contradictory description of mod_wsgi docs. + * Clarified "newly-introduced features" in the supported versions policy. + * Fixed docs build with Sphinx 1.6. + * Fixed #28239 -- Removed docs for a removed arg of template.Context. + * Bumped version for 1.11.2 release. + * Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests. + * Updated postgis.net and gaia-gis.it links to https. + * Fixed typos in docs/topic/db/search.txt. + * Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables. + * Fixed typos in docs/howto/static-files/index.txt. + * Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views. + * Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk. + * Fixed db backend discovery in admin_scripts tests. + * Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt. + * Fixed #26028 -- Added overriding templates howto. + * Updated was_published_recently() tutorial test to check boundary condition. + * Fix a typo in django/db/transaction.py + * Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings. + * Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. + * Refs #22397 -- Removed model in test cleanup + * Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False. + * Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField. + * Updated core translations from Transifex + * Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model. + * Added missing import in docs/topics/db/queries.txt. + * Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected. + * Fixed #28229 -- Fixed the value of LoginView's "next" template variable. + * Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None. + * Added release date for 1.11.2. + * Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. + * Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new. + * Removed an obsolete temporal reference in docs/faq/general.txt. + * Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg. + * Fixed #27945 -- Clarified that RegexValidator searches with the regex. + * Linked GIS functions docs to corresponding PostGIS docs. + * Refs #17453 -- Fixed broken link to #django IRC logs. + * Fixed gis_tests.geoapp test with incorrect geodetic coordinates. + * Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data. + * Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it. + * Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5. + * Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms. + * Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails + * Clarified backend support of Area GIS function. + * Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it. + * Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models. + * Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable. + * Fixed #28188 -- Fixed crash when pickling model fields. + * Fixed typo in docs/ref/models/querysets.txt. + * Pointed Dive into Python links to python3 site + * Refs #25240 -- Added ExtractWeek examples. + * Added some shell output in tutorial 2. + * Removed inappropriate highlighting in committing-code.txt. + * Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries. + * Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses. + * Fixed flake8 warning on Python 2. + * Clarified meaning of "Optional" in auth.models.User field docs. + * Clarified HStoreField model/form difference in 1.11 release notes. + * Removed self from method signatures in docs. + * Added stub release notes for 1.11.4. + * Updated tests after French translation update + * Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once. + * Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter. + * Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form. + * Refs #21415 -- Fixed contrib.humanize translations for es_AR + * Fixed #27655 -- Added some guidelines to the coding style docs. + * Updated contrib translations from Transifex + * Removed nonexistent methods from File's docs. + * Doc'd the need to remove default ordering on Subquery aggregates. + * Fixed broken link to mysqlclient docs. + * Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model. + * Removed usage of deprecated sphinx.util.compat.Directive. + * Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da. + * Fixed #28190 -- Clarifed how include/extends treat template names. + * Refs #26294 -- Fixed typo in docs/ref/django-admin.txt. + * Refs #28091 -- Fixed typo and rephrased 1.11.1 release note. + * Fixed typo in docs/ref/class-based-views/mixins-single-object.txt. + * Bumped version for 1.11.1 release. + * Added release date for 1.11.3. + * Bumped version for 1.11 release candidate 1. + * Simplified tutorial's test names and docstrings. + * Fixed typo in django/db/backends/base/schema.py comment. + * Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs. +- Require python-pytz and Recommend python-bcrypt + +------------------------------------------------------------------- +Wed Aug 9 17:58:19 UTC 2017 - toddrme2178@gmail.com + +- Fix building on older Python versions. + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. + +------------------------------------------------------------------- +Mon May 8 14:32:03 UTC 2017 - toddrme2178@gmail.com + +- django-admin.py should be the master, not django-admin. + +------------------------------------------------------------------- +Sat May 6 03:31:54 UTC 2017 - toddrme2178@gmail.com + +- Don't provide python2-django or python2-South, singlespec + packages should use correct name. + +------------------------------------------------------------------- +Thu May 4 15:33:21 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Apr 4 14:38:13 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.7 + Bugfixes + * Made admin’s RelatedFieldWidgetWrapper use the wrapped widget’s + value_omitted_from_data() method (#27905) + * Fixed model form default fallback for SelectMultiple (#27993) + +------------------------------------------------------------------- +Wed Mar 1 14:24:17 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.6 + Bugfixes + * Fixed ClearableFileInput’s “Clear” checkbox on model form fields where the + model field has a default + * Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than + generating a bad request response + * Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or + IntegerField from DateField + * Fixed query expression date subtraction accuracy on PostgreSQL for differences + large an a month + * Fixed a GDALException raised by GDALClose on GDAL >= 2.0 + +------------------------------------------------------------------- +Tue Jan 31 14:00:11 UTC 2017 - michal@cihar.com + +- Update to 1.10.5 + * See https://docs.djangoproject.com/en/1.10/releases/1.10/ + * Full text search for PostgreSQL + * New-style middleware + * Official support for Unicode usernames + +------------------------------------------------------------------- +Fri Dec 2 10:17:25 UTC 2016 - appleonkel@opensuse.org + +- Update to 1.9.12 + Bugfixes + * Quoted the Oracle test user’s password in queries to fix the “ORA-00922: missing + or invalid option” error when the password starts with a number or + special character (#27420) + * DNS rebinding vulnerability when DEBUG=True + * CSRF protection bypass on a site with Google Analytics + +------------------------------------------------------------------- +Sat Sep 24 16:42:55 UTC 2016 - sbahling@suse.com + +- Change Requires: python-Pillow to python-imaging for compatibility + with SLE-12 which provides PIL instead of Pillow. + +------------------------------------------------------------------- +Tue Aug 9 09:11:24 UTC 2016 - aplanas@suse.com + +- Update to 1.9.9 + Bugfixes + * Fixed invalid HTML in template postmortem on the debug page + (#26938). + * Fixed some GIS database function crashes on MySQL 5.7 (#26657). + +- Update to 1.9.8 + Fix XSS in admin’s add/change related popup (bsc#988420) + Unsafe usage of JavaScript’s Element.innerHTML could result in XSS + in the admin’s add/change related popup. Element.textContent is now + used to prevent execution of the data. + The debug view also used innerHTML. Although a security issue wasn’t + identified there, out of an abundance of caution it’s also updated + to use textContent. + + Bugfixes + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AddField on PostgreSQL (#26889). + * Fixed makemessages crash on Python 2 with non-ASCII file names + (#26897). + +- Update to 1.9.7 + Bugfixes + * Removed the need for the request context processor on the admin + login page to fix a regression in 1.9 (#26558). + * Fixed translation of password validators’ help_text in forms + (#26544). + * Fixed a regression causing the cached template loader to crash + when using lazy template names (#26603). + * Fixed on_commit callbacks execution order when callbacks make + transactions (#26627). + * Fixed HStoreField to raise a ValidationError instead of crashing + on non-dictionary JSON input (#26672). + * Fixed dbshell crash on PostgreSQL with an empty database name + (#26698). + * Fixed a regression in queries on a OneToOneField that has to_field + and primary_key=True (#26667). + +------------------------------------------------------------------- +Tue May 3 08:23:48 UTC 2016 - aplanas@suse.com + +- Update to 1.9.6 + Bugfixes + * Added support for relative path redirects to the test client and + to SimpleTestCase.assertRedirects() because Django 1.9 no longer + converts redirects to absolute URIs (#26428). + * Fixed TimeField microseconds round-tripping on MySQL and SQLite + (#26498). + * Prevented makemigrations from generating infinite migrations for a + model field that references a functools.partial (#26475). + * Fixed a regression where SessionBase.pop() returned None rather + than raising a KeyError for nonexistent values (#26520). + * Fixed a regression causing the cached template loader to crash + when using template names starting with a dash (#26536). + * Restored conversion of an empty string to null when saving values + of GenericIPAddressField on SQLite and MySQL (#26557). + * Fixed a makemessages regression where temporary .py extensions + were leaked in source file paths (#26341). + +------------------------------------------------------------------- +Sun May 1 12:29:52 UTC 2016 - michael@stroeder.com + +- Update to 1.9.5 + +------------------------------------------------------------------- +Tue Feb 2 09:21:43 UTC 2016 - aplanas@suse.com + +- Update to 1.9.2 + Security issue + * User with "change" but not "add" permission can create objects for + ModelAdmin's with save_as=True + Backwards incompatible change + * .py-tpl files rewritten in project/app templates + Bugfixes + * Fixed a regression in ConditionalGetMiddleware causing + If-None-Match checks to always return HTTP 200 (#26024). + * Fixed a regression that caused the "user-tools" items to display + on the admin's logout page (#26035). + * Fixed a crash in the translations system when the current language + has no translations (#26046). + * Fixed a regression that caused the incorrect day to be selected + when opening the admin calendar widget for timezones from GMT+0100 + to GMT+1200 (#24980). + * Fixed a regression in the admin's edit related model popup that + caused an escaped value to be displayed in the select dropdown of + the parent window (#25997). + * Fixed a regression in 1.8.8 causing incorrect index handling in + migrations on PostgreSQL when adding db_index=True or unique=True + to a CharField or TextField that already had the other specified, + or when removing one of them from a field that had both, or when + adding unique=True to a field already listed in unique_together + (#26034). + * Fixed a regression where defining a relation on an abstract + model's field using a string model name without an app_label no + longer resolved that reference to the abstract model's app if + using that model in another application (#25858). + * Fixed a crash when destroying an existing test database on MySQL + or PostgreSQL (#26096). + * Fixed CSRF cookie check on POST requests when + USE_X_FORWARDED_PORT=True (#26094). + * Fixed a QuerySet.order_by() crash when ordering by a relational + field of a ManyToManyField through model (#26092). + * Fixed a regression that caused an exception when making database + queries on SQLite with more than 2000 parameters when DEBUG is + True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER + compile-time limit to over 2000, such as Debian (#26063). + * Fixed a crash when using a reverse OneToOneField in + ModelAdmin.readonly_fields (#26060). + * Fixed a crash when calling the migrate command in a test case with + the available_apps attribute pointing to an application with + migrations disabled using the MIGRATION_MODULES setting (#26135). + * Restored the ability for testing and debugging tools to determine + the template from which a node came from, even during template + inheritance or inclusion. Prior to Django 1.9, debugging tools + could access the template origin from the node via + Node.token.source[0]. This was an undocumented, private API. The + origin is now available directly on each node using the + Node.origin attribute (#25848). + * Fixed a regression in Django 1.8.5 that broke copying a + SimpleLazyObject with copy.copy() (#26122). + * Always included geometry_field in the GeoJSON serializer output + regardless of the fields parameter (#26138). + * Fixed the contrib.gis map widgets when using + USE_THOUSAND_SEPARATOR=True (#20415). + * Made invalid forms display the initial of values of their disabled + fields (#26129). + +------------------------------------------------------------------- +Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com + +- Update to 1.9.1 + Bugfixes + * Fixed BaseCache.get_or_set() with the DummyCache backend (#25840). + * Fixed a regression in FormMixin causing forms to be validated + twice (#25548, #26018). + * Fixed a system check crash with nested ArrayFields (#25867). + * Fixed a state bug when migrating a SeparateDatabaseAndState + operation backwards (#25896). + * Fixed a regression in CommonMiddleware causing If-None-Match + checks to always return HTTP 200 (#25900). + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AlterField on PostgreSQL + (#25412). + * Fixed admin’s delete confirmation page’s summary counts of related + objects (#25883). + * Added from __future__ import unicode_literals to the default + apps.py created by startapp on Python 2 (#25909). Add this line to + your own apps.py files created using Django 1.9 if you want your + migrations to work on both Python 2 and Python 3. + * Prevented QuerySet.delete() from crashing on MySQL when querying + across relations. + * Fixed evaluation of zero-length slices of QuerySet.values() + (#25894). + * ... + * https://docs.djangoproject.com/en/1.9/releases/1.9.1/ + +------------------------------------------------------------------- +Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com + +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) + * https://docs.djangoproject.com/en/1.9/releases/1.9/ + * Performing actions after a transaction commit + * Password validation + * Permission mixins for class-based views + * New styling for "contrib.admin" + * Running tests in parallel + +------------------------------------------------------------------- +Tue Nov 10 10:39:22 UTC 2015 - tbechtold@suse.com + +- update to 1.8.6: + * https://docs.djangoproject.com/en/1.8/releases/1.8.5/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.6/ + +------------------------------------------------------------------- +Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com + +- add missing Requires for python-setuptools (bsc#952198) + /usr/bin/django-admin needs the pkg_resources framework from + python-setuptools to run properly. + +------------------------------------------------------------------- +Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com + +- update to 1.8.4 (CVE-2015-5963): + * https://docs.djangoproject.com/en/1.8/releases/1.8.4/ + +------------------------------------------------------------------- +Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com + +- add keyring and verify source signature + +------------------------------------------------------------------- +Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com + +- update to 1.8.3: + * https://docs.djangoproject.com/en/1.8/releases/1.8.3/ + Various bugfixes/security fixes (CVE-2015-5145, bsc#937524) + +------------------------------------------------------------------- +Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com + +- update to 1.8.2 (CVE-2015-3982): + * https://docs.djangoproject.com/en/1.8/releases/1.8.2/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.1/ + +------------------------------------------------------------------- +Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com + +- Update to Django 1.8 + * "Long-Term Support" (LTS) release + New features: + * Model._meta API + * Multiple template engines + * Security enhancements + * New PostgreSQL specific functionality + * New data types + * Query Expressions, Conditional Expressions, and Database Functions + * TestCase data setup + Backwards incompatible changes: + * Related object operations are run in a transaction + * Assigning unsaved objects to relations raises an error + * Management commands that only accept positional arguments + * Custom test management command arguments through test runner + * Model check ensures auto-generated column names are within limits + specified by database + * Query relation lookups now check object types + * select_related() now checks given fields + * Default EmailField.max_length increased to 254 + * (DROP) Support for PostgreSQL versions older than 9.0 + * (DROP) Support for MySQL versions older than 5.5 + * (DROP) Support for Oracle versions older than 11.1 + * Specific privileges used instead of roles for tests on Oracle + * ... + +------------------------------------------------------------------- +Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.7: + Security issues: + * Denial-of-service possibility with strip_tags() + * Mitigated possible XSS attack via user-supplied redirect URLs + Bugfixes: + * Fixed renaming of classes in migrations where renaming a subclass would + cause incorrect state to be recorded for objects that referenced the + superclass (#24354). + * Stopped writing migration files in dry run mode when merging migration + conflicts. When makemigrations --merge is called with verbosity=3 the + migration file is written to stdout (:ticket: 24427). + +------------------------------------------------------------------- +Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com + +- Update to Djano 1.7.6: + Bugfixes + * Mitigated an XSS attack via properties in + "ModelAdmin.readonly_fields" + * Fixed crash when coercing "ManyRelatedManager" to a string + (#24352). + * Fixed a bug that prevented migrations from adding a foreign key + constraint when converting an existing field to a foreign key + (#24447). + +------------------------------------------------------------------- +Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.5: + Bugfixes + * Reverted a fix that prevented a migration crash when unapplying + contrib.contenttypes's or contrib.auth's first migration (#24075) + due to severe impact on the test performance (#24251) and problems + in multi-database setups (#24298). + * Fixed a regression that prevented custom fields inheriting from + ManyToManyField from being recognized in migrations (#24236). + * Fixed crash in contrib.sites migrations when a default database + isn't used (#24332). + * Added the ability to set the isolation level on PostgreSQL with + psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in + Django 1.6 but it didn't work in practice. + * Formats for the Azerbaijani locale (az) have been added. + +------------------------------------------------------------------- +Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.4: + Bugfixes + * Fixed a migration crash when unapplying ``contrib.contenttypes``’s + or ``contrib.auth``’s first migration (:ticket:`24075`). + * Made the migration's ``RenameModel`` operation rename + ``ManyToManyField`` tables (:ticket:`24135`). + * Fixed a migration crash on MySQL when migrating from a + ``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`). + * Prevented the ``static.serve`` view from producing + ``ResourceWarning``\s in certain circumstances (security fix + regression, :ticket:`24193`). + * Fixed schema check for ManyToManyField to look for internal type + instead of checking class instance, so you can write custom + m2m-like fields with the same behavior. (:ticket:`24104`). + +------------------------------------------------------------------- +Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.3: + Security fixes: + * WSGI header spoofing via underscore/dash conflation. + * Mitigated possible XSS attack via user-supplied redirect URLs. + * Denial-of-service attack against django.views.static.serve. + * Database denial-of-service with ModelMultipleChoiceField. + Bug fixes: + * The default iteration count for the PBKDF2 password hasher has been + increased by 25%. This part of the normal major release process was + inadvertently omitted in 1.7. This backwards compatible change will not + affect users who have subclassed + django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default + value. + * Fixed a crash in the CSRF middleware when handling non-ASCII referer + header (#23815). + * Fixed a crash in the django.contrib.auth.redirect_to_login view when + passing a reverse_lazy() result on Python 3 (#24097). + * Added correct formats for Greek (el) (#23967). + * Fixed a migration crash when unapplying a migration where multiple + operations interact with the same model (#24110). + +------------------------------------------------------------------- +Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com + +- South has been merged in main Django; provide and obsolete it + +------------------------------------------------------------------- +Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com + +- Update to Django 1.7.2: + + * Fixed migration’s renaming of auto-created many-to-many tables + when changing Meta.db_table (#23630). + * Fixed a migration crash when adding an explicit id field to a + model on SQLite (#23702). + * Added a warning for duplicate models when a module is + reloaded. Previously a RuntimeError was raised every time two + models clashed in the app registry. (#23621). + * Prevented flush from loading initial data for migrated apps + (#23699). + * Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the + default None value (#23717). + * Added GeoDjango compatibility with mysqlclient database driver. + * Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719). + * Fixed a migration crash when removing a field that is referenced + in AlterIndexTogether or AlterUniqueTogether (#23614). + * Updated the first day of the week in the Ukrainian locale to + Monday. + * Added support for transactional spatial metadata initialization on + SpatiaLite 4.1+ (#23152). + * Fixed a migration crash that prevented changing a nullable field + with a default to non-nullable with the same default (#23738). + * Fixed a migration crash when adding GeometryFields with blank=True + on PostGIS (#23731). + * Allowed usage of DateTimeField() as Transform.output_field + (#23420). + * Fixed a migration serializing bug involving float("nan") and + float("inf") (#23770). + * Fixed a regression where custom form fields having a queryset + attribute but no limit_choices_to could not be used in a ModelForm + (#23795). + * Fixed a custom field type validation error with MySQL backend when + db_type returned None (#23761). + * Fixed a migration crash when a field is renamed that is part of an + index_together (#23859). + * Fixed squashmigrations to respect the --no-optimize parameter + (#23799). + * Made RenameModel reversible (#22248) + * Avoided unnecessary rollbacks of migrations from other apps when + migrating backwards (#23410). + * Fixed a rare query error when using deeply nested subqueries + (#23605). + * Fixed a crash in migrations when deleting a field that is part of + a index/unique_together constraint (#23794). + * Fixed django.core.files.File.__repr__() when the file’s name + contains Unicode characters (#23888). + * Added missing context to the admin’s delete_selected view that + prevented custom site header, etc. from appearing (#23898). + * Fixed a regression with dynamically generated inlines and allowed + field references in the admin (#23754). + * Fixed an infinite loop bug for certain cyclic migration + dependencies, and made the error message for cyclic dependencies + much more helpful. + * Added missing index_together handling for SQLite (#23880). + * Fixed a crash when RunSQL SQL content was collected by the schema + editor, typically when using sqlmigrate (#23909). + * Fixed a regression in contrib.admin add/change views which caused + some ModelAdmin methods to receive the incorrect obj value + (#23934). + * Fixed runserver crash when socket error message contained Unicode + characters (#23946). + * Fixed serialization of type when adding a deconstruct() method + (#23950). + * Prevented the SessionAuthenticationMiddleware from setting a + "Vary: Cookie" header on all responses (#23939). + * Fixed a crash when adding blank=True to TextField() on MySQL + (#23920). + * Fixed index creation by the migration infrastructure, particularly + when dealing with PostgreSQL specific {text|varchar}_pattern_ops + indexes (#23954). + * Fixed bug in makemigrations that created broken migration files + when dealing with multiple table inheritance and inheriting from + more than one model (#23956). + * Fixed a crash when a MultiValueField has invalid data (#23674). + * Fixed a crash in the admin when using “Save as new” and also + deleting a related inline (#23857). + * Always converted related_name to text (unicode), since that is + required on Python 3 for interpolation. Removed conversion of + related_name to text in migration deconstruction (#23455 and + #23982). + * Enlarged the sizes of tablespaces which are created by default for + testing on Oracle (the main tablespace was increased from 200M to + 300M and the temporary tablespace from 100M to 150M). This was + required to accommodate growth in Django’s own test suite + (#23969). + * Fixed timesince filter translations in Korean (#23989). + * Fixed the SQLite SchemaEditor to properly add defaults in the + absence of a user specified default. For example, a CharField with + blank=True didn’t set existing rows to an empty string which + resulted in a crash when adding the NOT NULL constraint (#23987). + * makemigrations no longer prompts for a default value when adding + TextField() or CharField() without a default (#23405). + * Fixed a migration crash when adding order_with_respect_to to a + table with existing rows (#23983). + * Restored the pre_migrate signal if all apps have migrations + (#23975). + * Made admin system checks run for custom AdminSites (#23497). + * Ensured the app registry is fully populated when unpickling + models. When an external script (like a queueing infrastructure) + reloads pickled models, it could crash with an AppRegistryNotReady + exception (#24007). + * Added quoting to field indexes in the SQL generated by migrations + to prevent a crash when the index name requires it (##24015). + * Added datetime.time support to migrations questioner (#23998). + * Fixed admindocs crash on apps installed as eggs (#23525). + * Changed migrations autodetector to generate an AlterModelOptions + operation instead of DeleteModel and CreateModel operations when + changing Meta.managed. This prevents data loss when changing + managed from False to True and vice versa (#24037). + * Enabled the sqlsequencereset command on apps with migrations + (#24054). + * Added tablespace SQL to apps with migrations (#24051). + * Corrected contrib.sites default site creation in a multiple + database setup (#24000). + * Restored support for objects that aren’t str or bytes in + mark_for_escaping() on Python 3. + * Supported strings escaped by third-party libraries with the + __html__ convention in the template engine (#23831). + * Prevented extraneous DROP DEFAULT SQL in migrations (#23581). + * Restored the ability to use more than five levels of subqueries + (#23758). + * Fixed crash when ValidationError is initialized with a + ValidationError that is initialized with a dictionary (#24008). + * Prevented a crash on apps without migrations when running migrate + --list (#23366). + +------------------------------------------------------------------- +Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7.1 + + * Allowed related many-to-many fields to be referenced in the admin + (#23604). + * Added a more helpful error message if you try to migrate an app + without first creating the contenttypes table (#22411). + * Modified migrations dependency algorithm to avoid possible + infinite recursion. + * Fixed a UnicodeDecodeError when the flush error message contained + Unicode characters (#22882). + * Reinstated missing CHECK SQL clauses which were omitted on some + backends when not using migrations (#23416). + * Fixed serialization of type objects in migrations (#22951). + * Allowed inline and hidden references to admin fields (#23431). + * The @deconstructible decorator now fails with a ValueError if the + decorated object cannot automatically be imported (#23418). + * Fixed a typo in an inlineformset_factory() error message that + caused a crash (#23451). + * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the + 'auth.User' model (#11775). As a side effect, the setting now adds + a get_absolute_url() method to any model that appears in + ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). + * Avoided masking some ImportError exceptions during application + loading (#22920). + * Empty index_together or unique_together model options no longer + results in infinite migrations (#23452). + * Fixed crash in contrib.sitemaps if lastmod returned a date rather + than a datetime (#23403). + * Allowed migrations to work with app_labels that have the same last + part (e.g. django.contrib.auth and vendor.auth) (#23483). + * Restored the ability to deepcopy F objects (#23492). + * Formats for Welsh (cy) and several Chinese locales (zh_CN, + zh_Hans, zh_Hant and zh_TW) have been added. Formats for + Macedonian have been fixed (trailing dot removed, #23532). + * Added quoting of constraint names in the SQL generated by + migrations to prevent crash with uppercase characters in the name + (#23065). + * Fixed renaming of models with a self-referential many-to-many + field (ManyToManyField('self')) (#23503). + * Added the get_extra(), get_max_num(), and get_min_num() hooks to + GenericInlineModelAdmin (#23539). + * Made migrations.RunSQL no longer require percent sign + escaping. This is now consistent with cursor.execute() (#23426). + * Made the SERIALIZE entry in the TEST dictionary usable (#23421). + * Fixed bug in migrations that prevented foreign key constraints to + unmanaged models with a custom primary key (#23415). + * Added SchemaEditor for MySQL GIS backend so that spatial indexes + will be created for apps with migrations (#23538). + * Added SchemaEditor for Oracle GIS backend so that spatial metadata + and indexes will be created for apps with migrations (#23537). + * Coerced the related_name model field option to unicode during + migration generation to generate migrations that work with both + Python 2 and 3 (#23455). + * Fixed MigrationWriter to handle builtin types without imports + (#23560). + * Fixed deepcopy on ErrorList (#23594). + * Made the admindocs view to browse view details check if the view + specified in the URL exists in the URLconf. Previously it was + possible to import arbitrary packages from the Python path. This + was not considered a security issue because admindocs is only + accessible to staff users (#23601). + * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII + characters in the request (#23593). + * Fixed missing get_or_create and update_or_create on related + managers causing IntegrityError (#23611). + * Made urlsafe_base64_decode() return the proper type (byte string) + on Python 3 (#23333). + * makemigrations can now serialize timezone-aware values (#23365). + * Added a prompt to the migrations questioner when removing the null + constraint from a field to prevent an IntegrityError on existing + NULL rows (#23609). + * Fixed generic relations in ModelAdmin.list_filter (#23616). + * Restored RFC compliance for the SMTP backend on Python 3 (#23063). + * Fixed a crash while parsing cookies containing invalid content + (#23638). + * The system check framework now raises error models.E020 when the + class method Model.check() is unreachable (#23615). + * Made the Oracle test database creation drop the test user in the + event of an unclean exit of a previous test run (#23649). + * Fixed makemigrations to detect changes to Meta.db_table (#23629). + * Fixed a regression when feeding the Django test client with an + empty data string (#21740). + * Fixed a regression in makemessages where static files were + unexpectedly ignored (#23583). + +------------------------------------------------------------------- +Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7 + + * A new built-in database migration system. Notes on upgrading from + South (a popular third*party application providing migration + functionality) are also available. + * A refactored concept of Django applications. Django applications + are no longer tied to the existence of a models files, and can now + specify both configuration data and code to be executed as Django + starts up. + * Improvements to the model Field API to support migrations and, in + the future, to enable easy addition of composite-key support to + Django's ORM. + * Improvements for custom Manager and QuerySet classes, allowing + reverse relationship traversal to specify the Manager to use, and + creation of a Manager from a custom QuerySet class. + * An extensible system check framework which can assist developers + in detecting and diagnosing errors. + + Please refer to the release notes for all details and migration + instructions: + https://docs.djangoproject.com/en/1.7/releases/1.7/ + +- Added python-setuptools as a BuildRequires. + +- Fixed Source URL from Django Project site. + +- Reordered sources. + +- Fixed deduplication to avoid wrong mtimes in pyc files. + +------------------------------------------------------------------- +Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- +Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com + +- Fix update-alternatives + +------------------------------------------------------------------- +Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com + +- Update to version 1.6.2: + + Prevented the base geometry object of a prepared geometry to be garbage + collected, which could lead to crash Django (#21662). + + Fixed a crash when executing the changepassword command when the user + object representation contained non-ASCII characters (#21627). + + The collectstatic command will raise an error rather than default to + using the current working directory if STATIC_ROOT is not set. Combined + with the --clear option, the previous behavior could wipe anything + below the current working directory (#21581). + + Fixed mail encoding on Python 3.3.3+ (#21093). + + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, + the connection wasn’t in autocommit mode but Django pretended it was. + + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + + Added missing items to django.utils.timezone.__all__ (#21880). + + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + + Fixed join promotion for negated AND conditions (#21748). + + Oracle database introspection now works with boolean and float fields (#19884). + + Fixed an issue where lazy objects weren’t actually marked as safe when + passed through mark_safe() and could end up being double-escaped (#21882). + +------------------------------------------------------------------- +Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.1: + - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 + release notes. + +------------------------------------------------------------------- +Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com + +- Update-alternatives also for bash-completion + +------------------------------------------------------------------- +Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com + +- Only ghost /etc/alternatives on 12.3 or newer + +------------------------------------------------------------------- +Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com + +- Require python-Pillow for image-related functionality +- Package was renamed from python-django +- Drop Django-1.2-completion-only-for-bash.patch: Useless + +------------------------------------------------------------------- +Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br + +- Update to version 1.6: + - Please read the release notes + https://docs.djangoproject.com/en/1.6/releases/1.6 +- Removed Patch2 as it is no needed anymore: + Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch + +------------------------------------------------------------------- +Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed directory traversal with ssi template tag + +------------------------------------------------------------------- +Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.2: + - Security release, please check release notes for details: + https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued + +------------------------------------------------------------------- +Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.1: + - Memory leak fix, please read release announcement at + https://www.djangoproject.com/weblog/2013/mar/28/django-151. + +------------------------------------------------------------------- +Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5: + - Please read the release notes + https://docs.djangoproject.com/en/1.5/releases/1.5 + +------------------------------------------------------------------- +Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.3: + - Security release: + - Host header poisoning + - Redirect poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/dec/10/security + +------------------------------------------------------------------- +Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- +Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.1: + - Security release: + - Cross-site scripting in authentication views + - Denial-of-service in image validation + - Denial-of-service via get_image_dimensions() + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued + +------------------------------------------------------------------- +Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de + +- Add patch to support CSRF_COOKIE_HTTPONLY config + +------------------------------------------------------------------- +Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4: + - Please read the release notes + https://docs.djangoproject.com/en/dev/releases/1.4 +- Removed Patch2, it was merged on upstream, + +------------------------------------------------------------------- +Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de + +- Set license to SDPX style (BSD-3-Clause) +- Package AUTHORS, LICENE and README files +- No CFLAGS for noarch package +- Drop runtime dependency on gettext-tools + +------------------------------------------------------------------- +Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3.1 to fix security issues, please read + https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. + +------------------------------------------------------------------- +Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br + +- Fix build on SLES_9. + +------------------------------------------------------------------- +Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3 final; +- Refresh patch empty-ip-2.diff. + +------------------------------------------------------------------- +Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3-rc1; +- Regenerated spec file with py2pack; +- No more need to fix wrong line endings; +- Refresh patch empty-ip-2.diff with -p0. + +------------------------------------------------------------------- +Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de + +- Spec file cleanup: + * Removed empty lines, package authors from description + * Cleanup duplicates + * Corrected wrong file endings + * Added zero-length rpmlint filter +- Added AUTHORS, LICENSE and doc files + +------------------------------------------------------------------- +Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.2.5: + - This is a security update that fix: + - Flaw in CSRF handling; + - Potential XSS in file field rendering. + +------------------------------------------------------------------- +Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.4: + - Information leakage in Django administrative interface; + - Denial-of-service attack in password-reset mechanism. +- This is a mandatory security update. + +------------------------------------------------------------------- +Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.3: + - The patch applied for the security issue covered in Django + 1.2.2 caused issues with non-ASCII responses using CSRF + tokens. This has been remedied; + - The patch also caused issues with some forms, most notably + the user-editing forms in the Django administrative interface. + This has been remedied. + - The packaging manifest did not contain the full list of + required files. This has been remedied. + +------------------------------------------------------------------- +Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.2. +- This is a ciritical security update fixing a default XSS bug! + +------------------------------------------------------------------- +Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca + +- Added patch to fix upstream bug 5622: Empty ipaddress raises an error + +------------------------------------------------------------------- +Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.1. + +------------------------------------------------------------------- +Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2. + +------------------------------------------------------------------- +Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-rc-1. + +------------------------------------------------------------------- +Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br + +- Spec file cleaned with spec-cleaner; +- Minor manual adjusts on spec file. + +------------------------------------------------------------------- +Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br + +- Moved autocomplete file path from /etc/profile.d to + /etc/bash_completion.d. Then it works with konsole too. + +------------------------------------------------------------------- +Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-beta-1; +- Using -q option on prep section of spec file; +- Using INSTALLED_FILES instead of declaring files; +- Removed dummy changelog section of spec file; +- Update completion bash patch. + +------------------------------------------------------------------- +Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org + +- Update to 1.1.1 due to security issue described at + http://www.djangoproject.com/weblog/2009/oct/09/security/ + +------------------------------------------------------------------- +Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br + +- Removed old tarball file (Django-1.1.tar.bz2). + +------------------------------------------------------------------- +Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de + +- Fix python version check. + +------------------------------------------------------------------- +Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de + +- Don't require python-sqlite2 for python >= 2.6. + +------------------------------------------------------------------- +Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de + +- Build as noarch on factory. + +------------------------------------------------------------------- +Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de + +- don't run bash completion on shells other than bash. Avoiding + error messages produced at login when using other shells. + +------------------------------------------------------------------- +Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br + +- Added bash auto-complete to openSUSE. + +------------------------------------------------------------------- +Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net + +- update to version 1.1 +- add python-django-rpmlintrc to quiet rpmlint complaints about -lang + +------------------------------------------------------------------- +Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de + +- add python-xml to the Requires (./manage.py syncdb crashes + otherwise) + +------------------------------------------------------------------- +Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 1.0 +- Fix build on SLES9 + +------------------------------------------------------------------- +Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de + +- update to version 1.0 final + +------------------------------------------------------------------- +Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 0.96.2 + +------------------------------------------------------------------- +Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca + +- The way simplejson is included in this package is not useful to other + packages. Removed from provides + +------------------------------------------------------------------- +Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de + +- verion 0.96.1 fixes D.o.S attack in the i18n module + +------------------------------------------------------------------- +Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de + +- update to version 0.96 + see http://www.djangoproject.com/documentation/release_notes_0.96 for details +- this package provides python-simplejson too. diff --git a/python-Django.keyring b/python-Django.keyring new file mode 100644 index 0000000..591726f --- /dev/null +++ b/python-Django.keyring @@ -0,0 +1,132 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBErcoVkRBACt1HBsLQQ9HeRHrqMbYfWEW3d0KoWzjKU9ZW59oq8ceVCYfhyT +ZKxyLobyed+NhL3SJCE5e4hs5UfyBdS4c8I97MFDKCA5TBu3pMnYGxWje3fSwP6o +RGcP8Ji4/tISclyGrkMruDNzpT93R8H/SixPGFcH7kCp4xQxPBc0esdU4wCg1azF +kUuFijNryusT+i58hVE3dMkD/iAfCh4bcLyZ8aygLZxg3bn3YauJASEjuqVXUgTB +diBdhXnldq0xs2IwQJY1paAajXf5FsjlTVQrQWMtTQ5qWKpQr0lAanufnEDNu6GW +orWBzLaSWQWEkcRALmZS6MBkmVCx/JiIvt0sUxrG4boQ6qYlQYZsaHaAMUZT997v +1ktqA/4kPUfV2gqJuVzWwbhrKhAyhSivmhhe+1lUFa7phRmoMNw7/jXi9OV1lmL2 +ty+0LkeCXUChrXarey4AnPI58aR0xshiAxGEI2jPi+vWkgGblOG3TBoZBH5jV+d2 +/5mmlCs/KkJkdsN+LXR3m5o/oFs7MgGD8pxa1jwK9xcu1xKIqrQyTmF0YWxpYSBC +aWRhcnQgKG5lc3NpdGEpIDxuYXRhbGlhYmlkYXJ0QGdtYWlsLmNvbT6IYgQTEQIA +IgUCTG1snwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQrlwdYDo57Zf7 +lQCeIHmWQQek0zboTqMuy60phrUIzowAn0ONlnzzL0oWiNUpbY8nDsernILWiGAE +ExECACAFAkrcoVkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCuXB1gOjnt +l5FdAKCSLwUJNZXs3WXqKabi2adRcdqZ8gCeLgbbqJ2Dqqaeb3tXK6zWC7ZO9CK0 +NE5hdGFsaWEgQmlkYXJ0IChuZXNzaXRhKSA8bmF0YWxpYS5iaWRhcnRAdWJ1bnR1 +LmNvbT6IZQQTEQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk8oONcC +GQEACgkQrlwdYDo57ZejrgCdFyBg4VipDYmoQ5eOpXe4Vegiwl4AoK00YytEeMvO +EFqZY+qVvqaV3It6iGIEExECACIFAkvrLFwCGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAAAoJEK5cHWA6Oe2XD+QAoK02osWaLzROXg54drLpJMNLs/DGAJ9XlSak +dQv6uX5QFT1QZCp/WwozIrQzTmF0YWxpYSBCaWRhcnQgKG5lc3NpdGEpIDxuYXRh +bGlhLmJpZGFydEBnbWFpbC5jb20+iGIEExECACIFAkvrLBMCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJEK5cHWA6Oe2XrQoAoIpzDPsuwhwuVcelVh3F8q3w +qhk2AKCj6rF6x+kzUwtT6lM8wkUj4x+CgLQ3TmF0YWxpYSBCaWRhcnQgKG5lc3Np +dGEpIDxuYXRhbGlhLmJpZGFydEBjYW5vbmljYWwuY29tPohgBBMRAgAgBQJK3gu6 +AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQrlwdYDo57ZfaNgCfXhjx28H4 +WQ8CjWsdyJU2Kmh44qoAn0zp3TeEFuSPCEBZ0jAR4dwuSrpguQINBErcoVkQCACX +mxZ+acE5irfOe09OclJ+vKxqrnaEpveyLJZzKiWz5GlZLV3gPEMs3Pu0tGtTjadG +CRck2xIYArDz1aPwvM4dHswIy3TyzoSTgW1ybz5TXzkxWDcdwukYm1gKlWMb8JQW +v76KtoiNuY/EIUAaO9M7ZyUPSWunh5CK+ttYKs+KrD8wt8Te7PdsrstUMP2uplOt +I0zKK8P+gcCNZQTZh71Z8WAhZF/tn9LpkE9p0Au3pVEVk7Z8492TO4DySFhBNVEM +IY9KVNiZoEMAaiRUFgG3gPj3MD4wDyaiWp+5b8XQylXcfWsPx3nujLJNUiaJlV4u +Wjv0ZgwMHHLgORAlOJ2rAAMFB/94QWkhOmIzzx0iCob4fILZ2lqTt1fAAbaQxyq/ +LIaI6iSHqebEVVR9OUVTzqNtc0yDifxsbDZXEHmU2qx+aARoYmonxNmNoUS/U6Io +2iPgP1Jwt13dbd284xlgDTx8QO/TjX9lFyvt7AEHIrcHaomwVS0Il7wIfzG24kqX +j17VhD2j/2V6uA7ADAh8u0WFO93i30qNSCaCRphCU4K7gLdHLIp8TsGLdx/gf2mB +5SyhNOkHwEx80kSiFt+H5fER7XQep/w51XybqAt7SsWaIjYLsyMYXyiVdQChwzBd +vusRKv9qjg9eiyHI6aOw6foOUFlpfMx1oeknFDJrjJ3PKUPyiEkEGBECAAkFAkrc +oVkCGwwACgkQrlwdYDo57ZffZACfS9pUk1P5poP86jh8K2K6jpjU0y0AoNQ4ejtn +mpJC4x7FruZyi1wVdkMxmQINBGQu6XIBEADAnmu8HNENZh7UTuu5GfTeFhpmyj5K +yz//txfrm0/b6uTW5TXPgLjuvMzGG8PtaZHRIgZ0gzA+x7T5zKMTaoKs3EvgR5D3 +Y9NjteUWpf8FjvPhN01HZfaZ7yChwHwKobW0JYinNpBh0Cz51unGdLIDtELMaEFO +D8qdcpe63qG111S4G+4hcJUkXt4ALBpSnY9GOhlYQDn+ZDRGk1M9rjeMo+QsIJns +UZRlvBroJyg0toUXclw5QXFGp1+mrjOzKqdD0DmSN7LWlU0yCJB8H5bWZTiPAPOE +SW1Kb3kEW+Qy8YkcH7SkQ7N72wsuIwKJNiddMLZnXeR0Lcvt0t7ftUfs44VEZSwm +V0I7lyZZWr+Pei8nGaLxxCI4OtASXcQ+VVKF/HoR/necD1QmqmuCeiMLmYT5jEPZ +oovOri5onkWIQfjfWeUVErxNi9Uz18mi9P7PfAWOzNCmdkuVqsPtpymyDcKYYh9u +D/CTH9w1B69CRjld6NOfal05fIrfKuVgPvmQnPeCn+KgTBwv8T+mgGVjkBlDGpYy +6Y24s13R6WoawJnjIEjA/Q5QOSDXYtpgF8D3cMW+LUlD9lu2A6OO64H33rInIaut +8IFgKcTf3pXbzh1J6Zs+fcjOryitM7t4Fo1ClJ+DSn4yoUHxP2UEZL6LL0DF6LrE +kJjKxwRp20lPwwARAQABtDFOYXRhbGlhIDwxMjQzMDQrbmVzc2l0YUB1c2Vycy5u +b3JlcGx5LmdpdGh1Yi5jb20+iQJOBBMBCAA4FiEEW1sboQ2FrHxcduOPLugqjZRw +mD4FAmQu6XICGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQLugqjZRwmD56 +rQ//UvzX9/4Eo3HPBMDEIwExjmYGyTqiQQm2KW9Z4U0zQVdeLVF8ZOdaIKn1RBUw +M02RJWI2HjovdLN3LbXpTtQtamSvvU6fv7vy5zLBJdVL9eKXXG+3MPCWDHOqwp/u +L/4lq0pUy5ejb4AnIQw1RIQiz6/pprDzgF0celWLhL3krxEqts76X1Jv9wCIYMXV +3reCBqpcfIqWQETLP/NdPVcOIRv0al1qcBw2hUOvEyx72n+17Hb30rFQp+35BaZZ +IjnL3H6pATgjk52EiDdRkyWL9CFrbJ/wkbAvEO29GcUPg1+bT6UZq8LKXyDs/WSL +UkxQ/6w8DzicBiFj/oT7GSMr8KfO4YUMzh/kAFA4v8Q+a53Dq1Icbk9LqkWpu1pA +Hopw3lpGdADuC0z/iYO/U04uUSN5YGyUUOgk5w+CkV8NuL/g2yniNf9AXrbt4ByI +V7cqBt9qdS6z6leuW1M8yrPhX1IcKKqj25sPKAgzp3A6Bt7orr1NZGOVJ4alR4ff +pYvq+wfmIPKf0AbzHGOkYjF4BMvkLRchhi28q+qX5cCuMr+aoqKUtJ2IFiXsvbFN +k0aYWUr5y5qSJoAVf0GMkByQW6+F6bXRRdCpS/JX5JA8qrYp+oV8VhveOOslHVqj +ILAlkMMXoTx6G79DdvQ87fdb4+aIQ96U4T8B6zMxazvmU1i5Ag0EZC7pcgEQAL9n +X/eaWY+v4GgeGjRIWmmrjMBYyeeyJIyL9Mk3iyH/gIOnTDmlX+njjyvyWKfMYIl1 +HmMtzlF3OgsuLeekwbDrXA8xvslp1xmiKLOamPvXwPG/XqkJrYtzVUDEFCtRpEJ0 +c38d+P8WEMjbviyIwJ9PxLllamEK61dRtj1NCMc/Ix4+b54UHxi44Jz1bqQxfgjj +u2o8sPnyZio+DRFWVE3Eocp0rdZ3rlKjUsBXKEElTuIScoKjGwKwaMfxoBgwRhzx +oESwk8CqlH7WzNookx1M1/JjKYdrwln2aNuChtlKLRmUqT7qqTNtett2vy73VM3b +zfXdor94S3q+YtMEvNbo9QCzn6La7HOx+PMm8XM2d9aC7Hz4FBK0xIQB+HLZEIhP +7KQ7GJ2Xn3LStyoO5K64uqi2X2YjsYUcPzvI3uUK+gtH3H1SSIazh7UAUbcEuo7N +K8vF9Vtqp6S2qkjoeV6Dnvy+6735b1WIBZieAmbKaz74IW1IP0lZn3pXeRFo2Wjq +Ojf8zkNacf61exysAkGU2fubsXSZxuxc8DVXKbkpK69tXDSOUmSKTBPVzzmIM79S +yYH1MMRZqQ52Y471qiEZxEPasJXIEVcWbdJxEC/eEiuptPAtojRQH6kJ/AF3Z9Xd +eBaxyuMQ249jqTYwjCehfumTbhP5VhO3QOxs31G/ABEBAAGJAjYEGAEIACAWIQRb +WxuhDYWsfFx2448u6CqNlHCYPgUCZC7pcgIbDAAKCRAu6CqNlHCYPhz3EACx3Hqf +KUMeqUTVOiDyHguBr1FrhMtU5m/nkjdbLWlBHOGHkM4RNDNQTPyQb/C8vcuHYv5l +DPFrzOawdjTyFCuo6f0TMIx38Bbjxo9C8XTnvKbUpyTEQ3dJm67ppF4n6cui+0IC +UefzPkkCbdIPzt2pYopMDB4Hv4Yv6hqeq987Iz1erh7dQe1TDTxIv9PXLYZT60Ro +K0+g+caU9LwVjYiLoeCM1Zhndy6fDV5mu3ctEzcqr/YVH9kDZAuF0O1SX9y42neJ +7hictnE0KrRymVL5d9pp2WKtPny+itSax/a///Q43m1gA9KFuKHtOuGUpYzf76FS +Ld0cC4xjDpPcVTGc8To4+CjNTIrjzbBYa3JU/3J2kwyEw/k1EucRb/RFPbklUSph +Kmd2ewcDLUvcasTwoR/0uplA8gAuV1x7wPBgAW7kmpjiQevl1KLj08HA/jTdfrdx +Yd1GGiNjBmHGu9C8YZ/7fJU50dhv4jWF4dw8OyXtAI4wk5aoJHsJ5iGIMVOVzNLe +mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe +SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv +eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA== +=ul9f +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k +cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW +qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR +vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa +bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz +mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB +a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3 +okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl +EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93 +KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+ +iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm +j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu +NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev +BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK +waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1 +CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC +1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5 +AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi +IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H +MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW +4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C +aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS +h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i +SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU +PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu +tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb +pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA +AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV +sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7 +G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk +334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf +07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj ++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK +qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL +5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8 +BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF +z+gZLcBuv/NdNg== +=B8gH +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python-Django.spec b/python-Django.spec new file mode 100644 index 0000000..459f635 --- /dev/null +++ b/python-Django.spec @@ -0,0 +1,150 @@ +# +# spec file for package python-Django +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# Selenium and memcached are not operational +%bcond_with selenium +%bcond_with memcached +%{?sle15_python_module_pythons} +Name: python-Django +Version: 5.2.4 +Release: 0 +Summary: A high-level Python Web framework +License: BSD-3-Clause +URL: https://www.djangoproject.com +Source: https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz +Source1: https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt +Source2: %{name}.keyring +Source99: python-Django-rpmlintrc +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. +Patch0: test_strip_tags.patch +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25. +Patch1: support-msgfmt-0.25.patch +BuildRequires: %{python_module Jinja2 >= 2.9.2} +BuildRequires: %{python_module Pillow >= 6.2.0} +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module argon2-cffi >= 19.1.0} +BuildRequires: %{python_module asgiref >= 3.7.0} +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module bcrypt} +BuildRequires: %{python_module docutils} +BuildRequires: %{python_module geoip2} +BuildRequires: %{python_module numpy} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytz} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module sqlparse >= 0.3.1} +BuildRequires: %{python_module tblib >= 1.5.0} +BuildRequires: %{python_module wheel} +BuildRequires: %{pythons} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: python +Requires: python-asgiref >= 3.7.0 +Requires: python-sqlparse >= 0.3.1 +Requires: python-tzdata +Requires(post): update-alternatives +Requires(postun): update-alternatives +Recommends: python-Jinja2 >= 2.9.2 +Recommends: python-Pillow >= 6.2.0 +Recommends: python-PyYAML +Recommends: python-argon2-cffi >= 19.1.0 +Recommends: python-bcrypt +Recommends: python-geoip2 +Recommends: python-pylibmc +Recommends: python-pymemcache +Provides: python-django = %{version} +Obsoletes: python-django < %{version} +Provides: python-South = %{version} +Obsoletes: python-South < %{version} +BuildArch: noarch +%if %{with memcached} +BuildRequires: %{python_module pylibmc} +BuildRequires: %{python_module pymemcache} +%endif +%if %{with selenium} +# python-selenium is supported only on the Intel architecture. +# Additionally chromedriver is only available on x86_64. +%ifarch %{ix86} x86_64 +BuildRequires: %{python_module selenium} +BuildRequires: chromedriver +BuildRequires: xvfb-run +%endif +%endif +%python_subpackages + +%description +Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. + +%prep +# The publisher doesn't sign the source tarball, but a signatures file +# containing multiple hashes. +gpg --import %{SOURCE2} +gpg --verify %{SOURCE1} +# +# Verify hashes in that file against source tarball. +echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-32` %{SOURCE0}" | md5sum -c +echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-40` %{SOURCE0}" | sha1sum -c +echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-64` %{SOURCE0}" | sha256sum -c + +%autosetup -p1 -n django-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install + +%python_clone -a %{buildroot}%{_bindir}/django-admin + +%{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%%{_datadir}/bash-completion/completions/django_bash_completion-%{$python_bin_suffix}.sh +# Fix wrong-script-interpreter +sed -i "s|^#!%{_bindir}/env python$|#!%{_bindir}/$python|" \ + %{buildroot}%{$python_sitelib}/django/conf/project_template/manage.py-tpl +} +%python_compileall +%{python_expand # +%fdupes %{buildroot}%{$python_sitelib}/django/ +%fdupes %{buildroot}%{$python_sitelib}/Django-%{version}-py*.egg-info/ +} + +%check +export LANG=en_US.UTF8 +export PYTHONDONTWRITEBYTECODE=1 +%if %{with selenium} +export PATH=%{_libdir}/chromium:$PATH +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} xvfb-run $python tests/runtests.py -v 2 --selenium=chrome +%else +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2 +%endif + +%post +%{python_install_alternative django-admin} + +%postun +%{python_uninstall_alternative django-admin} + +%files %{python_files} +%doc AUTHORS README.rst +%license LICENSE +%python_alternative %{_bindir}/django-admin +%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh +%{python_sitelib}/django +%{python_sitelib}/[Dd]jango-%{version}*-info + +%changelog diff --git a/sanitize_address.patch b/sanitize_address.patch new file mode 100644 index 0000000..f9a5916 --- /dev/null +++ b/sanitize_address.patch @@ -0,0 +1,40 @@ +From da2f8e8257d1bea4215381684ca4abfcee333c43 Mon Sep 17 00:00:00 2001 +From: Mariusz Felisiak +Date: Mon, 17 Jul 2023 11:03:36 +0200 +Subject: [PATCH] Refs #34118 -- Improved sanitize_address() error message for + tuple with empty strings. + +--- + django/core/mail/message.py | 2 ++ + tests/mail/tests.py | 3 ++- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/django/core/mail/message.py b/django/core/mail/message.py +index f3fe6186c7f5..4f8c93e9e55e 100644 +--- a/django/core/mail/message.py ++++ b/django/core/mail/message.py +@@ -97,6 +97,8 @@ def sanitize_address(addr, encoding): + domain = token.domain or "" + else: + nm, address = addr ++ if "@" not in address: ++ raise ValueError(f'Invalid address "{address}"') + localpart, domain = address.rsplit("@", 1) + + address_parts = nm + localpart + domain +diff --git a/tests/mail/tests.py b/tests/mail/tests.py +index 54a136c1a98b..848ee32e9f80 100644 +--- a/tests/mail/tests.py ++++ b/tests/mail/tests.py +@@ -1084,9 +1084,10 @@ def test_sanitize_address_invalid(self): + "@", + "to@", + "@example.com", ++ ("", ""), + ): + with self.subTest(email_address=email_address): +- with self.assertRaises(ValueError): ++ with self.assertRaisesMessage(ValueError, "Invalid address"): + sanitize_address(email_address, encoding="utf-8") + + def test_sanitize_address_header_injection(self): diff --git a/support-msgfmt-0.25.patch b/support-msgfmt-0.25.patch new file mode 100644 index 0000000..535692a --- /dev/null +++ b/support-msgfmt-0.25.patch @@ -0,0 +1,69 @@ +From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001 +From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com> +Date: Fri, 6 Jun 2025 04:58:29 +0800 +Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii + compatible with msgfmt 0.25. + +--- + tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py +index 4b0bb9f6bb1..3a57dbf0765 100644 +--- a/tests/i18n/test_compilation.py ++++ b/tests/i18n/test_compilation.py +@@ -1,5 +1,6 @@ + import gettext as gettext_module + import os ++import re + import stat + import unittest + from io import StringIO +@@ -8,10 +9,12 @@ + from unittest import mock + + from django.core.management import CommandError, call_command, execute_from_command_line +-from django.core.management.utils import find_command ++from django.core.management.utils import find_command, popen_wrapper + from django.test import SimpleTestCase, override_settings + from django.test.utils import captured_stderr, captured_stdout + from django.utils import translation ++from django.utils.encoding import DEFAULT_LOCALE_ENCODING ++from django.utils.functional import cached_property + from django.utils.translation import gettext + + from .utils import RunInTmpDirMixin, copytree +@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self): + + + class CompilationErrorHandling(MessageCompilationTests): ++ @cached_property ++ def msgfmt_version(self): ++ # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt ++ # version should align to gettext. ++ out, err, status = popen_wrapper( ++ ["msgfmt", "--version"], ++ stdout_encoding=DEFAULT_LOCALE_ENCODING, ++ ) ++ m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out) ++ return tuple(int(d) for d in m.groups() if d is not None) ++ + def test_error_reported_by_msgfmt(self): + # po file contains wrong po formatting. + with self.assertRaises(CommandError): +@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self): + call_command( + "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr + ) +- self.assertIn("' cannot start a field name", stderr.getvalue()) ++ if self.msgfmt_version < (0, 25): ++ error_msg = "' cannot start a field name" ++ else: ++ error_msg = ( ++ "a field name starts with a character that is not alphanumerical " ++ "or underscore" ++ ) ++ self.assertIn(error_msg, stderr.getvalue()) + + + class ProjectAndAppTests(MessageCompilationTests): diff --git a/test_strip_tags.patch b/test_strip_tags.patch new file mode 100644 index 0000000..2f1363f --- /dev/null +++ b/test_strip_tags.patch @@ -0,0 +1,46 @@ +From 578ef30376fd279865d1719fcad064a00c625a6b Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Mon, 14 Jul 2025 14:45:03 -0300 +Subject: [PATCH] Fixed #36499 -- Adjusted + utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's + HTMLParser new behavior. + +--- + tests/test_utils/tests.py | 4 ++-- + tests/utils_tests/test_html.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/tests/test_utils/tests.py b/tests/test_utils/tests.py +index 494a0ea8d384..0de19eae9072 100644 +--- a/tests/test_utils/tests.py ++++ b/tests/test_utils/tests.py +@@ -959,10 +959,10 @@ def test_parsing_errors(self): + self.assertHTMLEqual("", "

      ") + error_msg = ( + "First argument is not valid HTML:\n" +- "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" ++ "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))" + ) + with self.assertRaisesMessage(AssertionError, error_msg): +- self.assertHTMLEqual("< div>", "

      ") ++ self.assertHTMLEqual("", "
      ") + with self.assertRaises(HTMLParseError): + parse_html("

      ") + +diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py +index 4ce552e79a0d..205eaeca1668 100644 +--- a/tests/utils_tests/test_html.py ++++ b/tests/utils_tests/test_html.py +@@ -142,10 +142,10 @@ def test_strip_tags(self): + ("&gotcha&#;<>", "&gotcha&#;<>"), + ("ript>test</script>", "ript>test"), + ("&h", "alert()h"), +- (">"), + ("X<<<
      br>br>br>X", "XX"), + ("<" * 50 + "a>" * 50, ""), +- (">" + "" + "" + ""), + (" Date: Tue, 12 Aug 2025 15:39:39 +0000 Subject: [PATCH 3/6] - Update to 5.2.5 * Fixed a regression in Django 5.2.1 that prevented the usage of UNNEST PostgreSQL strategy of QuerySet.bulk_create() with foreign keys * Fixed a crash in Django 5.2 when filtering against a composite primary key using a tuple containing expressions * Fixed a crash in Django 5.2 when validating a model that uses GeneratedField or constraints composed of Q and Case lookups * Added compatibility for docutils 0.22 * Fixed a crash in Django 5.2 when using a ManyToManyField on a model with a composite primary key, by extending the fields.E347 system check - Convert to libalternatives on SLE-16-based and newer systems OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=212 --- .gitattributes | 23 + .gitignore | 1 + Django-4.2.13.checksum.txt | 67 + Django-4.2.13.tar.gz | 3 + Django-5.0.7.checksum.txt | 67 + Django-5.0.7.tar.gz | 3 + Django-5.1.1.checksum.txt | 67 + Django-5.1.1.tar.gz | 3 + Django-5.1.2.checksum.txt | 67 + Django-5.1.2.tar.gz | 3 + Django-5.1.4.checksum.txt | 65 + Django-5.1.4.tar.gz | 3 + Django-5.1.5.checksum.txt | 67 + Django-5.1.5.tar.gz | 3 + Django-5.1.6.checksum.txt | 67 + Django-5.1.6.tar.gz | 3 + Django-5.1.checksum.txt | 67 + Django-5.1.tar.gz | 3 + Django-5.2.1.checksum.txt | 68 + Django-5.2.2.checksum.txt | 68 + Django-5.2.4.checksum.txt | 68 + Django-5.2.5.checksum.txt | 66 + Django-5.2.checksum.txt | 66 + Django-5.2.tar.gz | 3 + dirty-hack-remove-assert.patch | 25 + django-5.2.1.tar.gz | 3 + django-5.2.2.tar.gz | 3 + django-5.2.4.tar.gz | 3 + django-5.2.5.tar.gz | 3 + python-Django-rpmlintrc | 5 + python-Django.changes | 3048 ++++++++++++++++++++++++++++++++ python-Django.keyring | 132 ++ python-Django.spec | 163 ++ sanitize_address.patch | 40 + support-msgfmt-0.25.patch | 69 + test_strip_tags.patch | 46 + 36 files changed, 4461 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Django-4.2.13.checksum.txt create mode 100644 Django-4.2.13.tar.gz create mode 100644 Django-5.0.7.checksum.txt create mode 100644 Django-5.0.7.tar.gz create mode 100644 Django-5.1.1.checksum.txt create mode 100644 Django-5.1.1.tar.gz create mode 100644 Django-5.1.2.checksum.txt create mode 100644 Django-5.1.2.tar.gz create mode 100644 Django-5.1.4.checksum.txt create mode 100644 Django-5.1.4.tar.gz create mode 100644 Django-5.1.5.checksum.txt create mode 100644 Django-5.1.5.tar.gz create mode 100644 Django-5.1.6.checksum.txt create mode 100644 Django-5.1.6.tar.gz create mode 100644 Django-5.1.checksum.txt create mode 100644 Django-5.1.tar.gz create mode 100644 Django-5.2.1.checksum.txt create mode 100644 Django-5.2.2.checksum.txt create mode 100644 Django-5.2.4.checksum.txt create mode 100644 Django-5.2.5.checksum.txt create mode 100644 Django-5.2.checksum.txt create mode 100644 Django-5.2.tar.gz create mode 100644 dirty-hack-remove-assert.patch create mode 100644 django-5.2.1.tar.gz create mode 100644 django-5.2.2.tar.gz create mode 100644 django-5.2.4.tar.gz create mode 100644 django-5.2.5.tar.gz create mode 100644 python-Django-rpmlintrc create mode 100644 python-Django.changes create mode 100644 python-Django.keyring create mode 100644 python-Django.spec create mode 100644 sanitize_address.patch create mode 100644 support-msgfmt-0.25.patch create mode 100644 test_strip_tags.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Django-4.2.13.checksum.txt b/Django-4.2.13.checksum.txt new file mode 100644 index 0000000..abd0174 --- /dev/null +++ b/Django-4.2.13.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 4.2.13, released May 7, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-4.2.13.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/4.2/Django-4.2.13-py3-none-any.whl +https://www.djangoproject.com/m/releases/4.2/Django-4.2.13.tar.gz + +MD5 checksums +============= + +449eeffe35a7a748bf9acc4169ea7492 Django-4.2.13-py3-none-any.whl +a243a2c1e7c0752947d16d4ffae30376 Django-4.2.13.tar.gz + +SHA1 checksums +============== + +75a19218f248f0010685b471d1be86cad7602872 Django-4.2.13-py3-none-any.whl +56373bedaef33ee29b2d240b6b06ebe2e1e2fc58 Django-4.2.13.tar.gz + +SHA256 checksums +================ + +a17fcba2aad3fc7d46fdb23215095dbbd64e6174bf4589171e732b18b07e426a Django-4.2.13-py3-none-any.whl +837e3cf1f6c31347a1396a3f6b65688f2b4bb4a11c580dcb628b5afe527b68a5 Django-4.2.13.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmY6YWsoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPtEKD/9S +rZ+yadh7sQGszWtJEIZZS/YBQRcNyM+26aUkpk+3XT1SUDUs0whtX6U/P3tP+h+P +0vIk0wxTc3RhRCp8WETYulekRhPFc5HJFwlD/vh9AkEyDKW8QFuV+IBswvlfG/wK +D+QcuERl31Y1qcrCeFCM+XIRxGR9lQ0DuoCa1FuPl0bvAlNDOfNSmp4OzcPzGm4a +wE9wtsHqKkL8BAc836JIXHj5wdQK+HOkOv30ZcUU+nD3Lp5N44ESzzSe7IOutN02 +PBAixmwMf6EqjHC7JN49EwiPbEDTmg5HNj7LBM1Teqp5Hms11xGMfzxsh3AbEtoT +xeqZjrrcwoVf+wASVCKCv33Gfka45Z5X5f5G2O8//yJdLogwr6994rJ1MB7k18Yd +ObOl17pUctdrNKWuESJXz3l2c1DPbFQNKHiqI66fFm4L/fLMubMzkDlWzWH1jqSo +8tbSH9ATjEp/aLYKuGgr1gdazl4YbpiTkEjzFXYGmyjF7hPLT7xH2rrGCT4J7Bjc +TGnZGXdl4yaGcC8Q0Ma5ybMv3GgEsaa1wRnbNv5nQyNXIWrt9rcMfBDwcaSkq6NR +d7WpYUy5JT0IbR1SAazMY+NjUy+vzq26KkcUcbkoOng3guba0uPuoSphWM607MzK +UVab1KcJwNOC7/Di4Ul9vlh7dLMVg5yG+o7kFEJU/A== +=o/kY +-----END PGP SIGNATURE----- diff --git a/Django-4.2.13.tar.gz b/Django-4.2.13.tar.gz new file mode 100644 index 0000000..dde4fc1 --- /dev/null +++ b/Django-4.2.13.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:837e3cf1f6c31347a1396a3f6b65688f2b4bb4a11c580dcb628b5afe527b68a5 +size 10430886 diff --git a/Django-5.0.7.checksum.txt b/Django-5.0.7.checksum.txt new file mode 100644 index 0000000..c96a8ee --- /dev/null +++ b/Django-5.0.7.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.0.7, released July 9, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.0.7.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.0/Django-5.0.7.tar.gz +https://www.djangoproject.com/m/releases/5.0/Django-5.0.7-py3-none-any.whl + +MD5 checksums +============= + +454d23ea901892fd544541f4a1a33a3e Django-5.0.7.tar.gz +c687175397b8d6d98b8e0e35e6f142fb Django-5.0.7-py3-none-any.whl + +SHA1 checksums +============== + +ed070e21b5bf0b188104338a3b8a495b9d59593d Django-5.0.7.tar.gz +4aecb9aeab348f003c32952906eef7556a5be54b Django-5.0.7-py3-none-any.whl + +SHA256 checksums +================ + +bd4505cae0b9bd642313e8fb71810893df5dc2ffcacaa67a33af2d5cd61888f2 Django-5.0.7.tar.gz +f216510ace3de5de01329463a315a629f33480e893a9024fc93d8c32c22913da Django-5.0.7-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmaNPRgoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPgnUD/47 +sPedXK17iCelw70BRY7EqWxwVwSbTxKcnw14y2qejS923MlnEEraeOll2HbCqOmL ++O3coVJsTc9GAMrQLyip8sHCwb4SSCWmwRqQZbTdNRrZOWfCPRLsbVccEabdwTNC +7YDyDc+3FQhHIszNI0zkJ1H3G7280euwIrMIhnCbwH1PC/hqAwdlhf1+nc4BiIMg +dz/Bg65abruY/6LM0btMP72avHrM0BRiRs5kOYn7+xgh1cqnI64RHROgrymK7JkT +LxoZDhWvDv68IvyNWEuLU4yDXnv/3ZglhwUA8q+leMqtURwBWs8UMnLhHhR52kie +okrK6eBkYeHls3vMGOTKxe7nJHhfEjl6V9XJShIdU1ir+/iCeaRMzYjpr4H5591H +TMs8Hgm27Wt7U/OT5EsF+vIpLaAR9AnZfNfB1eYU34BUAloZSQCxz+Y65LCN5wKk +jfaG7phOiO33NJMUxhfemjwJIJymw7uZnuRQJ8KUMbr9Q/iCVWsMG+QXhJs96KRO +y1SYVgPgU5Jll9VN/H2WJCj9I1YOVZPDVAbMcB+hKklw6ZhZx2fxgxLO/3/REQJs +iBJ1ETPdCHct5HJyAoBD++NCeioUKd5pXxqMvtuNH7winRC9NMGw4XX1CbpBBB+1 +y1mkGxw+QvBh4rivA6TSQQwTDQXAnoT7ida+Ye2FVw== +=GcbG +-----END PGP SIGNATURE----- diff --git a/Django-5.0.7.tar.gz b/Django-5.0.7.tar.gz new file mode 100644 index 0000000..35d8d66 --- /dev/null +++ b/Django-5.0.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bd4505cae0b9bd642313e8fb71810893df5dc2ffcacaa67a33af2d5cd61888f2 +size 10642686 diff --git a/Django-5.1.1.checksum.txt b/Django-5.1.1.checksum.txt new file mode 100644 index 0000000..5bd377b --- /dev/null +++ b/Django-5.1.1.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.1, released September 3, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.1.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.1-py3-none-any.whl + +MD5 checksums +============= + +8024c23d7efe9e7acb04496ae22739c7 Django-5.1.1.tar.gz +7782d604d5b7cbb56e6b7da90595b6fa Django-5.1.1-py3-none-any.whl + +SHA1 checksums +============== + +8dedfc247c7bf010c93c5e5e30bca2012704a7ce Django-5.1.1.tar.gz +a038998584b227243ae6c1d29b3e7c2a166db918 Django-5.1.1-py3-none-any.whl + +SHA256 checksums +================ + +021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 Django-5.1.1.tar.gz +71603f27dac22a6533fb38d83072eea9ddb4017fead6f67f2562a40402d61c3f Django-5.1.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmbXARwoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmSPEACs +vwz2HvzWF+YpeXx1jLQJ6/JdQjmRPT/6pp+r0GW6KG6UqmawMsvRSX/k4zdvceYx +c7SVAIJwWNwZsPHbrjetGAI1NbAoWYxl8soCTIMR9A0mSlZebBSHb0+oUMQcwiZ5 +E4OMBv7QYYo8QVGs1KH1dMx4Unn+5VlAlaxo9BOa94PtCzUWxsIuji+yv1uKDVVa +BQivwy0ZuzBPMkHHaTAb5byWtsbLFhHeXkWirEzivecIVxvd88mO1GXh5zY3wjRW +UKLHQCNT6e3s7UB/ZS7IsQp7bPCmFfLsVp8+8pbABXqYHn6rM4/VCLhN06s/xVID +DSPkqNQz39gRbn5UNVSTLVNv/yoQ6crIHw9AiRECrJ3UaRzeDcQStnmxJx92duDr +bDLnmTI0Sx7+hqQjNOrGCFg6vO8ZVosxOgM/FgbXDKyA+FqtfbdR+/tW9KKtunPy +AHs87A6VqYMRzyTvRChzVpKKYrdMckjRUuyrogQJEuE5VJ0o5579FxBy9OekA3km +FTscEn8GiC4EZTR48IWSsNOCYn7VjihHvZGo4eO0uZRYFChTKc6Sah7p+i41XV1W +FLhOqCqF/4Kl6u3dWkWPAnm8mmWDsARpGbAoxCkd8AJtlR0nScdYuwOshlpixIVa +XgUJwJ3rzCSTd35tq+sF7y3WT3bPyUl/DwkuJVHhFA== +=i1OF +-----END PGP SIGNATURE----- diff --git a/Django-5.1.1.tar.gz b/Django-5.1.1.tar.gz new file mode 100644 index 0000000..ae180ad --- /dev/null +++ b/Django-5.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 +size 10675933 diff --git a/Django-5.1.2.checksum.txt b/Django-5.1.2.checksum.txt new file mode 100644 index 0000000..f089c52 --- /dev/null +++ b/Django-5.1.2.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.2, released October 8, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.2.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.2-py3-none-any.whl + +MD5 checksums +============= + +bdd601132b94080200e71137a20d0d6a Django-5.1.2.tar.gz +39bf6f252e055aa54b48c9ae96a57bf8 Django-5.1.2-py3-none-any.whl + +SHA1 checksums +============== + +d974a07780b80a79203631e6f4ce9bfd8d1fd119 Django-5.1.2.tar.gz +0bb112f3f251c81f0d6aef367cf73c5b03de5334 Django-5.1.2-py3-none-any.whl + +SHA256 checksums +================ + +bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0 Django-5.1.2.tar.gz +f11aa87ad8d5617171e3f77e1d5d16f004b79a2cf5d2e1d2b97a6a1f8e9ba5ed Django-5.1.2-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmcFRjcoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPklRD/9N +Sx+4arBpIcKm9w4ou7Y0dxBUW7HJBAc9o5rAIGjgCIjmM99nEclUznZqTbjtO3JS +MjkZxSO/Q9r1Ty3aWAWjfvjICIxps2vcSIxJbETiYWfyGDp/z8uMTGKTut5fn7ZN +8yCDMZBeQMsYbU0z/H5R7iSD3gr9w2UmQR3LjtV6NLdyMIvwystFGcFCo7a934nX +b8UmIyyMj+787pxciTWeFRTOJY5pSWfYPqtrI3KzTO4MLDhQzIH9anIY8G4BA9kN +0oL13ezUTWEARmeje11vLDui5SJEJ9EIUaic8MLMqMN3hPNmrClL1x3ggOMj+iP9 +XyAF7jGOaxhEy10LR4GlgJXifuqHgM3Q1CwT4+FH7nJ6ifHQTLOpZsIhTR1OHnsS +s7L1yv8L4eW+D8ZjCfJvQ+46sV4vwsR9iw5IxWfhjeB2RT6ujODJ3uPjWzm3S3ZH +mUJJ22M4qQEA1gA13VCxc1j4XC20mKvZ6yHl66QE2CiL7GhmEUp0iwaoealneUGg +88JXXJjPmdmS+AxQE5NquDmUnxlQnB7pDrQpadsbs4JLxh7Q6vAcC0vX7VMJ8qcT +gLxgtx2LeVieu8Lk0iTEmcBwa0u7nNTwRxXeUwQK0+mqPxPVaiTw8RZLSsfFY0ZM +ngxOEOrna3c+KTtbef+dBexdX5ooIUL7r9cCVQr3+A== +=YZlq +-----END PGP SIGNATURE----- diff --git a/Django-5.1.2.tar.gz b/Django-5.1.2.tar.gz new file mode 100644 index 0000000..e6cbe3b --- /dev/null +++ b/Django-5.1.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0 +size 10711674 diff --git a/Django-5.1.4.checksum.txt b/Django-5.1.4.checksum.txt new file mode 100644 index 0000000..09ae0b5 --- /dev/null +++ b/Django-5.1.4.checksum.txt @@ -0,0 +1,65 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.4, released December 4, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.4.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.4-py3-none-any.whl +https://www.djangoproject.com/m/releases/5.1/Django-5.1.4.tar.gz + +MD5 checksums +============= + +3ab67eb0e297ab798f572d38159a4301 Django-5.1.4-py3-none-any.whl +03ec3e0f2d6cbcb9eb11c629ca1c538b Django-5.1.4.tar.gz + +SHA1 checksums +============== + +0e61a94ba38a41b967ebbaaddde2b1e0edf1c583 Django-5.1.4-py3-none-any.whl +6e47f95d8b22cfd314c8b2676b2f854016f498b5 Django-5.1.4.tar.gz + +SHA256 checksums +================ + +236e023f021f5ce7dee5779de7b286565fdea5f4ab86bae5338e3f7b69896cf0 Django-5.1.4-py3-none-any.whl +de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a Django-5.1.4.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmdQV2ktHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +lJAL/3EBWgN3FlChHJ4zGNbYh8ZDhOlfujm6JSSyibTV5xStVdOY4Q+/enbZ+NTh +nHXOmbmM6own9x4+0Es/KLsw4CBB1gYCoMJ3CwOVqj845cxQY6BrWy2cFQyDcuZ5 +Ae5UBDQxPxLDWUZyLfAHeArR1+I2elFO2L778HFduzrqWm+Ht+WFRiSnEtBZbkql +4fNSWCTxs1EIMdZNzt4m8SclrRRwJMZ87Zgn8RTmG8X5DAJMUzMnTN3+w6VohsX9 +/ThSSFQEMckGbFh+eOzj1MiIKHzgULoGLOLsOCDATvfz+4iUDM8BqS5KJpOHKbMZ +XYWHOefWdEfB3vGKigiYAKcykbT97BX6/UitVqrB+WhQpdmJZ1u1Kzc6zYr4ZH1b +s3v31rgK+wp9PTx3A9CKjgFpap/NYTkbksIJD/rhR/JblqCrOPV3hvd6D+GwJc+G +DPSj1WvTvda5Vl7MqdcHuKPnp9sM1IvW/DIXalvhWN0v75yr2YkBluEhbdg6fMEu +OxXc+Q== +=/WMm +-----END PGP SIGNATURE----- diff --git a/Django-5.1.4.tar.gz b/Django-5.1.4.tar.gz new file mode 100644 index 0000000..e0c461f --- /dev/null +++ b/Django-5.1.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a +size 10716397 diff --git a/Django-5.1.5.checksum.txt b/Django-5.1.5.checksum.txt new file mode 100644 index 0000000..1f2386d --- /dev/null +++ b/Django-5.1.5.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.5, released January 14, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.5.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.5.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.5-py3-none-any.whl + +MD5 checksums +============= + +272e951dbc4ccb7854c5a69aa5650749 Django-5.1.5.tar.gz +7effbd0a8ec3bf8c9d5f0c857138a07a Django-5.1.5-py3-none-any.whl + +SHA1 checksums +============== + +b41593f64adf86667e6a36c97aebe7ec832fc474 Django-5.1.5.tar.gz +df1802610c7e6be090140650cd4e6e656cc5364a Django-5.1.5-py3-none-any.whl + +SHA256 checksums +================ + +19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 Django-5.1.5.tar.gz +c46eb936111fffe6ec4bc9930035524a8be98ec2f74d8a0ff351226a3e52f459 Django-5.1.5-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmeGUCgoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPkTrEACU +0rwddvqE/tg0JcZxTUh4kQOY5H70jlo0nwmBZkyjS9441STQEPohY0KTk3i2BgAO +z2KcGPfBmzLJU5khx0orJK/BS4J9tpw3eIZ7yg32R1ZrbGEUkxO2dFDcTq0eS7wt +7x8K8FXWWzXT3BPKKio1aah4lFoCzzNf/x3dlOrqp3cRVU4QYPB7Ap0xW0wa4XaG +H9Nas+LR9eBUKEqKQHyKT5jA8ny0ytpYzL1ItQQSUhsgOPQu726xBseGYOogUTY0 +T625X/tQcUIGn9HmqTbszn6o9QjqL/BWHTeg+8zwhZK8O0o03sQdGWf2meGxR75d +/tlM9uYTo0LBnKW5nZi+0jYuF8vnIHb47pYRMAeSudbtX0sc8Uxtf4Jn4tnU58NQ +JeGDAR6zyDvYlrWo2y2g7CN/z277VS7Aw2lxDhNUaVqW4JxVqkktg6ODmtnp8lbl +1UACgw/gFHgSJ6DbmvyiPaewh6jkKnPDukvNb/MZ3uYIG5ndgLwZ5bt/3AEV7JYs +jqgEgZdH3sN9A7ZFfDx3C1H0K87aMMvVK2rBg6FQt1B59U3OrGwh2kO1sB+LIXrw +bzxSnSR4PThgISnJbNptFInMgDNOVuKnD7cDvSiH5sl+xmLS0GiMHVH1wNhNotVF +stWL1lY20xHeiRgTutpTsDjF4dX24x7d89av8I3jlA== +=L8Sc +-----END PGP SIGNATURE----- diff --git a/Django-5.1.5.tar.gz b/Django-5.1.5.tar.gz new file mode 100644 index 0000000..ed1f465 --- /dev/null +++ b/Django-5.1.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:19bbca786df50b9eca23cee79d495facf55c8f5c54c529d9bf1fe7b5ea086af3 +size 10700031 diff --git a/Django-5.1.6.checksum.txt b/Django-5.1.6.checksum.txt new file mode 100644 index 0000000..37ec9d3 --- /dev/null +++ b/Django-5.1.6.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1.6, released February 5, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.6.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.6.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1.6-py3-none-any.whl + +MD5 checksums +============= + +39585ffad0b04e7d5d7726a6b4e45d41 Django-5.1.6.tar.gz +27ad2093eaef2c1aeb76cb8025cbbbf5 Django-5.1.6-py3-none-any.whl + +SHA1 checksums +============== + +c96db1b845d9f3a0982c6297f5cd78c43b3280d2 Django-5.1.6.tar.gz +70a0ffed34bb16e4373f95e91018bde4d0ef1b2f Django-5.1.6-py3-none-any.whl + +SHA256 checksums +================ + +1e39eafdd1b185e761d9fab7a9f0b9fa00af1b37b25ad980a8aa0dac13535690 Django-5.1.6.tar.gz +8d203400bc2952fbfb287c2bbda630297d654920c72a73cc82a9ad7926feaad5 Django-5.1.6-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmejcjsoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPuO7D/9i +NqPgKoFDRpo47uqA7791xrWGspAlk1AXtaqdoGDWK0fyb6tetELAB05gICoAZk1q +3BN5qTU22dftpn6k26Vt3b16myrBUb3samncQ1z4DHWctnFUrTSs0ztkqc55w/SE +E2klPzON/D/4PBTfOPAq+1rXk9r/EVMmv6s9pOrgvr+Xjo+OiWshoBXVPxmTRws5 +Sv3Ll1a/ifMg22bN5bgMBuY03UdFbXA4a52DvEmA3DC56EaRZsqzFbzlvldYYUgi +7Fy3u8fl1Gpl1XYTggnIcOogltAUeRomj5i5xo+Ge5Em8pI/F5EtuHH7zWL+2VDK +NyjYSSB9hY5dzJmGSTdv6yf+JtMNgG5n2fd2786Qcb5/NhtVjEMQPWMKiLZaCIZ6 +5Y33gEmMCKXekaOk60PwwMZaqEQMirNcnSNEzOX2yjP/VIPixcQKm9iDhVg91t8G +UZVhsDV+1KrHseV+byMeXmHPHBx4WOi0+X5deU71aZn4NZSUmIyfMIDpag/B9Wis +OJZ7BNaUJXNl1JS9A2gxt8Kt3S6xZUdPbFXYXvpniuKOSBFl397oaqOtGPoP63Fw +QSnyExHibH57k7tq43hw04hLLMBEghhHA7TvYZrtoF10E/xEKJIflOAoicejYFmm +0UNCpq6lznK36fLJaA6cnuBYqJftKOSmVbMHOeQ7vw== +=mt6z +-----END PGP SIGNATURE----- diff --git a/Django-5.1.6.tar.gz b/Django-5.1.6.tar.gz new file mode 100644 index 0000000..ba05271 --- /dev/null +++ b/Django-5.1.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1e39eafdd1b185e761d9fab7a9f0b9fa00af1b37b25ad980a8aa0dac13535690 +size 10700620 diff --git a/Django-5.1.checksum.txt b/Django-5.1.checksum.txt new file mode 100644 index 0000000..8d29bff --- /dev/null +++ b/Django-5.1.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.1, released August 7, 2024. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/m/releases/5.1/Django-5.1.tar.gz +https://www.djangoproject.com/m/releases/5.1/Django-5.1-py3-none-any.whl + +MD5 checksums +============= + +77f44885427c09458e1abd0b48e09517 Django-5.1.tar.gz +e8a8edeeb894fcba4830653e450ef8ea Django-5.1-py3-none-any.whl + +SHA1 checksums +============== + +34e73c5ea536989ce8b59d4dcbcad81f8df042b0 Django-5.1.tar.gz +c1c96089c6a5d90439ae6849f8ab4d11f22cfaec Django-5.1-py3-none-any.whl + +SHA256 checksums +================ + +848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d Django-5.1.tar.gz +d3b811bf5371a26def053d7ee42a9df1267ef7622323fe70a601936725aa4557 Django-5.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmazdjMoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPoWDD/0S +xuoCMIvhc7m8FWAZ8VS0zkzT0e7TZonySEG5Oa1GrEMEZLe7C98HIXXptGDBuJkQ +W8WPbOgoc8iylA6/X3Q74guZMiZ2x/yK1XH3W/TwahMO0ii7bjcBkMJX0hB0zSph +SndMUCmBLuyfPNKUWQrBfGHtegmtm6tyHi5pLBLNgZjebh5Poy+3lrYlIL95sVG9 +5ckvE9B4+5z/muZlJzSf3784mMirWRnHLsOsvFZLuEBESyaS7C4gjUaRFX2JUzKG +0HRw/CUFR5BlsNefYRXZGAdW0rWMk9ucgc6BYbqTfwDfRUyFE+0jxQgNLP+t2hVj +W4Jr0hNyYJ6fLvW+L9owIBdL8dUBGEOoFKQmudnKEKFyfa2uXJcPnHPzTOMX28WT +CvN0kh55v8IqBpMlXZY7/6Cc2E6LTNvDRMygNJbV8Jl9bhQDvl9vII8PhmEv8774 +bJBExGvgTluySZQHUr2/aJXC0ldUiHAyleq8iD4lq3z7jOHN7W4T1TNFPI9+m34D +nTzOJSu7H/sYGp11UoyvW1MyHrocxgn+GE1Lg4MOlFpbwsRXG8vBBP8n00w6srqO +/0wfOtmwHK+Kf2VjW6VtzKIg5LUTpEKZC9FOgAweiZ80BVZRXqB0pSIkHIRTqswJ +ygDLRvq/Cp4D0OxHDM3DVZW/vKNn1zi0WH+9zlCLrA== +=XAjV +-----END PGP SIGNATURE----- diff --git a/Django-5.1.tar.gz b/Django-5.1.tar.gz new file mode 100644 index 0000000..049e68e --- /dev/null +++ b/Django-5.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d +size 10681050 diff --git a/Django-5.2.1.checksum.txt b/Django-5.2.1.checksum.txt new file mode 100644 index 0000000..88bd451 --- /dev/null +++ b/Django-5.2.1.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.2.1, released May 6, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.1.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.1/tarball/ +https://www.djangoproject.com/download/5.2.1/wheel/ + +MD5 checksums +============= + +317174c6e0593c40e58ec1bd428b1091 django-5.2.1.tar.gz +7821a8fa6b4193707af79c9b4bc64236 django-5.2.1-py3-none-any.whl + +SHA1 checksums +============== + +c8c6571401bede943be6b1ca4babe93cf2612e16 django-5.2.1.tar.gz +0c2f04440b66d67223e74146ff94b577c7da2dff django-5.2.1-py3-none-any.whl + +SHA256 checksums +================ + +57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 django-5.2.1.tar.gz +a9b680e84f9a0e71da83e399f1e922e1ab37b2173ced046b541c72e1589a5961 django-5.2.1-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmgatvooHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPo5pEACE +tPY3ZQqbCCvhD17CXkDKU2S/4kJPtQbbvd183nj1MMOwWhNBR5VV15Gvgf9v4sp1 +QaufUfaCUdrbuOsaapU2lf61Q3XKSTZZ6EoBlsmAjfcMbJrV3DzW2dK2L4awGi0/ +bm4tI+94qapSLQAwLK8IJai7Z9kpuptQeeBlNFo52XXuzESL4+ZpvIgqQzbjRU8x +fMM7+1Wf3mS2wt5vG5araxVovYAJvgXYnlHoGbu8DM9tmO0x2iFCkUuGbCcxTAiJ +CwSuZOOPiHdIZWgu6M/WR8jZ8c67YMgamb4kukfP3NnNScqvUi+rPCyGGFpnrMwj +iVHFmKulSI7lBnbjAgkwNNQ1asTiZO/W76MQKgFecUU592RGZKV/oH1rt5vbXeWu +MkBcaVL6GEgV66bXb13a3P/XB1PQKiCSOO28DJyhYj9eIJnQsuOKN43UUZzrmvEB +1cJ2/dHj+wJGWs8D9Bx2Yl5bcTgxFoSjb1gt6Vth0NgQuLb8aRP5/DuoNEIAxDdb +Dv7O2uSE5JFK0P1GxF/N7DIHzSoyUr7vkm5cb1bGBVhxtCa2XPdluojEDKqduxjR +4jZjB8nswRdZY63V6n4pEVQdkbIgFJdyFaWmoylfqGfZ3JiIGz8WyQQ+jw17V2L1 +sjRHd1y1JPOZKyb2g+QGR0H+AQvqedWZ95XJGirNtw== +=b+2b +-----END PGP SIGNATURE----- diff --git a/Django-5.2.2.checksum.txt b/Django-5.2.2.checksum.txt new file mode 100644 index 0000000..2c9ffc7 --- /dev/null +++ b/Django-5.2.2.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.2, released June 4, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.2/tarball/ +https://www.djangoproject.com/download/5.2.2/wheel/ + +MD5 checksums +============= + +782577f532efab32f8119a7071f55d04 django-5.2.2.tar.gz +5d85fa7778bd65981714e562012a5626 django-5.2.2-py3-none-any.whl + +SHA1 checksums +============== + +87dff3ef8d00b15491d5bb64b2404caf66d8ae59 django-5.2.2.tar.gz +7964171a3e17b3e3e8aeb2d2bff763d128836d74 django-5.2.2-py3-none-any.whl + +SHA256 checksums +================ + +85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952 django-5.2.2.tar.gz +997ef2162d04ead6869551b22cde4e06da1f94cf595f4af3f3d3afeae1f3f6fe django-5.2.2-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhAMRIoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmgqD/9b +ON8sroesSKb2lAdjUe2XFKceWBpSjySACsPwLko5gPhfxJ9gn0XEDQccYw6U4KkJ +PbRlrKKNr1zqX3IfRoggg3E6GU/rw9LUqgB2GByuBRjyZe29bF0KWiLWVmjLL6c8 +WszgKZxYu73vBfHcY1StLVSGMHxMlolvWikhpS4taHKOsYLmYxFnPdDeLjC/hYyb +tYjfdaKgDm5czpy9Put+Kzu15KcW0PqHAuPJtcGHo3l7lfRSd/m9X6iNtUXmsN8J +H8kLEzfG91tUuHl7UgFpZpSEGqnRV/dM+s+fKeVJC9t6Jsu8lbQp3omMaBl/SCwV +qicA9Go9cqUoDLz8JSkv0YCOGAyUZyOvjlW8zAkoRQuCcEkDxLh2VsdRRB7Z0E7K +SvDq03XZwXeBUpQAbkoZ+TpS4EoiydY7I7PTq5k+yzMEoid+k7sRclfndeTpAmPf +7Xtq3KDPnIKo+7maECiKVeEfCUIgxXygEz3fbrYTn9LcDcFnGWKA9/DH/9yD4+zR +AS4RI0k0PUWzbq/6+A+3BqQTo75dLxm/BHpyd9NoddYIsuhwlLq3IU+SopR8vG2/ +bydqaovZuiyHS59vGgMuAFJIaeW5/TW8zoLvRVekVG0nCVgcj17pR7zqa6EGKefS +6ydabjbxzeFC3qdYiOIneghfIUnk3HeVQRLd0Vw58w== +=Pk1M +-----END PGP SIGNATURE----- diff --git a/Django-5.2.4.checksum.txt b/Django-5.2.4.checksum.txt new file mode 100644 index 0000000..9c39d41 --- /dev/null +++ b/Django-5.2.4.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.4, released July 2, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.4.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.4/tarball/ +https://www.djangoproject.com/download/5.2.4/wheel/ + +MD5 checksums +============= + +6ecc4875e8cdc08706faea1cc4740fdf django-5.2.4.tar.gz +fee657f7686462d388f274c5f92b634a django-5.2.4-py3-none-any.whl + +SHA1 checksums +============== + +de45d44e1bb2ceb1c08b8fd0846de920874f71a1 django-5.2.4.tar.gz +a6a7904e3749a0e8937a50643293889929b4b6f7 django-5.2.4-py3-none-any.whl + +SHA256 checksums +================ + +a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f django-5.2.4.tar.gz +60c35bd96201b10c6e7a78121bd0da51084733efa303cc19ead021ab179cef5e django-5.2.4-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhlfcIoHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPj5DD/94 +KOuOZ5JHtZWknqi1JeV1akzB/RpY7lhL9SbJbVXhdAxOY9Cn4eUG7NsPWa9JnhX1 +F/2geBE5mjOZen4ARtGHWxa5vqidqUbscrU9AkqPLn6aecEKi2jXXNkYmmWw/37K +wb92BQtuWkaXyiZ4E6Sledx9yFhcqMDFg27CdNYfAqUWofI6zzSmLIzOlOSVR9Sc +uDrfRqQ4GXlRGT5pIkcIxE0ZKToUYrKgn99PZOmBcLfJgQ4VBt62J6SzZAhhElb3 +DUMcVhG2XNIhg7v7DwlVodowDYQdRi2H/ahAa7/m1+uugRbysoGSLLwP+50tDjlj +07zxoJsrL5R9zaMp4pcXQN4bUy3rDz94DkjlXO51f8LwDdStvk4VOYan1W5S9BhP +R0conCFfcg4+iK0pV5e/GeeTwBRHQw8p5RuWfrEpKFi/XQtT0u01hqUGppeuZ9wI +f+Ud9RA8Nrw0ouli4WvfH0RVFuMgUFqScwO88oatuUH5CDPjlV+5usNb7FrmZXv6 +AWRopONOcYGF07+FYh0nsoE8enWyxE+JWTJzxT5PGZ3buUO0hlnJ+auoJv8yOVii +ELCSUyi93glWonCBrS41XrNO6+6K/8V9V6iv9/PdGwF1GszbX5Rx4e2lDMA7crYh +1qKGaV3+iAO+Y+vXt6VTy6h5GLg9hun+RQ8TU3Guyg== +=d9C5 +-----END PGP SIGNATURE----- diff --git a/Django-5.2.5.checksum.txt b/Django-5.2.5.checksum.txt new file mode 100644 index 0000000..256f615 --- /dev/null +++ b/Django-5.2.5.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.5, released August 6, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.5.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.5/tarball/ +https://www.djangoproject.com/download/5.2.5/wheel/ + +MD5 checksums +============= + +c908b7a31965ab3c5b1a74fac793280c django-5.2.5.tar.gz +80e0f2710a21ed60e3399a88cd594b36 django-5.2.5-py3-none-any.whl + +SHA1 checksums +============== + +7706738376f212cf0c86ad26f1c30e50a2d3f084 django-5.2.5.tar.gz +83e329776db523675c24f16977fc6ada9e271c1c django-5.2.5-py3-none-any.whl + +SHA256 checksums +================ + +0745b25681b129a77aae3d4f6549b62d3913d74407831abaa0d9021a03954bae django-5.2.5.tar.gz +2b2ada0ee8a5ff743a40e2b9820d1f8e24c11bac9ae6469cd548f0057ea6ddcd django-5.2.5-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmiTD8ctHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +f18L/1u3tOILfEy8psCrK9mHb+b4XEM26M8sLAJfQWE7V1AZM+iWziGGS0KU3Bsd +Vnn3ecapAv+z5pNlEET7LYaGGzIelY6ZI4uwYmlj24VZiLH5iRaF5WAhndAjJYMO +JMtuXo/1ByVhmSLaHhhQfLf3TEF1aRAWPQGIxLXxbfTvcQBjN1U+cw/rV1BWplpP +maY3AGP9lyZqhUgIhJKQnqtzUVBqwfvmi2kAlYQAkdBWIzanVJfnqL+se4uwYq3u +EXLSfSJDA7xyavltghsSPCbopnYrsSsndhPXn0/NVPa4hieU4y5xnWG83TVRL1xU +FEd2UNq+wxDHJy2gvtbgvAkZ7iyM0UAHT0/4jLjzNJ6mSh14gRo3AJJyKbvcfBIT +hxlM69vvb6D/pWpoHfg2YIaHVaYXUY+ehWaSqBf3DZPw23xalETmJ/5oIwAb05mh +7cvdYl5FMqlzs6viAWbaeOa4MWB7TuRM5T+TfI6xyOddOC8drlgDJaptEUYMRpYd +faCxPw== +=FwYj +-----END PGP SIGNATURE----- diff --git a/Django-5.2.checksum.txt b/Django-5.2.checksum.txt new file mode 100644 index 0000000..e7d38e4 --- /dev/null +++ b/Django-5.2.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 5.2, released April 2, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2/tarball/ +https://www.djangoproject.com/download/5.2/wheel/ + +MD5 checksums +============= + +2365e2eb1228298df5bc63bbde049eb2 Django-5.2.tar.gz +1279aff7c80b1bdc921e28703e0f93b4 Django-5.2-py3-none-any.whl + +SHA1 checksums +============== + +691d9be1935e40b102fa599a2d54c1dc0289e707 Django-5.2.tar.gz +bfc1f7d9276c137d477389e71fbb4e849101af75 Django-5.2-py3-none-any.whl + +SHA256 checksums +================ + +1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89 Django-5.2.tar.gz +91ceed4e3a6db5aedced65e3c8f963118ea9ba753fc620831c77074e620e7d83 Django-5.2-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmftNIotHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +h0QMAJAgwXxMa/HElDElvmxojqY7H/oZ4obF7QtaywMKrV2IXGDi63RgCr6IIpD/ +rgWgEiyGUT6Mz/LxifkApDG8QQCDpvBW2suVQqDFgDwthX3h7URpypI98OnErskB +b/ZlD/WGIRUDl8rC5YLHEp+aYXSsoR76cIEuPSnvyXkKGikcB4ti1IJBttjBbbgk +uMn2WSgpFs1DMfuXvasZ2El3orwYgV7RCdC/GxurmzBcQE4Vdk5tLNHNvxzyZQnG +K5BO2dHhG6bUMhn75cxOsVfpjcrcSrZt/WzLE8b0JRK6IUto99R8RCGgTPVYbQE1 +5Bo4vaHnjRAjVw6YtT1KKrgYdTf8vDE3I+oNxbljmH92lVQ/g2uoPnqB91hXVboh +/EQX99MsRMVn6Ja00p40hPzjVvApbSuaBg/CDTlYCfnrj+0Ry0UanqPxnsJNxJmj +C2rYfYQa6vsd4t99/pzc9pgS4oW8h4Kl1MjBYAft5OlFCbUmYOPRNNjz4TsGlbAq +8SDOpQ== +=O1eA +-----END PGP SIGNATURE----- diff --git a/Django-5.2.tar.gz b/Django-5.2.tar.gz new file mode 100644 index 0000000..57e23ec --- /dev/null +++ b/Django-5.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89 +size 10824891 diff --git a/dirty-hack-remove-assert.patch b/dirty-hack-remove-assert.patch new file mode 100644 index 0000000..fadb3c1 --- /dev/null +++ b/dirty-hack-remove-assert.patch @@ -0,0 +1,25 @@ +From 36736edaf595d2bbf1fe881609b2a4c8e3bac68a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= +Date: Thu, 29 Jun 2023 12:29:21 +0200 +Subject: [PATCH] Dirty hack: Remove a failing assert, failure does not seem + critical + +--- + tests/settings_tests/tests.py | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/tests/settings_tests/tests.py b/tests/settings_tests/tests.py +index 62cbffb..b7432d3 100644 +--- a/tests/settings_tests/tests.py ++++ b/tests/settings_tests/tests.py +@@ -397,7 +397,6 @@ class TestComplexSettingOverride(SimpleTestCase): + with self.assertWarnsMessage(UserWarning, msg) as cm: + with override_settings(TEST_WARN="override"): + self.assertEqual(settings.TEST_WARN, "override") +- self.assertEqual(cm.filename, __file__) + + + class SecureProxySslHeaderTest(SimpleTestCase): +-- +2.40.1 + diff --git a/django-5.2.1.tar.gz b/django-5.2.1.tar.gz new file mode 100644 index 0000000..47f140b --- /dev/null +++ b/django-5.2.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284 +size 10818735 diff --git a/django-5.2.2.tar.gz b/django-5.2.2.tar.gz new file mode 100644 index 0000000..6192ba9 --- /dev/null +++ b/django-5.2.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952 +size 10827542 diff --git a/django-5.2.4.tar.gz b/django-5.2.4.tar.gz new file mode 100644 index 0000000..0638a82 --- /dev/null +++ b/django-5.2.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f +size 10831909 diff --git a/django-5.2.5.tar.gz b/django-5.2.5.tar.gz new file mode 100644 index 0000000..59a9dba --- /dev/null +++ b/django-5.2.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0745b25681b129a77aae3d4f6549b62d3913d74407831abaa0d9021a03954bae +size 10859748 diff --git a/python-Django-rpmlintrc b/python-Django-rpmlintrc new file mode 100644 index 0000000..0159bae --- /dev/null +++ b/python-Django-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("file-not-in-%lang") +# Empty model.py files should be kept around: +addFilter("zero-length") +# Bash completion isn't config: +# addFilter("non-conffile-in-etc /etc/bash_completion.d/django_bash_completion*") diff --git a/python-Django.changes b/python-Django.changes new file mode 100644 index 0000000..243e2fc --- /dev/null +++ b/python-Django.changes @@ -0,0 +1,3048 @@ +------------------------------------------------------------------- +Tue Aug 12 10:52:26 UTC 2025 - Markéta Machová + +- Update to 5.2.5 + * Fixed a regression in Django 5.2.1 that prevented the usage of UNNEST + PostgreSQL strategy of QuerySet.bulk_create() with foreign keys + * Fixed a crash in Django 5.2 when filtering against a composite primary key + using a tuple containing expressions + * Fixed a crash in Django 5.2 when validating a model that uses + GeneratedField or constraints composed of Q and Case lookups + * Added compatibility for docutils 0.22 + * Fixed a crash in Django 5.2 when using a ManyToManyField on a model with + a composite primary key, by extending the fields.E347 system check +- Convert to libalternatives on SLE-16-based and newer systems + +------------------------------------------------------------------- +Fri Aug 1 02:09:01 UTC 2025 - Steve Kowalik + +- Reinstate Requires on tzdata, a lot of packages use it. + +------------------------------------------------------------------- +Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik + +- Add patch support-msgfmt-0.25.patch: + * Support msgfmt 0.25 error messages changes. (bsc#1246966) +- Remove unneeded Requires on tzdata. + +------------------------------------------------------------------- +Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová + +- Add upstream test_strip_tags.patch to fix test errors with + at-this-point future python interpreters + +------------------------------------------------------------------- +Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová + +- Update to 5.2.4 + * Fixed a log injection possibility by migrating remaining response logging + to django.utils.log.log_response(), which safely escapes arguments + such as the request path to prevent unsafe log output (CVE 2025-48432). + * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to + incorrectly convert None to JSON null instead of SQL NULL for JSONField + * Fixed a regression in Django 5.2.2 where the q parameter was removed from + the internal django.http.MediaType.params property + * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type() + incorrectly preferred more specific media types with a lower quality + * Fixed a crash in Django 5.2 when performing an __in lookup involving a + composite primary key and a subquery on certain backends + +------------------------------------------------------------------- +Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová + +- Update to 5.2.2 (bsc#1244095) + * CVE-2025-48432: Potential log injection via unescaped request path + * Fixed a crash when using select_related against a ForeignObject + originating from a model with a CompositePrimaryKey + * Fixed a regression in Django 5.2 that caused a crash when no + arguments were passed into QuerySet.union(). + * Fixed a regression in Django 5.2 that caused a crash when using OuterRef + in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg. + * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not + account for media type parameters in Accept headers, reducing specificity + in content negotiation. + +------------------------------------------------------------------- +Mon May 12 08:20:40 UTC 2025 - Markéta Machová + +- Update to 5.2.1 (bsc#1242210) + * This release was built using an upgraded setuptools, producing + filenames compliant with PEP 491 and PEP 625 and thus addressing + a PyPI warning about non-compliant distribution filenames. This + change only affects the Django packaging process and does not + impact Django’s behavior. + * CVE-2025-32873: Denial-of-service possibility in strip_tags() + * Fixed a data corruption possibility in file_move_safe() when + allow_overwrite=True + * Fixed a regression introduced when fixing CVE 2025-26699, where + the wordwrap template filter did not preserve empty lines between + paragraphs after wrapping text + * Fixed many bugs and regressions in Django 5.2, see upstream changelog + +------------------------------------------------------------------- +Tue Apr 22 15:46:20 UTC 2025 - Markéta Machová + +- Add missing runtime dependency on tzdata + +------------------------------------------------------------------- +Mon Apr 7 15:02:18 UTC 2025 - Markéta Machová + +- Update to 5.2 + * Django 5.2 is designated as a long-term support release. It will receive + security updates for at least three years after its release. + * Django 5.2 supports Python 3.10, 3.11, 3.12, and 3.13. + ** What’s new in Django 5.2 ** + * Automatic models import in the shell + * Composite Primary Keys + * Simplified override of BoundField + * ... and many more smaller features + ** Backwards incompatible changes in 5.2 ** + * Database backend API changes + * Dropped support for PostgreSQL 13 + * Changed MySQL connection character set default + * ... and more, see upstream changelog + ** Features deprecated in 5.2 ** + * The all argument for the django.contrib.staticfiles.finders.find() + function is deprecated in favor of the find_all argument. + * The ordering keyword argument of the PostgreSQL specific aggregation + functions is deprecated in favor of the order_by argument. + +------------------------------------------------------------------- +Mon Apr 7 14:19:10 UTC 2025 - Markéta Machová + +- Update to 5.1.8 + * CVE-2025-27556: Potential denial-of-service vulnerability in + LoginView, LogoutView, and set_language() on Windows + * Fixed a regression in Django 5.1.7 where the removal of the single_object + parameter unintentionally altered the signature and return type of + LogEntryManager.log_actions() + +------------------------------------------------------------------- +Sun Mar 30 08:28:57 UTC 2025 - Dirk Müller + +- update filelist to be compatible with newer setuptools + +------------------------------------------------------------------- +Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová + +- Update to 5.1.7 (bsc#1239052) + * CVE-2025-26699: Potential denial-of-service vulnerability in + django.utils.text.wrap() + * Fixed a bug in Django 5.1 where the {% querystring %} template tag + returned an empty string rather than "?" + * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite + set to True, did not truncate the overwritten file content + * Fixed a regression in Django 5.1 where the count and exists methods of + ManyToManyField related managers would always return 0 and False when + the intermediary model back references used to_field + * Fixed a regression in Django 5.1 where the pre_save and post_save signals + for LogEntry were not sent when deleting a single object in the admin + +------------------------------------------------------------------- +Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová + +- Update to 5.1.6 + * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() + and validate_ipv46_address() to crash when handling non-string values + * Fixed a regression in Django 5.1 where password fields, despite being + set to required=False, were still treated as required in forms derived + from BaseUserCreationForm + +------------------------------------------------------------------- +Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová + +- Update to 5.1.5 (bsc#1235856) + * CVE-2024-56374: Potential denial-of-service vulnerability in + IPv6 validation + * Fixed a crash when applying migrations with references to the + removed Meta.index_together option + +------------------------------------------------------------------- +Mon Dec 9 09:13:02 UTC 2024 - Markéta Machová + +- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) + * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() + * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle + * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError + * Fixed a regression in Django 5.1 where relational fields were not updated + * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value + that contained a valid domain name, rather than only input values that were + a valid domain name + * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 + * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed + when rendering admin fieldsets + +------------------------------------------------------------------- +Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová + +- Update to 5.1.2 + * Fixed a regression in Django 5.1 that caused a crash when using + the PostgreSQL lookup trigram_similar on output fields from Concat + * Fixed a regression in Django 5.1 that caused a crash of JSONObject() + when using server-side binding with PostgreSQL 16+ + * Fixed a regression in Django 5.1 that made selected items in + multi-select widgets indistinguishable from non-selected items in + the admin dark theme + +------------------------------------------------------------------- +Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.1.1 (bsc#1229823, bsc#1229824) + * CVE-2024-45230: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-45231: Potential user email enumeration via response + status on password reset + * Fixed a regression in Django 5.1 that caused a crash of Window() + when passing an empty sequence to the order_by parameter, and a + crash of Prefetch() for a sliced queryset without ordering + * Fixed a regression in Django 5.1 where a new usable_password field + was included in BaseUserCreationForm (and children). A new + AdminUserCreationForm including this field was added, isolating + the feature to the admin where it was intended + * Adjusted the deprecation warning stacklevel in Model.save() and + Model.asave() to correctly point to the offending call site + * Adjusted the deprecation warning stacklevel when using + OS_OPEN_FLAGS in FileSystemStorage to correctly point to the + offending call site + * Adjusted the deprecation warning stacklevel in + FieldCacheMixin.get_cache_name() to correctly point to the + offending call site + * Restored, following a regression in Django 5.1, the ability to + override the timezone and role setting behavior used within the + init_connection_state method of the PostgreSQL backend + * Fixed a bug in Django 5.1 where variable lookup errors were logged + when rendering admin fieldsets + +------------------------------------------------------------------- +Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová + +- Update to 5.1 + * Supports Python >= 3.10. + * Easier guardrails for authentication: the new and shiny + LoginRequiredMiddleware, when added to MIDDLEWARE, enforces + authentication for all views by default. + * A more inclusive framework: Django 5.1 includes several accessibility + enhancements, such as improved screen reader support in the admin + interface, more semantic HTML elements, and better association of + help text and labels with form fieldsets. + * The second oldest ticket fixed in this release provides the long awaited + querystring template tag, which greatly simplifies the handling of query + strings when building URLs in templates. + * For a detailed list of changes see https://docs.djangoproject.com/en/5.1/releases/5.1/ +- Refreshed python-Django.keyring + +------------------------------------------------------------------- +Wed Aug 7 06:07:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632) + * CVE-2024-41989: Memory exhaustion in + django.utils.numberformat.floatformat() + * CVE-2024-41990: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-41991: Potential denial-of-service vulnerability in + django.utils.html.urlize() and AdminURLFieldWidget + * CVE-2024-42005: Potential SQL injection in QuerySet.values() and + values_list() + * Added missing validation for + UniqueConstraint(nulls_distinct=False) when using *expressions + * Fixed a regression in Django 5.0 where ModelAdmin.action_checkbox + could break the admin changelist HTML page when rendering a model + instance with a __html__ method + * Fixed a crash when creating a model with a Field.db_default and a + Meta.constraints constraint composed of __endswith, __startswith, + or __contains lookups + * Fixed a regression in Django 5.0.7 that caused a crash in + LocaleMiddleware when processing a language code over 500 + characters + * Fixed a bug in Django 5.0 that caused a system check crash when + ModelAdmin.date_hierarchy was a GeneratedField with an + output_field of DateField or DateTimeField + * Fixed a bug in Django 5.0 which caused constraint validation to + either crash or incorrectly raise validation errors for + constraints referring to fields using Field.db_default + * Fixed a crash in Django 5.0 when saving a model containing a + FileField with a db_default set + +------------------------------------------------------------------- +Tue Jul 9 14:03:46 UTC 2024 - Markéta Machová + +- Update to 5.0.7 + * Supports Python >= 3.10. + * Facet counts are now shown for applied filters in the admin changelist + when toggled on via the UI. This behavior can be changed via the new + ModelAdmin.show_facets attribute. + * Django 5.0 introduces the concept of a field group, and field group + templates. This simplifies rendering of the related elements of a + Django form field such as its label, widget, help text, and errors. + * The new Field.db_default parameter sets a database-computed default value. + * The new GeneratedField allows creation of database generated columns. + This field can be used on all supported database backends to create + a field that is always computed from other fields. + * More options for declaring field choices + * Few backwards-incompatible changes in the database backend API, + django.contrib.gis and django.contrib.sitemaps + * Dropped support for MySQL < 8.0.11 + * Using create_defaults__exact may now be required with QuerySet.update_or_create() + * Migrating existing UUIDField on MariaDB 10.7+ +- This release also fixes several security issues: + * bsc#1227590 (CVE-2024-38875) + * bsc#1227593 (CVE-2024-39329) + * bsc#1227594 (CVE-2024-39330) + * bsc#1227595 (CVE-2024-39614) +- Drop no-longer-needed patches: + * dirty-hack-remove-assert.patch + * sanitize_address.patch + +------------------------------------------------------------------- +Wed May 8 07:30:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.13 + + Django 4.2.13 fixes a packaging error in 4.2.12. +- Update to 4.2.12 + + Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+. + + Fixed a crash in Django 4.2 when validating email max line lengths + with content decoded using the surrogateescape error handling + scheme +- Drop fix-safemimetext-set_payload.patch, already merged upstream + +------------------------------------------------------------------- +Thu Apr 18 06:39:36 UTC 2024 - Daniel Garcia + +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) + +------------------------------------------------------------------- +Mon Mar 4 14:05:28 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +------------------------------------------------------------------- +Fri Feb 9 10:18:37 UTC 2024 - Daniel Garcia + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. + +------------------------------------------------------------------- +Thu Jan 4 09:27:51 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.9: + * Fixed a regression in Django 4.2.8 where admin fields on the same + line could overflow the page and become non-interactive + +------------------------------------------------------------------- +Mon Dec 4 10:21:00 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.8 + * Fixed a regression in Django 4.2 that caused makemigrations + --check to stop displaying pending migrations + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing other aggregates + or window functions through conditional expressions + * Fixed a regression in Django 4.2 that caused a crash when + annotating a QuerySet with a Window expressions composed of a + partition_by clause mixing field types and aggregation expressions + * Fixed a regression in Django 4.2 where the admin’s change list + page had misaligned pagination links and inputs when using + list_editable + * Fixed a regression in Django 4.2 where checkboxes in the admin + would be centered on narrower screen widths + * Fixed a regression in Django 4.2 that caused a crash of querysets + with aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode + was enabled + * Fixed a regression in Django 4.2 where the admin’s read-only + password widget and some help texts were incorrectly aligned at + tablet widths + * Fixed a regression in Django 4.2 that caused a migration crash on + SQLite when altering unsupported Meta.db_table_comment + +------------------------------------------------------------------- +Mon Nov 27 12:20:48 UTC 2023 - Dirk Müller + +- add dirty-hack-remove-assert.patch from fedora to fix + minor test failure with python 3.12 + +------------------------------------------------------------------- +Wed Nov 1 08:12:59 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.7 + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing expressions + containing subqueries + * Restored, following a regression in Django 4.2, creating + varchar/text_pattern_ops indexes on CharField and TextField with + deterministic collations on PostgreSQL + +------------------------------------------------------------------- +Mon Oct 16 08:33:05 UTC 2023 - Daniel Garcia Moreno + +- Update to 4.2.6 (bsc#1215978, CVE-2023-43665) + * CVE-2023-43665: Denial-of-service possibility in + django.utils.text.Truncator + The input processed by Truncator, when operating in HTML mode, has + been limited to the first five million characters in order to + avoid potential performance and memory issues. + * Fixed a regression in Django 4.2.5 where overriding the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests + caused the main STORAGES to mutate (#34821). + * Fixed a regression in Django 4.2 that caused unnecessary casting + of string based fields (CharField, EmailField, TextField, + CICharField, CIEmailField, and CITextField) used with the __isnull + lookup on PostgreSQL. As a consequence, indexes using an __isnull + expression or condition created before Django 4.2 wouldn’t be used + by the query planner, leading to a performance regression + (#34840). + +------------------------------------------------------------------- +Mon Sep 4 12:10:50 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.5 (CVE-2023-41164) + + Bugfixes + * Fixed a regression in Django 4.2 that caused an incorrect + validation of CheckConstraints on __isnull lookups against + JSONField + * Fixed a bug in Django 4.2 where the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings were not + synced with STORAGES + * Fixed a regression in Django 4.2.2 that caused an unnecessary + selection of a non-nullable ManyToManyField without a natural + key during serialization + * Fixed a regression in Django 4.2 that caused a crash of a + queryset when filtering against deeply nested OuterRef() + annotations + +------------------------------------------------------------------- +Wed Aug 2 07:35:04 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.4 + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing window + functions + * Fixed a regression in Django 4.2 that caused a crash when + grouping by a reference in a subquery + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping by multi-valued annotations to + group against the wrong columns + +------------------------------------------------------------------- +Tue Jul 18 12:50:29 UTC 2023 - Markéta Machová + +- Add upstream sanitize_address.patch + * fixes build with yet another CPython upstream fix (bsc#1210638) + +------------------------------------------------------------------- +Mon Jul 10 09:28:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.3 (bsc#1212742, CVE-2023-36053) + + CVE-2023-36053: Potential regular expression denial of service + vulnerability in EmailValidator/URLValidator + + Bugfixes + * Fixed a regression in Django 4.2 that caused incorrect alignment + of timezone warnings for DateField and TimeField in the admin + * Fixed a regression in Django 4.2 that caused incorrect + highlighting of rows in the admin changelist view when + ModelAdmin.list_editable contained a BooleanField + +------------------------------------------------------------------- +Fri Jun 9 11:41:19 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Tue Jun 6 06:35:28 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.2 + + Bugfixes + * Fixed a regression in Django 4.2 that caused an unnecessary + DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None + lookups for TextField()/BinaryField() on Oracle + * Restored, following a regression in Django 4.2, get_prep_value() + call in JSONField subclasses + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when passing a ManyToManyField or + GenericForeignKey reference. While doing so is a no-op, it was + allowed in older version + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.only() when passing a reverse OneToOneField reference + * Fixed a bug in Django 4.2 where makemigrations --update didn’t + respect the --name option + * Fixed a performance regression in Django 4.2 when compiling + queries without ordering + * Fixed a regression in Django 4.2 where nonexistent stylesheet + was linked on a “Congratulations!” page + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with expressions referencing other + aggregates + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing subqueries + * Fixed a regression in Django 4.2 that caused a crash of + querysets on SQLite when filtering on DecimalField against + values outside of the defined range + * Fixed a regression in Django 4.2 that caused a serialization + crash on a ManyToManyField without a natural key when its + Manager’s base QuerySet used select_related() + +------------------------------------------------------------------- +Thu May 4 07:02:58 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.1 + + CVE-2023-31047: Potential bypass of validation when uploading + multiple files using one form field (bsc#1210866) + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when deferring fields by attribute names + * Fixed a regression in Django 4.2 that caused a crash of + SearchVector function with % characters + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping to group against the wrong + columns + * Reallowed, following a regression in Django 4.2, setting the + "cursor_factory" option in OPTIONS on PostgreSQL + * Enforced UTF-8 client encoding on PostgreSQL, following a + regression in Django 4.2 + * Fixed a regression in Django 4.2 where i18n_patterns() didn’t + respect the prefix_default_language argument when a fallback + language of the default language was used + * Fixed a regression in Django 4.2 where translated URLs of the + default language from i18n_patterns() with + prefix_default_language set to False raised 404 errors for a + request with a different language + * Fixed a regression in Django 4.2 where creating copies and deep + copies of HttpRequest, HttpResponse, and their subclasses didn’t + always work correctly + * Fixed a regression in Django 4.2 where timesince and timeuntil + template filters returned incorrect results for a datetime with + a non-UTC timezone when a time difference is less than 1 day + * Fixed a regression in Django 4.2 that caused a crash of + SearchHeadline function with psycopg 3 + * Fixed a regression in Django 4.2 that caused incorrect + ClearableFileInput margins in the admin + * Fixed a regression in Django 4.2 where breadcrumbs didn’t appear + on admin site app index views + * Made squashing migrations reduce AddIndex, RemoveIndex, + RenameIndex, and CreateModel operations which allows removing a + deprecated Meta.index_together option from historical migrations + and use Meta.indexes instead + +------------------------------------------------------------------- +Thu Apr 6 06:38:13 UTC 2023 - David Anes + +- Update minimal dependency versions. + +------------------------------------------------------------------- +Tue Apr 4 07:19:56 UTC 2023 - David Anes + +- Update to 4.2: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.2/releases/4.2/ + + Psycopg 3 support + + Comments on columns and tables + + Mitigation for the BREACH attack + + In-memory file storage + + Custom file storages + + For backwards incompatible changes in 4.2 see + https://docs.djangoproject.com/en/4.2/releases/4.2/#backwards-incompatible-changes-in-4-2 + +- Update of keyring file + +------------------------------------------------------------------- +Tue Feb 14 09:59:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.7: + + CVE-2023-24580: Potential denial-of-service vulnerability in file + uploads (bsc#1208082) + + Fixed a bug in Django 4.1 that caused a crash of model validation + on ValidationError with no code + +------------------------------------------------------------------- +Wed Feb 1 12:48:49 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.6: + + CVE-2023-23969: Potential denial-of-service via Accept-Language + headers Bugfixes + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint with ordered expressions + +------------------------------------------------------------------- +Mon Jan 2 19:07:30 UTC 2023 - David Anes + +- Update to 4.1.5: + + Fixed a long standing bug in the __len lookup for ArrayField + that caused a crash of model validation on Meta.constraints. +- Update keyring file. + +------------------------------------------------------------------- +Wed Dec 21 09:39:56 UTC 2022 - Daniel Garcia + +- Recommends python-pymemcache instead of the deprecated + python-python-memcached. This is the module used in Django since 3.2 + https://docs.djangoproject.com/en/3.2/releases/3.2/#pymemcache-support + +------------------------------------------------------------------- +Tue Dec 6 13:30:53 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.4 + + Fixed a regression in Django 4.1 that caused an unnecessary table + rebuild when adding a ManyToManyField on SQLite + + Fixed a bug in Django 4.1 that caused a crash of the sitemap index + view with an empty Sitemap.items() and a callable lastmod + + Fixed a bug in Django 4.1 that caused a crash using acreate(), + aget_or_create(), and aupdate_or_create() asynchronous methods of + related managers + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() with "pk" in unique_fields + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() on fields with db_column + +------------------------------------------------------------------- +Wed Nov 2 15:50:11 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.3 + + Fixed a bug in Django 4.1 that caused non-Python files created by + startproject and startapp management commands from custom + templates to be incorrectly formatted using the black command + +------------------------------------------------------------------- +Tue Oct 4 08:22:42 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.2 (bsc#1203793, CVE-2022-41323) + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when adding a model with ExclusionConstraint + + Fixed a regression in Django 4.1 that caused aggregation over a + queryset that contained an Exists annotation to crash due to too + many selected columns + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint on NULL values + + Fixed a regression in Django 4.1 that caused a + QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg() + + Fixed a bug in Django 4.1 that caused + ModelAdmin.autocomplete_fields to be incorrectly selected after + adding/changing related instances via popups + + Fixed a regression in Django 4.1 where the app registry was not + populated when running parallel tests with the multiprocessing + start method spawn + + Fixed a regression in Django 4.1 where the --debug-mode argument + to test did not work when running parallel tests with the + multiprocessing start method spawn + + Fixed a regression in Django 4.1 that didn’t alter a sequence type + when altering type of pre-Django 4.1 serial columns on PostgreSQL + + Fixed a regression in Django 4.1 that caused a crash for View + subclasses with asynchronous handlers when handling non-allowed + HTTP methods + + Reverted caching related managers for ForeignKey, ManyToManyField, + and GenericRelation that caused the incorrect refreshing of + related objects + + Relaxed the system check added in Django 4.1 for the same name + used for multiple template tag modules to a warning + +------------------------------------------------------------------- +Mon Sep 5 11:14:19 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.1 + + Reallowed, following a regression in Django 4.1, using GeoIP2() + when GEOS is not installed + + Fixed a regression in Django 4.1 that caused a crash of admin’s + autocomplete widgets when translations are deactivated + + Fixed a regression in Django 4.1 that caused a crash of the test + management command when running in parallel and multiprocessing + start method is spawn + + Fixed a regression in Django 4.1 that caused an incorrect + redirection to the admin changelist view when using "Save and + continue editing" and "Save and add another" options + + Fixed a regression in Django 4.1 that caused a crash of Window + expressions with ArrayAgg + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite 3.35.5+ when removing an indexed field + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint() with field names in expressions + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint() with range fields on PostgreSQL + + Fixed a regression in Django 4.1 that caused an incorrect + migration when adding AutoField, BigAutoField, or SmallAutoField + on PostgreSQL + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when altering AutoField, BigAutoField, or + SmallAutoField to OneToOneField + + Fixed a migration crash on ManyToManyField fields with through + referencing models in different apps + + Fixed a regression in Django 4.1 that caused an incorrect + migration when renaming a model with ManyToManyField and db_table + + Reallowed, following a regression in Django 4.1, creating reverse + foreign key managers on unsaved instances + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite < 3.20 + + Fixed a regression in Django 4.1 that caused an admin crash when + the admindocs app was used +- Remove 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch + (already upstream) +- Verify the tarball with gpg + +------------------------------------------------------------------- +Wed Aug 3 13:20:52 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.1/releases/4.1/ + + Django 4.1 supports Python 3.8, 3.9, and 3.10 + + Asynchronous handlers for class-based views + + Asynchronous ORM interface + + Validation of Constraints + + Form rendering accessibility + + CSRF_COOKIE_MASKED setting +- Drop fix_test_custom_fields_SQLite.patch (already merged) +- Add 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch to fix + test + +------------------------------------------------------------------- +Wed Aug 3 11:48:48 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.7 (CVE-2022-36359, bsc#1201923): + + Django 4.0.7 fixes a security issue with severity “high” in 4.0.6. + +------------------------------------------------------------------- +Tue Jul 5 08:04:12 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.6 + + CVE-2022-34265: Potential SQL injection via Trunc(kind) and + Extract(lookup_name) arguments + +------------------------------------------------------------------- +Thu Jun 2 07:34:17 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.5 + + Fixed a bug in Django 4.0 where not all OPTIONS were passed to a + Redis client + + Fixed a bug in Django 4.0 that caused a crash of QuerySet.filter() + on IsNull() expressions + + Fixed a bug in Django 4.0 where a hidden quick filter toolbar in + the admin’s navigation sidebar was focusable + +------------------------------------------------------------------- +Mon Apr 11 14:21:09 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.4 + + CVE-2022-28346: Potential SQL injection in "QuerySet.annotate()", + "aggregate()", and "extra()" + + CVE-2022-28347: Potential SQL injection via + "QuerySet.explain(**options)" on PostgreSQL + +------------------------------------------------------------------- +Tue Mar 1 10:49:51 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.3 + + Prevented, following a regression in Django 4.0.1, makemigrations + from generating infinite migrations for a model with + ManyToManyField to a lowercased swappable model such as + 'auth.user' + + Fixed a regression in Django 4.0 that caused a crash when + rendering invalid inlines with readonly_fields in the admin + +------------------------------------------------------------------- +Tue Feb 1 10:15:38 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.2 (CVE-2022-22818, bsc#1195086) (CVE-2022-23833, bsc#1195088) + + CVE-2022-22818: Possible XSS via {% debug %} template tag + + CVE-2022-23833: Denial-of-service possibility in file uploads + + Fixed a bug in Django 4.0 where + TestCase.captureOnCommitCallbacks() could execute callbacks + multiple times + + Fixed a regression in Django 4.0 where help_text was HTML-escaped + in automatically-generated forms + + Fixed a regression in Django 4.0 that caused displaying an + incorrect name for class-based views on the technical 404 debug + page + + Fixed a regression in Django 4.0 that caused an incorrect repr of + ResolverMatch for class-based views + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations on models without Meta.order_with_respect_to but + with a field named _order + + Fixed a regression in Django 4.0 that caused incorrect + ModelAdmin.radio_fields layout in the admin + + Fixed a duplicate operation regression in Django 4.0 that caused a + migration crash when altering a primary key type for a concrete + parent model referenced by a foreign key + + Fixed a bug in Django 4.0 that caused a crash of + QuerySet.aggregate() after annotate() on an aggregate function + with a default + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations when renaming a field of a renamed model + +------------------------------------------------------------------- +Wed Jan 12 14:16:23 UTC 2022 - Matej Cepl + +- Add fix_test_custom_fields_SQLite.patch fixing issues with + modern SQLite (gh#django/django#15168). + +------------------------------------------------------------------- +Mon Jan 10 09:27:36 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.1 (CVE-2021-45115, CVE-2021-45452, bsc#1194117) + + CVE-2021-45115: Denial-of-service possibility in + UserAttributeSimilarityValidator + + CVE-2021-45452: Potential directory-traversal via Storage.save() + + Fixed a regression in Django 4.0 that caused a crash of + assertFormsetError() on a formset named form + + Fixed a bug in Django 4.0 that caused a crash on booleans with the + RedisCache backend + + Relaxed the check added in Django 4.0 to reallow use of a + duck-typed HttpRequest in + django.views.decorators.cache.cache_control() and never_cache() + decorators + + Fixed a regression in Django 4.0 that caused creating bogus + migrations for models that reference swappable models such as + auth.User + + Fixed a long standing bug in Geometry Collections and Polygon that + caused a crash on some platforms (reported on macOS based on the + ARM64 architecture) + +------------------------------------------------------------------- +Mon Dec 27 12:11:09 UTC 2021 - Ben Greiner + +- Fix u-a scriptlet dependency. +- Remove python36 conditional on numpy dep. + +------------------------------------------------------------------- +Fri Dec 24 02:26:37 UTC 2021 - John Vandenberg + +- Avoid dependency on backports.zoneinfo except on Python 3.8 + +------------------------------------------------------------------- +Mon Dec 20 10:37:10 UTC 2021 - Matej Cepl + +- Clean up PYTHONPATH to make test_extra_tests_build_suite pass. + +------------------------------------------------------------------- +Tue Dec 7 14:09:24 UTC 2021 - Alberto Planas Dominguez + +- Update to 4.0 + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.0/releases/4.0/. + - Django 4.0 supports Python 3.8, 3.9, and 3.10. We highly + recommend and only officially support the latest release of + each series. + The Django 3.2.x series is the last to support Python 3.6 and + 3.7. + - The Python standard library’s zoneinfo is now the default + timezone implementation in Django. This is the next step in + the migration from using pytz to using zoneinfo. Django 3.2 + allowed the use of non-pytz time zones. Django 4.0 makes + zoneinfo the default implementation. Support for pytz is now + deprecated and will be removed in Django 5.0. + - The new *expressions positional argument of + UniqueConstraint() enables creating functional unique + constraints on expressions and database functions. + - The new scrypt password hasher is more secure and recommended + over PBKDF2. However, it’s not the default as it requires + OpenSSL 1.1+ and more memory. + - Redis cache backend + - Template based form rendering. Forms, Formsets, and ErrorList + are now rendered using the template engine to enhance + customization. + +------------------------------------------------------------------- +Tue Nov 2 12:45:45 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.9 + + Fixed a bug in Django 3.2 that caused a migration crash on SQLite + when altering a field with a functional index + +------------------------------------------------------------------- +Tue Oct 5 14:25:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.8 + + Fixed a bug in Django 3.2 that caused incorrect links on read-only + fields in the admin + + Fixed a regression in Django 3.2 that caused incorrect selection + of items across all pages when actions were placed both on the top + and bottom of the admin change-list view +- Drop failing_test_subparser_invalid_option.patch, as is already in + the upstream code. + +------------------------------------------------------------------- +Thu Sep 9 15:21:45 UTC 2021 - Matej Cepl + +- Add failing_test_subparser_invalid_option.patch fixing + https://code.djangoproject.com/ticket/33082 + +------------------------------------------------------------------- +Wed Sep 1 10:13:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.7 + + Fixed a regression in Django 3.2 that caused the incorrect offset + extraction from fixed offset timezones + +------------------------------------------------------------------- +Mon Aug 16 08:27:28 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.6 + + Fixed a regression in Django 3.2 that caused a crash validating + "NaN" input with a forms.DecimalField when additional constraints, + e.g. max_value, were specified + + Fixed a bug in Django 3.2 where a system check would crash on a + model with a reverse many-to-many relation inherited from a parent + class + +------------------------------------------------------------------- +Thu Jul 1 07:50:35 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.5 (CVE-2021-35042, bsc#1187785) + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values_list(..., named=True) after prefetch_related() + + Fixed a bug in Django 3.2 that caused a migration crash on MySQL + 8.0.13+ when altering BinaryField, JSONField, or TextField to + non-nullable + + Fixed a regression in Django 3.2 that caused a migration crash on + MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or + TextField with a default value + + Fixed a bug in Django 3.2 where a system check would crash on a + model with an invalid app_label + +------------------------------------------------------------------- +Wed Jun 2 10:45:01 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571) + + CVE-2021-33203: Potential directory traversal via admindocs + + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks + since validators accepted leading zeros in IPv4 addresses + + Fixed a bug in Django 3.2 where a final catch-all view in the + admin didn’t respect the server-provided value of SCRIPT_NAME when + redirecting unauthenticated users to the login page + + Fixed a bug in Django 3.2 where a system check would crash on an + abstract model + + Prevented unnecessary initialization of unused caches following a + regression in Django 3.2 + + Fixed a crash in Django 3.2 that could occur when running mod_wsgi + with the recommended settings while the Windows colorama library + was installed + + Fixed a bug in Django 3.2 that would trigger the auto-reloader for + template changes when directory paths were specified with strings + + Fixed a regression in Django 3.2 that caused a crash of + auto-reloader with AttributeError, e.g. inside a Conda environment + + Fixed a regression in Django 3.2 that caused a loss of precision + for operations with DecimalField on MySQL + +------------------------------------------------------------------- +Mon May 17 07:37:47 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.3 + + Prepared for mysqlclient > 2.0.3 support + + Fixed a regression in Django 3.2 that caused the incorrect + filtering of querysets combined with the | operator + + Fixed a regression in Django 3.2.1 where saving FileField would + raise a SuspiciousFileOperation even when a custom upload_to + returns a valid file path + +------------------------------------------------------------------- +Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.2 (CVE-2021-32052) + + CVE-2021-32052: Header injection possibility since URLValidator + accepted newlines in input on Python 3.9.5+ + + Prevented, following a regression in Django 3.2.1, makemigrations + from generating infinite migrations for a model with Meta.ordering + contained OrderBy expressions + +------------------------------------------------------------------- +Wed May 5 17:25:18 UTC 2021 - Ben Greiner + +- Keep rpm runtime requirements in sync. Downstream packages often + read the egg-info and fail if they are not fulfilled. + +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + +------------------------------------------------------------------- +Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Automatic ~django.apps.AppConfig discovery + + Customizing type of auto-created primary keys + + Functional indexes + + pymemcache support + + New decorators for the admin site + + For a complete description of new features check: + https://github.com/django/django/blob/main/docs/releases/3.2.txt +- Update PYTHOPATH to include the local tests +- Drop i18n_test.patch, i18n_test_extraction.patch, + test_clear_site_cache-sort.patch + +------------------------------------------------------------------- +Sat Feb 13 22:41:42 UTC 2021 - Ben Greiner + +- Don't install python36-numpy for testing. It is no longer + available. (The tests or portions of tests requiring numpy + are skipped automatically in this case.) +- Let the singlespec macro do its job to set the primary provider + for python3-django and python3-South on the primary flavor only. +- Fix mtime of cache file by recompiling. + +------------------------------------------------------------------- +Wed Dec 9 12:16:46 UTC 2020 - Ondřej Súkup + +- Update to 3.1.4 + * Fixed setting the Content-Length HTTP header in AsyncRequestFactory + * Fixed passing extra HTTP headers to AsyncRequestFactory request methods + * Fixed crash of key transforms for JSONField on PostgreSQL when usingi + on a Subquery() annotation + * Fixed a regression in Django 3.1 that caused the incorrect grouping + by a Q object annotation + * Fixed a regression in Django 3.1 that caused suppressing connection errors + when JSONField is used on SQLite + * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained + key transforms for JSONField returning non-string primitive values + +------------------------------------------------------------------- +Mon Nov 2 15:03:13 UTC 2020 - Ondřej Súkup + +- Update to 3.1.3 + * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin + changelist search bar + * Fixed a regression in Django 3.1.2 that caused the incorrect width of the + admin changelist search bar on a filtered page + * Fixed displaying Unicode characters in forms.JSONField and read-only + models.JSONField values in the admin + * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg + with ordering on key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using + key transforms for JSONField in the lookup value + * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with + key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL + when adding an ExclusionConstraint with key transforms for JSONField in expressions + * Fixed a regression in Django 3.1 where ProtectedError.protected_objects + and RestrictedError.restricted_objects attributes returned iterators instead + of set of objects + * Fixed a regression in Django 3.1.2 that caused incorrect form input layout + on small screens in the admin change form view + * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens + * Added support for asgiref 3.3 + * Fixed a regression in Django 3.1 that caused incorrect textarea layout + on medium-sized screens in the admin change form view with the sidebar open + * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases + in the GROUP BY clause + * Fixed a bug in Django 3.1 where FileField instances with a callable storage were + not correctly deconstructed + * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned + incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with + Meta.ordering. A model’s Meta.ordering doesn’t affect such queries + * Fixed a regression in Django 3.1 where a queryset would crash if it contained + an aggregation and a Q object annotation + * Fixed a bug in Django 3.1 where a test database was not synced during creation + when using the MIGRATE test database setting + * Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a GenericRelation + * Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar + would not scroll for a long list of available filters + +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + +------------------------------------------------------------------- +Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg + +- Require asgiref >= 3.2.10 per upstream + +------------------------------------------------------------------- +Tue Aug 11 07:48:29 UTC 2020 - Alberto Planas Dominguez + +- Update to 3.1 + * Asynchronous views and middleware support + * JSONField for all supported database backends + * DEFAULT_HASHING_ALGORITHM settings¶ + * Read https://docs.djangoproject.com/en/3.1/releases/3.1/ +- Drop fix-selenium-test.patch. Already upstream. +- Add i18n_test_extraction.patch to support xgettext 0.21 + +------------------------------------------------------------------- +Thu Aug 6 11:36:36 UTC 2020 - Ondřej Súkup + +- update to 3.0.9 + * Allowed setting the SameSite cookie flag in HttpResponse.delete_cookie() + * Fixed crash when sending emails to addresses with display names longer than + 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+ + +------------------------------------------------------------------- +Wed Jul 8 11:52:27 UTC 2020 - Ondřej Súkup + +- update to 3.0.8 + * Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings + raised by cache key validation + * Fixed a regression in Django 3.0.7 that caused a queryset crash + when grouping by a many-to-one relationship + * Reallowed, following a regression in Django 3.0, non-expressions having + a filterable attribute to be used as the right-hand side in queryset filters + * Fixed a regression in Django 3.0.2 that caused a migration crash + on PostgreSQL when adding a foreign key to a model with a namespaced db_table + * Added compatibility for cx_Oracle 8 + +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + +------------------------------------------------------------------- +Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal + +- Add patch to fix the 32bit build: + * 32bit.patch + +------------------------------------------------------------------- +Thu Apr 23 16:58:12 UTC 2020 - Marcus Rueckert + +- Update to 3.0.5 + https://docs.djangoproject.com/en/3.0/releases/3.0.5/ + https://docs.djangoproject.com/en/3.0/releases/3.0.4/ + https://docs.djangoproject.com/en/3.0/releases/3.0.3/ + https://docs.djangoproject.com/en/3.0/releases/3.0.2/ + https://docs.djangoproject.com/en/3.0/releases/3.0.1/ + https://docs.djangoproject.com/en/3.0/releases/3.0/ +- new dependency: python-asgiref + +------------------------------------------------------------------- +Fri Apr 3 06:55:41 UTC 2020 - Tomáš Chvátal + +- Update to 2.2.12: + * Added the ability to handle .po files containing different plural + equations for the same language (#30439). + +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + +------------------------------------------------------------------- +Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup + +- update to 2.2.10 +- drop pyyaml53.patch + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` + +------------------------------------------------------------------- +Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup + +- add pyyaml53.patch - fix tests with PyYAML 5.3 + +------------------------------------------------------------------- +Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup + +- Update to 2.2.9 + * CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447) + * Fixed a data loss possibility in SplitArrayField. + +------------------------------------------------------------------- +Mon Dec 2 09:45:57 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.8 + * CVE-2019-19118: Privilege escalation in the Django admin (boo#1157705) + * Fixed a data loss possibility in the admin changelist view when a + custom formset’s prefix contains regular expression special + characters, e.g. '$' + * Fixed a regression in Django 2.2.1 that caused a crash when + migrating permissions for proxy models with a multiple database + setup if the default entry was empty + * Fixed a data loss possibility in the select_for_update(). When + using 'self' in the of argument with multi-table inheritance, a + parent model was locked instead of the queryset’s model +- Add patch fix-selenium-test.patch to fix a test when selenium is + missing + +------------------------------------------------------------------- +Fri Nov 15 10:53:24 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.7: + * Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform (#30826). + * Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan (#30870). + * Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses (#30903). + * Restored the ability to override get_FOO_display() (#30931). + +------------------------------------------------------------------- +Fri Nov 15 07:49:06 UTC 2019 - Tomáš Chvátal + +- Require full python interpreter on build and runtime + +------------------------------------------------------------------- +Mon Oct 7 13:15:57 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.6: + * Fixed migrations crash on SQLite when altering a model + containing partial indexes (#30754). + * Fixed a regression in Django 2.2.4 that caused a crash when + filtering with a Subquery() annotation of a queryset containing + JSONField or HStoreField (#30769). + +------------------------------------------------------------------- +Mon Sep 16 10:13:08 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.5: + * Relaxed the system check added in Django 2.2 for models to reallow use of the same db_table by multiple models when database routers are installed (#30673). + * Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672). + * Fixed a regression in Django 2.2 where ModelAdmin.list_filter choices to foreign objects don’t respect a model’s Meta.ordering (#30449). + * Fixed a race condition in loading URLconf module that could cause a crash of auto-reloader on Python 3.5 and below (#30500). + +------------------------------------------------------------------- +Thu Aug 1 11:13:37 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.4: + * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 + bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880 + * Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628). + * Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647). + +------------------------------------------------------------------- +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- +Mon Jun 3 11:01:44 UTC 2019 - Ondřej Súkup + +- update to 2.2.2 + * Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468) + * Fixes CVE-2019-11358: Prototype pollution + +------------------------------------------------------------------- +Tue May 7 07:13:09 UTC 2019 - Tomáš Chvátal + +- Update keyring file + +------------------------------------------------------------------- +Mon May 6 14:11:22 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.1 + * Fixed a regression in Django 2.1 that caused the incorrect quoting + of database user password when using dbshell on Oracle (#30307). + * Added compatibility for psycopg2 2.8 (#30331). + * Fixed a regression in Django 2.2 that caused a crash when loading + the template for the technical 500 debug page (#30324). + * Fixed crash of ordering argument in ArrayAgg and StringAgg when it + contains an expression with params (#30332). + * Fixed a regression in Django 2.2 that caused a single instance + fast-delete to not set the primary key to None (#30330). + * Prevented makemigrations from generating infinite migrations for + check constraints and partial indexes when condition contains a + range object (#30350). Reverted an optimization in Django 2.2 + (#29725) that caused the inconsistent behavior of count() and + exists() on a reverse many-to-many relationship with a custom + manager (#30325). + * Fixed a regression in Django 2.2 where Paginator crashes if + object_list is a queryset ordered or aggregated over a nested + JSONField key transform (#30335). + * Fixed a regression in Django 2.2 where IntegerField validation of + database limits crashes if limit_value attribute in a custom + validator is callable (#30328). + * Fixed a regression in Django 2.2 where SearchVector generates SQL + that is not indexable (#30385). + * Fixed a regression in Django 2.2 that caused an exception to be + raised when a custom error handler could not be imported (#30318). + * Relaxed the system check added in Django 2.2 for the admin app’s + dependencies to reallow use of SessionMiddleware subclasses, + rather than requiring django.contrib.sessions to be in + INSTALLED_APPS (#30312). + * Increased the default timeout when using Watchman to 5 seconds to + prevent falling back to StatReloader on larger projects and made + it customizable via the DJANGO_WATCHMAN_TIMEOUT environment + variable (#30361). + * Fixed a regression in Django 2.2 that caused a crash when + migrating permissions for proxy models if the target permissions + already existed. For example, when a permission had been created + manually or a model had been migrated from concrete to proxy + (#30351). + * Fixed a regression in Django 2.2 that caused a crash of runserver + when URLConf modules raised exceptions (#30323). + * Fixed a regression in Django 2.2 where changes were not reliably + detected by auto-reloader when using StatReloader (#30323). + * Fixed a migration crash on Oracle and PostgreSQL when adding a + check constraint with a contains, startswith, or endswith lookup + (or their case-insensitive variant) (#30408). + * Fixed a migration crash on Oracle and SQLite when adding a check + constraint with condition contains | (OR) operator (#30412). + +------------------------------------------------------------------- +Wed Apr 10 07:55:46 UTC 2019 - John Vandenberg + +- Add test_clear_site_cache-sort.patch to workaround flaky test +- Add bcond_with for selenium and memcached, as those tests are inactive, + and add missing dependencies and setup for selenium testing +- Move removal of executable bit from a JavaScript file to %prep +- Fix fdupes + +------------------------------------------------------------------- +Wed Apr 3 11:21:56 UTC 2019 - Ondřej Súkup + +- update to 2.2 +- drop pyyaml5.patch +- add i18n_test.patch + * HttpRequest.headers to allow simple access to a request’s headers. + * Database-level constraints on models. + * Watchman compatibility for runserver to improve the performance + +------------------------------------------------------------------- +Sat Mar 23 16:31:46 UTC 2019 - Tomáš Chvátal + +- Add patch to build with PyYAML >5: + * pyyaml5.patch + +------------------------------------------------------------------- +Tue Feb 12 09:24:53 UTC 2019 - Thomas Bechtold + +- update to 2.1.7 (CVE-2019-6975, bsc#1124991): + * Corrected packaging error from 2.1.6 + * Memory exhaustion in django.utils.numberformat.format() + If django.utils.numberformat.format() – used by contrib.admin as well + as the the floatformat, filesizeformat, and intcomma templates + filters – received a Decimal with a large number of digits or a + large exponent, it could lead to significant memory usage + due to a call to '{:f}'.format(). + To avoid this, decimals with more than 200 digits are now formatted + using scientific notation. + * Made the obj argument of InlineModelAdmin.has_add_permission() optional + to restore backwards compatibility with third-party code that doesn’t + provide it + +------------------------------------------------------------------- +Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold + +- update to 2.1.5 (CVE-2019-3498, bsc#1120932): + * CVE-2019-3498: Content spoofing possibility in the default 404 page + * Fixed compatibility with mysqlclient 1.3.14 (#30013). + * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop + and rebuild your SQLite database if you applied a migration while using + an older version of Django with SQLite 3.26 or later (#29182). + * Prevented SQLite schema alterations while foreign key checks are enabled + to avoid the possibility of schema corruption (#30023). + * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) + where request body data isn’t properly consumed for such + connections (#30015). + * Fixed a regression in Django 2.1.4 where + InlineModelAdmin.has_change_permission() is incorrectly called with + a non-None obj argument during an object add (#30050). + +------------------------------------------------------------------- +Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup + +- Update to version 2.1.4 + * Corrected the default password list that CommonPasswordValidator uses + by lowercasing all passwords to match the format expected by the validator + * Prevented repetitive calls to geos_version_tuple() in the WKBWriter class in + an attempt to fix a random crash involving LooseVersion + * Fixed keep-alive support in runserver after it was disabled o 2.0 + * Fixed admin view-only change form crash when using ModelAdmin.prepopulated_fields + * Fixed “Please correct the errors below” error message when editing an object + in the admin if the user only has the “view” permission on inlines + * Fixed a regression in Django 2.0 where combining Q objects with __in lookups + and lists crashed + * Fixed a regression in Django 2.0 where test databases aren’t reused + with manage.py test --keepdb on MySQL + * Fixed a regression where cached foreign keys that use to_field were + incorrectly cleared in Model.save() + * Fixed a regression in Django 2.0 where FileSystemStorage crashes + with FileExistsError if concurrent saves try to create the same directory + +------------------------------------------------------------------- +Thu Oct 4 13:13:00 UTC 2018 - Alberto Planas Dominguez + +- Update to version 2.1.2 + * CVE-2018-16984: Password hash disclosure to “view only” admin + users + * Fixed a regression where nonexistent joins in F() no longer raised + FieldError (#29727). + * Fixed a regression where files starting with a tilde or underscore + weren’t ignored by the migrations loader (#29749). + * Made migrations detect changes to Meta.default_related_name + (#29755). + * Added compatibility for cx_Oracle 7 (#29759). + * Fixed a regression in Django 2.0 where unique index names weren’t + quoted (#29778). + * Fixed a regression where sliced queries with multiple columns with + the same name crashed on Oracle 12.1 (#29630). + * Fixed a crash when a user with the view (but not change) + permission made a POST request to an admin user change form + (#29809). + +------------------------------------------------------------------- +Tue Sep 18 13:17:15 CEST 2018 - Matěj Cepl + +- Switch of BR selenium for non-Intel platforms. + +------------------------------------------------------------------- +Tue Sep 4 12:24:15 UTC 2018 - Ondřej Súkup + +- update to version 2.1.1 +- drop django-urlencode.patch + * Fixed a race condition in QuerySet.update_or_create() that could result + in data loss + * Fixed a regression where QueryDict.urlencode() crashed if the dictionary + contains a non-string value + * Fixed a regression in Django 2.0 where using manage.py test --keepdb fails + on PostgreSQL if the database exists and the user doesn’t have permission + to create databases + * Fixed a regression in Django 2.0 where combining Q objects with __in + lookups and lists crashed + * Fixed translation failure of DurationField’s “overflow” error message + * Fixed a regression where the admin change form crashed if the user doesn’t + have the ‘add’ permission to a model that uses TabularInline + * Fixed a regression where a related_query_name reverse accessor wasn’t + set up when a GenericRelation is declared on an abstract base model + * Fixed the test client’s JSON serialization of a request data dictionary + for structured content type suffixes + * Made the admin change view redirect to the changelist view after a POST + if the user has the ‘view’ permission + * Fixed admin change view crash for view-only users if the form + has an extra form field + * Fixed a regression in Django 2.0.5 where QuerySet.values() or values_list() + after combining querysets with extra() with union(), difference(), + or intersection() crashed due to mismatching columns + +------------------------------------------------------------------- +Tue Aug 14 07:46:04 UTC 2018 - tchvatal@suse.com + +- Apply patch to fix urlencode nonstring values: + * django-urlencode.patch + +------------------------------------------------------------------- +Wed Aug 8 13:33:57 UTC 2018 - tchvatal@suse.com + +- Enable testsuite + +------------------------------------------------------------------- +Wed Aug 8 09:35:51 UTC 2018 - mimi.vx@gmail.com + +- update to version 2.1 +- move bash completion to right location +- for full chanfges please see https://docs.djangoproject.com/en/2.1/releases/2.1/ + * Dropped support for MySQL 5.5 + * Dropped support for PostgreSQL 9.3 + * Support for SpatiaLite 4.0 is removed + * Support for SQLite < 3.7.15 is removed. + +------------------------------------------------------------------- +Mon Jul 2 13:15:55 UTC 2018 - aplanas@suse.com + +- update to version 2.0.7: + * Fixed admin changelist crash when using a query expression without + asc() or desc() in the page’s ordering (#29428). + * Fixed admin check crash when using a query expression in + ModelAdmin.ordering (#29428). + * Fixed __regex and __iregex lookups with MySQL 8 (#29451). + * Fixed migrations crash with namespace packages on Python 3.7 + (#28814). +- update to version 2.0.6 + * Fixed a regression that broke custom template filters that use + decorators (#29400). + * Fixed detection of custom URL converters in included patterns + (#29415). + * Fixed a regression that added an unnecessary subquery to the GROUP + BY clause on MySQL when using a RawSQL annotation (#29416). + * Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS + 3.6.1+ (#29460). + * Fixed a regression in Django 1.10 that could result in large + memory usage when making edits using ModelAdmin.list_editable + (#28462). +- update to version 2.0.5 + * Corrected the import paths that inspectdb generates for + django.contrib.postgres fields (#29307). + * Fixed a regression in Django 1.11.8 where altering a field with a + unique constraint may drop and rebuild more foreign keys than + necessary (#29193). + * Fixed crashes in django.contrib.admindocs when a view is a + callable object, such as django.contrib.syndication.views.Feed + (#29296). + * Fixed a regression in Django 1.11.12 where QuerySet.values() or + values_list() after combining an annotated and unannotated + queryset with union(), difference(), or intersection() crashed due + to mismatching columns (#29286). + +------------------------------------------------------------------- +Sat Apr 7 19:21:18 UTC 2018 - tbechtold@suse.com + +- update to version 2.0.4: + * Fixed #29265 -- Removed the suggestion to hardcode static URLs. + * Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. + * Fixed #29195 -- Fixed Exists.output_field resolution on single-valued queries. + * Fixed links to Sphinx docs. + * Fixed typo in docs/releases/2.0.4.txt. + * Clarified docs about ISO 8601 week numbering. + * Fixed #29116 -- Fixed OpenLayersWidget deserialization ignoring the widget map's SRID. + * Added CVE-2018-7536,7 to the security release archive. + * Fixed #29221 -- Corrected admin's autocomplete widget to add a space after custom classes. + * Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets. + * Added a pagination example to ListView docs. + * Fixed #28514 -- Clarifed docs about idempotence of RelatedManager.add(). + * isorted import statements in tutorial example. + * Fixed #29192 -- Corrected docs regarding overriding fields from abstract base classes. + * Refs #11278 -- Clarified RelatedManager differences between reverse one-to-many and many-to-many relations. + * Added stub release notes for 1.11.12. + * Fixed #29165 -- Clarified how to load initial data with migrations. + * Fixed #29213 -- Fixed autocomplete widget's translations for zh-hans/zh-hant. + * Reverted "Expanded docs for AbstractBaseUser.has_usable_password()." + * Fixed typo in docs/releases/2.0.4/1.11.12.txt. + * Bumped version for 2.0.4 release. + * Fixed #29250 -- Added 'django_version' context to startapp/project docs. + * Added release date for 2.0.4 and 1.11.12. + * Post-release version bump. + * Clarified a sentence in docs/topics/i18n/translation.txt. + * Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection(). + * Added stub release notes for 2.0.4. + * Fixed a couple mistakes in docs/ref/forms/widgets.txt. + * Fixed #28655 -- Added more examples for customizing widgets in a form. + +------------------------------------------------------------------- +Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com + +- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537): + * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets. + * Added CVE-2018-6188 to the security release archive. + * Post-release version bump. + * Updated translations from Transifex + * Added stub release notes for security releases. + * Fixed incorrect regex in re_path() example. + * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. + * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. + * Used a CSS positioning in tutorial 6 that doesn't differ across browsers. + * Fixed typo in bulk_create() documentation. + * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. + * Removed blank lines per isort 4.3.0. + * Added stub release notes for 2.0.3. + * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. + * Fixed #29172 -- Fixed crash with Window expression in a subquery. + * Fixed #29166 -- Fixed crash in When() expression with a list argument. + * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. + * Improved clarity of docs/topics/install.txt. + * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value. + * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. + * Bumped version for 2.0.3 release. + * Corrected doc'd type of some parameters from string to str. + * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. + * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. + * Switched test requirement to new psycopg2-binary package. + * Added backticks around obj argument in admin docs. + * Fixed typo in docs/topics/forms/media.txt. + * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. + * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). + +------------------------------------------------------------------- +Wed Feb 7 13:54:36 UTC 2018 - tbechtold@suse.com + +- update to 2.0.2 (bsc#1077714, CVE-2018-6188): + * Fixed #28883 -- Doc'd that the uuid URL path converter matches lowercase only letters. + * Fixed a GeoIP2 test failure with the latest GeoIP2 database. + * Added stub release notes for 2.0.1. + * Bumped version for 2.0.2 release. + * Fixed location of spatialite_source label. + * Fixed #28958 -- Fixed admin changelist crash when using a query expression in the page's ordering. + * Fixed #28231 -- Doc'd that QuerySet.bulk_create() casts objs to a list. + * Fixed #29032 -- Fixed an example of using expressions in QuerySet.values(). + * Disambiguated "settings" in SpatiaLite note. + * Fixed typo in docs/topics/testing/advanced.txt. + * Post-release version bump. + * Refs #25604 -- Removed docs for makemigrations --exit. + * Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled. + * Fixed typo in TemplateCommand argument help text. + * Added stub release notes for 1.11.9. + * Fixed #28915 -- Prevented SQLite from truncating trailing zeros in the fractional part of DecimalField. + * Refs #29086 -- Doc'd how to detect bytestring mistakes. + * Fixed #28886 -- Updated prefix for example django.contrib.auth.urls URLs. + * Fixed #29081 -- Clarified comments in QuerySet.select_related() example. + * Refs #27985 -- Reallowed using __exact=None as an alias for __isnull=True if a custom lookup class with lookup_name != None is registered as the exact lookup. + * Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table. + * Removed 'development' word in contributing docs + * Fixed #29055 -- Doc'd that escapejs doesn't make template literals safe. + * Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion. + * Fixed grammar in docs/releases/2.0.txt. + * Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does. + * Fixed #28944 -- Fixed crash when chaining values()/values_list() after QuerySet.select_for_update(of=()). + * Fixed #29091 -- Fixed makemigrations crash if migrations directory doesn't have __init__.py. + * Fixed #28898 -- Corrected admin check to allow a OneToOneField in ModelAdmin.autocomplete_fields. + * Fixed #28896 -- Reallowed filtering a queryset with GeometryField=None. + * Fixed #28891 -- Documented Origin's loader attribute. + * Confirmed support for PostGIS 2.4. + * Wrapped an import per isort. + * Added release date for 2.0.1 and 1.11.9. + * Fixed #28884 -- Fixed crash on SQLite when renaming a field in a model referenced by a ManyToManyField. + * Fixed "template tag" spelling in docs. + * Fixed #28947 -- Fixed crash when coercing a translatable URL pattern to str. + * Fixed typo in docs/topics/i18n/translation.txt. + * Refs #28932 -- Skipped the failing test for refs #28915 on Oracle. + * Refs #25181 -- Updated timezone.now() docs about obtaining the time in the current time zone. + * Updated documented mysqlclient requirement to 1.3.7. + * Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages. + * Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. + * Fixed #29067 -- Fixed regression in QuerySet.values_list(..., flat=True) followed by annotate(). + * Removed note in tutorial about bypassing manage.py. + * Fixed #28929 -- Corrected QUnit examples. + * Refs #28958 -- Added a test for ModelAdmin with query expressions in ordering. + * Updated various links in docs to use HTTPS. + * Expanded docs for AbstractBaseUser.has_usable_password(). + * Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073. + * Doc'd specifying the ENGINE setting as part of configuring contrib.gis. + * Added stub release notes for 1.11.10. + * Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase. + * Fixed #28784 -- Clarified how migrate --fake works. + * Fixed typo in docs/ref/models/expressions.txt. + * Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields. + * Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table. + * Bumped version for 2.0.1 release. + * Fixed #25277 -- Restored test dependency to the original python-memcached. + * Fixed #28761 -- Documented how an inline formset's prefix works. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Fixed #28966 -- Doc'd that the uuid URL path converter requires dashes + * Fixed #29054 -- Fixed a regression where a queryset that annotates with geometry objects crashes. + * Reverted "[1.11.x] Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI." + * Added "Python 3 Only" trove classifier. + * Fixed #28941 -- Fixed crash in testserver command startup. + * Fixed import in docs/ref/models/conditional-expressions.txt example. + * Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. + * Fixed #28594 -- Removed Jython docs and specific code + * Renamed the "Supported versions" label. + * Fixed #28878 -- Added python_requires in setup.py and a warning for older pips that don't recognize it. + * Fixed typo in docs/ref/contrib/admin/index.txt. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Added stub release notes for 2.0.2. + * Fixed #28938 -- Corrected Python compatibility in the tutorial. + * Fixed #28890 -- Removed newlines between MultiWidget's subwidgets. + +------------------------------------------------------------------- +Tue Dec 12 21:12:18 UTC 2017 - mimi.vx@gmail.com + +- update to 2.0 + * drop python 2 support + * Simplified URL routing syntax + * Mobile-friendly contrib.admin + * Window expressions + * Removed support for bytestrings in some places + * Dropped support for Oracle 11.2 +- Please read Release Notes - https://docs.djangoproject.com/en/2.0/releases/2.0/ + +------------------------------------------------------------------- +Tue Dec 12 05:16:57 UTC 2017 - tbechtold@suse.com + +- update to 1.11.8: + * Fixed #28488 -- Reallowed error handlers to access CSRF tokens. + * Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey + pointing to a MTI model. + * Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary + key in an Index's fields. + * Added stub release notes for 1.11.7. + * Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint" + crash on MySQL with a sequence of AlterField or RenameField operations. + * Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef. + * Added assertion helpers for PostgreSQL's server-side cursor tests. + * Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs. + * Fixed #28786 -- Doc'd middleware ordering considerations due to + CommonMiddleware setting Content-Length. + * Added release date for 1.11.8. + * Fixed #28702 -- Made query lookups for CIText fields use citext. + * Added 2017-12794 to the security release archive. + * Fixed typo in docs/topics/cache.txt. + * Bumped version for 1.11.6 release. + * Added release date for 1.11.6. + * Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt. + * Bumped version for 1.11.7 release. + * Added stub release notes for 1.11.8. + * Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered + subquery that uses nulls_first/nulls_last. + * Fixed typo in docs/topics/db/aggregation.txt. + * Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt. + * Fixed typo in docs/topics/forms/media.txt. + * Bumped version for 1.11.8 release. + * Fixed typo in docs/ref/models/querysets.txt. + * Fixed test failures due to ordering differences on PostgreSQL 10. + * Fixed #28710 -- Fixed the Basque DATE_FORMAT string + * Added stub release notes for 1.11.6. + * Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. + * Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after + values() and values_list(). + * Post-release version bump. + * Fixed #28792 -- Fixed index name truncation of namespaced tables. + * Fixed #28781 -- Added QuerySet.values()/values_list() support for union(), + difference(), and intersection(). + * Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last. + * Refs #28710 -- Simplified l10n format test + * Initialized CsrfViewMiddleware once in csrf_tests. + * Added release date for 1.11.7. + * Linked to prefetch_related_objects func in DB optimization docs. + * Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user + error when using ModelBackend. + * Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs. + * Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins. + * Fixed #28555 -- Made CharField convert whitespace-only values to the + empty_value when strip is enabled. + * Fixed #28601 -- Prevented cache.get_or_set() from caching None if default + is a callable that returns None. + +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + +------------------------------------------------------------------- +Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com + +- update to version 1.11.4: + * Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3. + * Fixed #27956 -- Fixed display of errors in an {% extends %} child. + * Updated various links in docs to avoid redirects + * Fixed typo in docs/topics/auth/default.txt. + * Double quoted HTML attributes in widget docs + * Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template. + * Added stub release notes for 1.11.3. + * Documented OSMWidget.default_lat/lon. + * Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field. + * Bumped version for 1.11.4 release. + * Bumped version for 1.11.3 release. + * Updated translations from Transifex + * Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets(). + * Fixed #28242 -- Moved ImageField file extension validation to the form field. + * Made docs/topics/migrations.txt use single quotes consistently. + * Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2. + * Updated name of topics/db/queries link on index. + * Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt. + * Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state. + * Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. + * Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test. + * Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs. + * Fixed typo in docs/topics/testing/advanced.txt. + * Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context. + * Refs #18974 -- Added stacklevel for permalink() deprecation. + * Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field. + * Fixed #28051 -- Made migrations respect Index's name argument. + * Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous. + * Added release date for 1.11.4. + * Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path. + * Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__(). + * Fixed #28148 -- Doc'd ImageField name validation concerns with the test client. + * Added stub release notes for 1.11.2. + * Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+. + * Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor. + * Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt. + * Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms. + * Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible(). + * Fixed docstring typo in django/contrib/admin/actions.py. + * Fixed #28102 -- Doc'd how to compute path to built-in widget template directories. + * Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples. + * Fixed #28181 -- Added detection for GDAL 2.1 and 2.0. + * Refs #23853 -- Updated sql.query.Query.join() docstring. + * Added a test for Model._meta._property_names. + * Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg. + * Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept. + * Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis. + * Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget. + * Added content_type filtering in Permission querying example. + * Corrected FileExtensionValidator doc regarding the value being validated. + * Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash. + * Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. + * Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices. + * Post-release version bump. + * Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False. + * Refs #28192 -- Fixed documentation of ChoiceField choices requirement + * Fixed #27966 -- Bumped required psycopg2 version to 2.5.4. + * Linked GIS QuerySet API docs to corresponding PostGIS docs. + * Fixed #27974 -- Kept resolved templates constant during one rendering cycle. + * Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations + * Fixed typo in docs/ref/request-response.txt. + * Fixed #27963 -- Removed unneeded docstring example in contributing docs. + * Added stub release notes for security releases. + * Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS. + * Fixed typo in docs/ref/forms/fields.txt. + * Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). + * Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount. + * Fixed broken links to Oracle docs. + * Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches. + * Added links and cosmetic edits to docs/ref/request-response.txt. + * Added stub release notes for 1.11.1. + * Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page. + * Removed incorrect "required" attribute in docs/ref/forms/fields.txt. + * Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context. + * Refs #24423 -- Readded inadvertently deleted i18n tests. + * Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939). + * Corrected post-release version bump. + * Made runtests.py run gis_tests only when using a GIS database backend. + * Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool. + * Fixed broken link to QUnit docs. + * Removed MySQL (unsupported) from Perimeter docs. + * Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt. + * Fixed #28139 -- Added another level of headings in the topics index. + * Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like. + * Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed. + * Updated man page for Django 1.11. + * Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt. + * Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST. + * Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. + * Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS. + * Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. + * Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering. + * Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor. + * Tested EmailMessage(attachments=[MIMEText]) + * Clarified return value of NumGeometries GIS function. + * Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL. + * Fixed #28058 -- Restored empty BoundFields evaluating to True. + * Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt. + * Added CVE-2017-7233,4 to the security release archive. + * Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII. + * Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters. + * Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet. + * Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults. + * Refs #27556, #27488 -- Updated support backends docs for isvalid lookup. + * Fixed nondeterministic ordering test failure in model_forms. + * Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__(). + * Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758. + * Made a few cosmetic updates to "Migrations that add unique fields". + * Bumped version for 1.11 release. + * Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory. + * Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input. + * Fixed #27949 -- Doc'd how OpenLayers 3 widgets work. + * Pass type to sql_alter_column_* where it was missing. + * Fixed #27866 -- Made ChoiceWidget.format_value() return a list + * Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667). + * Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed. + * Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet. + * Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date. + * Fixed #28161 -- Fixed return type of ArrayField(CITextField()). + * Corrected docs regarding MySQL support of Length GIS function. + * Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value. + * Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest. + * Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials. + * Fixed #27644 -- Doc'd FileSystemStorage.get_created_time(). + * Added test for intersection() when combining with a queryset raising EmptyResultSet. + * Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL. + * Removed extra characters in docs header underlines. + * Fixed GEOSGeometry reference in GIS tutorial. + * Refs #28066 -- Fixed Python 2 failures in sessions_tests. + * Removed obsolete Widget.format_output() in tests. + * Fixed #28059 -- Restored class attribute in
        of widgets that use multiple_input.html. + * Fixed typo in docs/ref/contrib/postgres/fields.txt. + * Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. + * Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537). + * Removed unexpected initial attribute in data migration examples. + * Renamed "Mac OS X" to "macOS" in docs. + * Sorted imports per isort 4.2.9. + * Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331. + * Back to the future. + * Fixed #27993 -- Fixed model form default fallback for SelectMultiple. + * Refs #27866 -- Adapted backport for Python 2 compatibility + * Removed unused links in docs/internals/contributing/triaging-tickets.txt. + * Clarified QuerySet.iterator()'s docs on server-side cursors. + * Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses + * Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget. + * Corrected REPL example in forms docs for Python 3. + * Refs #28181 -- Corrected detection of GDAL 2.1 on Windows. + * Fixed #28075 -- Prevented ChoiceWidget from localizing option values. + * Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model. + * Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL. + * Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model. + * Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL. + * Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs. + * Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend. + * Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options. + * Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11. + * Fixed a forms test after updated translations. + * Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt. + * Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists(). + * Fixed #28336 -- Fixed typo in docs/ref/settings.txt. + * Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet. + * Refs #28052 -- Cleaned up some indexes in schema tests. + * Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk. + * Added release date for 1.11.1. + * Fixed #28327 -- Removed contradictory description of mod_wsgi docs. + * Clarified "newly-introduced features" in the supported versions policy. + * Fixed docs build with Sphinx 1.6. + * Fixed #28239 -- Removed docs for a removed arg of template.Context. + * Bumped version for 1.11.2 release. + * Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests. + * Updated postgis.net and gaia-gis.it links to https. + * Fixed typos in docs/topic/db/search.txt. + * Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables. + * Fixed typos in docs/howto/static-files/index.txt. + * Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views. + * Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk. + * Fixed db backend discovery in admin_scripts tests. + * Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt. + * Fixed #26028 -- Added overriding templates howto. + * Updated was_published_recently() tutorial test to check boundary condition. + * Fix a typo in django/db/transaction.py + * Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings. + * Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. + * Refs #22397 -- Removed model in test cleanup + * Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False. + * Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField. + * Updated core translations from Transifex + * Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model. + * Added missing import in docs/topics/db/queries.txt. + * Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected. + * Fixed #28229 -- Fixed the value of LoginView's "next" template variable. + * Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None. + * Added release date for 1.11.2. + * Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. + * Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new. + * Removed an obsolete temporal reference in docs/faq/general.txt. + * Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg. + * Fixed #27945 -- Clarified that RegexValidator searches with the regex. + * Linked GIS functions docs to corresponding PostGIS docs. + * Refs #17453 -- Fixed broken link to #django IRC logs. + * Fixed gis_tests.geoapp test with incorrect geodetic coordinates. + * Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data. + * Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it. + * Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5. + * Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms. + * Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails + * Clarified backend support of Area GIS function. + * Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it. + * Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models. + * Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable. + * Fixed #28188 -- Fixed crash when pickling model fields. + * Fixed typo in docs/ref/models/querysets.txt. + * Pointed Dive into Python links to python3 site + * Refs #25240 -- Added ExtractWeek examples. + * Added some shell output in tutorial 2. + * Removed inappropriate highlighting in committing-code.txt. + * Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries. + * Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses. + * Fixed flake8 warning on Python 2. + * Clarified meaning of "Optional" in auth.models.User field docs. + * Clarified HStoreField model/form difference in 1.11 release notes. + * Removed self from method signatures in docs. + * Added stub release notes for 1.11.4. + * Updated tests after French translation update + * Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once. + * Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter. + * Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form. + * Refs #21415 -- Fixed contrib.humanize translations for es_AR + * Fixed #27655 -- Added some guidelines to the coding style docs. + * Updated contrib translations from Transifex + * Removed nonexistent methods from File's docs. + * Doc'd the need to remove default ordering on Subquery aggregates. + * Fixed broken link to mysqlclient docs. + * Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model. + * Removed usage of deprecated sphinx.util.compat.Directive. + * Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da. + * Fixed #28190 -- Clarifed how include/extends treat template names. + * Refs #26294 -- Fixed typo in docs/ref/django-admin.txt. + * Refs #28091 -- Fixed typo and rephrased 1.11.1 release note. + * Fixed typo in docs/ref/class-based-views/mixins-single-object.txt. + * Bumped version for 1.11.1 release. + * Added release date for 1.11.3. + * Bumped version for 1.11 release candidate 1. + * Simplified tutorial's test names and docstrings. + * Fixed typo in django/db/backends/base/schema.py comment. + * Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs. +- Require python-pytz and Recommend python-bcrypt + +------------------------------------------------------------------- +Wed Aug 9 17:58:19 UTC 2017 - toddrme2178@gmail.com + +- Fix building on older Python versions. + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. + +------------------------------------------------------------------- +Mon May 8 14:32:03 UTC 2017 - toddrme2178@gmail.com + +- django-admin.py should be the master, not django-admin. + +------------------------------------------------------------------- +Sat May 6 03:31:54 UTC 2017 - toddrme2178@gmail.com + +- Don't provide python2-django or python2-South, singlespec + packages should use correct name. + +------------------------------------------------------------------- +Thu May 4 15:33:21 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Apr 4 14:38:13 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.7 + Bugfixes + * Made admin’s RelatedFieldWidgetWrapper use the wrapped widget’s + value_omitted_from_data() method (#27905) + * Fixed model form default fallback for SelectMultiple (#27993) + +------------------------------------------------------------------- +Wed Mar 1 14:24:17 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.6 + Bugfixes + * Fixed ClearableFileInput’s “Clear” checkbox on model form fields where the + model field has a default + * Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than + generating a bad request response + * Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or + IntegerField from DateField + * Fixed query expression date subtraction accuracy on PostgreSQL for differences + large an a month + * Fixed a GDALException raised by GDALClose on GDAL >= 2.0 + +------------------------------------------------------------------- +Tue Jan 31 14:00:11 UTC 2017 - michal@cihar.com + +- Update to 1.10.5 + * See https://docs.djangoproject.com/en/1.10/releases/1.10/ + * Full text search for PostgreSQL + * New-style middleware + * Official support for Unicode usernames + +------------------------------------------------------------------- +Fri Dec 2 10:17:25 UTC 2016 - appleonkel@opensuse.org + +- Update to 1.9.12 + Bugfixes + * Quoted the Oracle test user’s password in queries to fix the “ORA-00922: missing + or invalid option” error when the password starts with a number or + special character (#27420) + * DNS rebinding vulnerability when DEBUG=True + * CSRF protection bypass on a site with Google Analytics + +------------------------------------------------------------------- +Sat Sep 24 16:42:55 UTC 2016 - sbahling@suse.com + +- Change Requires: python-Pillow to python-imaging for compatibility + with SLE-12 which provides PIL instead of Pillow. + +------------------------------------------------------------------- +Tue Aug 9 09:11:24 UTC 2016 - aplanas@suse.com + +- Update to 1.9.9 + Bugfixes + * Fixed invalid HTML in template postmortem on the debug page + (#26938). + * Fixed some GIS database function crashes on MySQL 5.7 (#26657). + +- Update to 1.9.8 + Fix XSS in admin’s add/change related popup (bsc#988420) + Unsafe usage of JavaScript’s Element.innerHTML could result in XSS + in the admin’s add/change related popup. Element.textContent is now + used to prevent execution of the data. + The debug view also used innerHTML. Although a security issue wasn’t + identified there, out of an abundance of caution it’s also updated + to use textContent. + + Bugfixes + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AddField on PostgreSQL (#26889). + * Fixed makemessages crash on Python 2 with non-ASCII file names + (#26897). + +- Update to 1.9.7 + Bugfixes + * Removed the need for the request context processor on the admin + login page to fix a regression in 1.9 (#26558). + * Fixed translation of password validators’ help_text in forms + (#26544). + * Fixed a regression causing the cached template loader to crash + when using lazy template names (#26603). + * Fixed on_commit callbacks execution order when callbacks make + transactions (#26627). + * Fixed HStoreField to raise a ValidationError instead of crashing + on non-dictionary JSON input (#26672). + * Fixed dbshell crash on PostgreSQL with an empty database name + (#26698). + * Fixed a regression in queries on a OneToOneField that has to_field + and primary_key=True (#26667). + +------------------------------------------------------------------- +Tue May 3 08:23:48 UTC 2016 - aplanas@suse.com + +- Update to 1.9.6 + Bugfixes + * Added support for relative path redirects to the test client and + to SimpleTestCase.assertRedirects() because Django 1.9 no longer + converts redirects to absolute URIs (#26428). + * Fixed TimeField microseconds round-tripping on MySQL and SQLite + (#26498). + * Prevented makemigrations from generating infinite migrations for a + model field that references a functools.partial (#26475). + * Fixed a regression where SessionBase.pop() returned None rather + than raising a KeyError for nonexistent values (#26520). + * Fixed a regression causing the cached template loader to crash + when using template names starting with a dash (#26536). + * Restored conversion of an empty string to null when saving values + of GenericIPAddressField on SQLite and MySQL (#26557). + * Fixed a makemessages regression where temporary .py extensions + were leaked in source file paths (#26341). + +------------------------------------------------------------------- +Sun May 1 12:29:52 UTC 2016 - michael@stroeder.com + +- Update to 1.9.5 + +------------------------------------------------------------------- +Tue Feb 2 09:21:43 UTC 2016 - aplanas@suse.com + +- Update to 1.9.2 + Security issue + * User with "change" but not "add" permission can create objects for + ModelAdmin's with save_as=True + Backwards incompatible change + * .py-tpl files rewritten in project/app templates + Bugfixes + * Fixed a regression in ConditionalGetMiddleware causing + If-None-Match checks to always return HTTP 200 (#26024). + * Fixed a regression that caused the "user-tools" items to display + on the admin's logout page (#26035). + * Fixed a crash in the translations system when the current language + has no translations (#26046). + * Fixed a regression that caused the incorrect day to be selected + when opening the admin calendar widget for timezones from GMT+0100 + to GMT+1200 (#24980). + * Fixed a regression in the admin's edit related model popup that + caused an escaped value to be displayed in the select dropdown of + the parent window (#25997). + * Fixed a regression in 1.8.8 causing incorrect index handling in + migrations on PostgreSQL when adding db_index=True or unique=True + to a CharField or TextField that already had the other specified, + or when removing one of them from a field that had both, or when + adding unique=True to a field already listed in unique_together + (#26034). + * Fixed a regression where defining a relation on an abstract + model's field using a string model name without an app_label no + longer resolved that reference to the abstract model's app if + using that model in another application (#25858). + * Fixed a crash when destroying an existing test database on MySQL + or PostgreSQL (#26096). + * Fixed CSRF cookie check on POST requests when + USE_X_FORWARDED_PORT=True (#26094). + * Fixed a QuerySet.order_by() crash when ordering by a relational + field of a ManyToManyField through model (#26092). + * Fixed a regression that caused an exception when making database + queries on SQLite with more than 2000 parameters when DEBUG is + True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER + compile-time limit to over 2000, such as Debian (#26063). + * Fixed a crash when using a reverse OneToOneField in + ModelAdmin.readonly_fields (#26060). + * Fixed a crash when calling the migrate command in a test case with + the available_apps attribute pointing to an application with + migrations disabled using the MIGRATION_MODULES setting (#26135). + * Restored the ability for testing and debugging tools to determine + the template from which a node came from, even during template + inheritance or inclusion. Prior to Django 1.9, debugging tools + could access the template origin from the node via + Node.token.source[0]. This was an undocumented, private API. The + origin is now available directly on each node using the + Node.origin attribute (#25848). + * Fixed a regression in Django 1.8.5 that broke copying a + SimpleLazyObject with copy.copy() (#26122). + * Always included geometry_field in the GeoJSON serializer output + regardless of the fields parameter (#26138). + * Fixed the contrib.gis map widgets when using + USE_THOUSAND_SEPARATOR=True (#20415). + * Made invalid forms display the initial of values of their disabled + fields (#26129). + +------------------------------------------------------------------- +Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com + +- Update to 1.9.1 + Bugfixes + * Fixed BaseCache.get_or_set() with the DummyCache backend (#25840). + * Fixed a regression in FormMixin causing forms to be validated + twice (#25548, #26018). + * Fixed a system check crash with nested ArrayFields (#25867). + * Fixed a state bug when migrating a SeparateDatabaseAndState + operation backwards (#25896). + * Fixed a regression in CommonMiddleware causing If-None-Match + checks to always return HTTP 200 (#25900). + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AlterField on PostgreSQL + (#25412). + * Fixed admin’s delete confirmation page’s summary counts of related + objects (#25883). + * Added from __future__ import unicode_literals to the default + apps.py created by startapp on Python 2 (#25909). Add this line to + your own apps.py files created using Django 1.9 if you want your + migrations to work on both Python 2 and Python 3. + * Prevented QuerySet.delete() from crashing on MySQL when querying + across relations. + * Fixed evaluation of zero-length slices of QuerySet.values() + (#25894). + * ... + * https://docs.djangoproject.com/en/1.9/releases/1.9.1/ + +------------------------------------------------------------------- +Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com + +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) + * https://docs.djangoproject.com/en/1.9/releases/1.9/ + * Performing actions after a transaction commit + * Password validation + * Permission mixins for class-based views + * New styling for "contrib.admin" + * Running tests in parallel + +------------------------------------------------------------------- +Tue Nov 10 10:39:22 UTC 2015 - tbechtold@suse.com + +- update to 1.8.6: + * https://docs.djangoproject.com/en/1.8/releases/1.8.5/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.6/ + +------------------------------------------------------------------- +Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com + +- add missing Requires for python-setuptools (bsc#952198) + /usr/bin/django-admin needs the pkg_resources framework from + python-setuptools to run properly. + +------------------------------------------------------------------- +Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com + +- update to 1.8.4 (CVE-2015-5963): + * https://docs.djangoproject.com/en/1.8/releases/1.8.4/ + +------------------------------------------------------------------- +Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com + +- add keyring and verify source signature + +------------------------------------------------------------------- +Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com + +- update to 1.8.3: + * https://docs.djangoproject.com/en/1.8/releases/1.8.3/ + Various bugfixes/security fixes (CVE-2015-5145, bsc#937524) + +------------------------------------------------------------------- +Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com + +- update to 1.8.2 (CVE-2015-3982): + * https://docs.djangoproject.com/en/1.8/releases/1.8.2/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.1/ + +------------------------------------------------------------------- +Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com + +- Update to Django 1.8 + * "Long-Term Support" (LTS) release + New features: + * Model._meta API + * Multiple template engines + * Security enhancements + * New PostgreSQL specific functionality + * New data types + * Query Expressions, Conditional Expressions, and Database Functions + * TestCase data setup + Backwards incompatible changes: + * Related object operations are run in a transaction + * Assigning unsaved objects to relations raises an error + * Management commands that only accept positional arguments + * Custom test management command arguments through test runner + * Model check ensures auto-generated column names are within limits + specified by database + * Query relation lookups now check object types + * select_related() now checks given fields + * Default EmailField.max_length increased to 254 + * (DROP) Support for PostgreSQL versions older than 9.0 + * (DROP) Support for MySQL versions older than 5.5 + * (DROP) Support for Oracle versions older than 11.1 + * Specific privileges used instead of roles for tests on Oracle + * ... + +------------------------------------------------------------------- +Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.7: + Security issues: + * Denial-of-service possibility with strip_tags() + * Mitigated possible XSS attack via user-supplied redirect URLs + Bugfixes: + * Fixed renaming of classes in migrations where renaming a subclass would + cause incorrect state to be recorded for objects that referenced the + superclass (#24354). + * Stopped writing migration files in dry run mode when merging migration + conflicts. When makemigrations --merge is called with verbosity=3 the + migration file is written to stdout (:ticket: 24427). + +------------------------------------------------------------------- +Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com + +- Update to Djano 1.7.6: + Bugfixes + * Mitigated an XSS attack via properties in + "ModelAdmin.readonly_fields" + * Fixed crash when coercing "ManyRelatedManager" to a string + (#24352). + * Fixed a bug that prevented migrations from adding a foreign key + constraint when converting an existing field to a foreign key + (#24447). + +------------------------------------------------------------------- +Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.5: + Bugfixes + * Reverted a fix that prevented a migration crash when unapplying + contrib.contenttypes's or contrib.auth's first migration (#24075) + due to severe impact on the test performance (#24251) and problems + in multi-database setups (#24298). + * Fixed a regression that prevented custom fields inheriting from + ManyToManyField from being recognized in migrations (#24236). + * Fixed crash in contrib.sites migrations when a default database + isn't used (#24332). + * Added the ability to set the isolation level on PostgreSQL with + psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in + Django 1.6 but it didn't work in practice. + * Formats for the Azerbaijani locale (az) have been added. + +------------------------------------------------------------------- +Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.4: + Bugfixes + * Fixed a migration crash when unapplying ``contrib.contenttypes``’s + or ``contrib.auth``’s first migration (:ticket:`24075`). + * Made the migration's ``RenameModel`` operation rename + ``ManyToManyField`` tables (:ticket:`24135`). + * Fixed a migration crash on MySQL when migrating from a + ``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`). + * Prevented the ``static.serve`` view from producing + ``ResourceWarning``\s in certain circumstances (security fix + regression, :ticket:`24193`). + * Fixed schema check for ManyToManyField to look for internal type + instead of checking class instance, so you can write custom + m2m-like fields with the same behavior. (:ticket:`24104`). + +------------------------------------------------------------------- +Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.3: + Security fixes: + * WSGI header spoofing via underscore/dash conflation. + * Mitigated possible XSS attack via user-supplied redirect URLs. + * Denial-of-service attack against django.views.static.serve. + * Database denial-of-service with ModelMultipleChoiceField. + Bug fixes: + * The default iteration count for the PBKDF2 password hasher has been + increased by 25%. This part of the normal major release process was + inadvertently omitted in 1.7. This backwards compatible change will not + affect users who have subclassed + django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default + value. + * Fixed a crash in the CSRF middleware when handling non-ASCII referer + header (#23815). + * Fixed a crash in the django.contrib.auth.redirect_to_login view when + passing a reverse_lazy() result on Python 3 (#24097). + * Added correct formats for Greek (el) (#23967). + * Fixed a migration crash when unapplying a migration where multiple + operations interact with the same model (#24110). + +------------------------------------------------------------------- +Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com + +- South has been merged in main Django; provide and obsolete it + +------------------------------------------------------------------- +Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com + +- Update to Django 1.7.2: + + * Fixed migration’s renaming of auto-created many-to-many tables + when changing Meta.db_table (#23630). + * Fixed a migration crash when adding an explicit id field to a + model on SQLite (#23702). + * Added a warning for duplicate models when a module is + reloaded. Previously a RuntimeError was raised every time two + models clashed in the app registry. (#23621). + * Prevented flush from loading initial data for migrated apps + (#23699). + * Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the + default None value (#23717). + * Added GeoDjango compatibility with mysqlclient database driver. + * Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719). + * Fixed a migration crash when removing a field that is referenced + in AlterIndexTogether or AlterUniqueTogether (#23614). + * Updated the first day of the week in the Ukrainian locale to + Monday. + * Added support for transactional spatial metadata initialization on + SpatiaLite 4.1+ (#23152). + * Fixed a migration crash that prevented changing a nullable field + with a default to non-nullable with the same default (#23738). + * Fixed a migration crash when adding GeometryFields with blank=True + on PostGIS (#23731). + * Allowed usage of DateTimeField() as Transform.output_field + (#23420). + * Fixed a migration serializing bug involving float("nan") and + float("inf") (#23770). + * Fixed a regression where custom form fields having a queryset + attribute but no limit_choices_to could not be used in a ModelForm + (#23795). + * Fixed a custom field type validation error with MySQL backend when + db_type returned None (#23761). + * Fixed a migration crash when a field is renamed that is part of an + index_together (#23859). + * Fixed squashmigrations to respect the --no-optimize parameter + (#23799). + * Made RenameModel reversible (#22248) + * Avoided unnecessary rollbacks of migrations from other apps when + migrating backwards (#23410). + * Fixed a rare query error when using deeply nested subqueries + (#23605). + * Fixed a crash in migrations when deleting a field that is part of + a index/unique_together constraint (#23794). + * Fixed django.core.files.File.__repr__() when the file’s name + contains Unicode characters (#23888). + * Added missing context to the admin’s delete_selected view that + prevented custom site header, etc. from appearing (#23898). + * Fixed a regression with dynamically generated inlines and allowed + field references in the admin (#23754). + * Fixed an infinite loop bug for certain cyclic migration + dependencies, and made the error message for cyclic dependencies + much more helpful. + * Added missing index_together handling for SQLite (#23880). + * Fixed a crash when RunSQL SQL content was collected by the schema + editor, typically when using sqlmigrate (#23909). + * Fixed a regression in contrib.admin add/change views which caused + some ModelAdmin methods to receive the incorrect obj value + (#23934). + * Fixed runserver crash when socket error message contained Unicode + characters (#23946). + * Fixed serialization of type when adding a deconstruct() method + (#23950). + * Prevented the SessionAuthenticationMiddleware from setting a + "Vary: Cookie" header on all responses (#23939). + * Fixed a crash when adding blank=True to TextField() on MySQL + (#23920). + * Fixed index creation by the migration infrastructure, particularly + when dealing with PostgreSQL specific {text|varchar}_pattern_ops + indexes (#23954). + * Fixed bug in makemigrations that created broken migration files + when dealing with multiple table inheritance and inheriting from + more than one model (#23956). + * Fixed a crash when a MultiValueField has invalid data (#23674). + * Fixed a crash in the admin when using “Save as new” and also + deleting a related inline (#23857). + * Always converted related_name to text (unicode), since that is + required on Python 3 for interpolation. Removed conversion of + related_name to text in migration deconstruction (#23455 and + #23982). + * Enlarged the sizes of tablespaces which are created by default for + testing on Oracle (the main tablespace was increased from 200M to + 300M and the temporary tablespace from 100M to 150M). This was + required to accommodate growth in Django’s own test suite + (#23969). + * Fixed timesince filter translations in Korean (#23989). + * Fixed the SQLite SchemaEditor to properly add defaults in the + absence of a user specified default. For example, a CharField with + blank=True didn’t set existing rows to an empty string which + resulted in a crash when adding the NOT NULL constraint (#23987). + * makemigrations no longer prompts for a default value when adding + TextField() or CharField() without a default (#23405). + * Fixed a migration crash when adding order_with_respect_to to a + table with existing rows (#23983). + * Restored the pre_migrate signal if all apps have migrations + (#23975). + * Made admin system checks run for custom AdminSites (#23497). + * Ensured the app registry is fully populated when unpickling + models. When an external script (like a queueing infrastructure) + reloads pickled models, it could crash with an AppRegistryNotReady + exception (#24007). + * Added quoting to field indexes in the SQL generated by migrations + to prevent a crash when the index name requires it (##24015). + * Added datetime.time support to migrations questioner (#23998). + * Fixed admindocs crash on apps installed as eggs (#23525). + * Changed migrations autodetector to generate an AlterModelOptions + operation instead of DeleteModel and CreateModel operations when + changing Meta.managed. This prevents data loss when changing + managed from False to True and vice versa (#24037). + * Enabled the sqlsequencereset command on apps with migrations + (#24054). + * Added tablespace SQL to apps with migrations (#24051). + * Corrected contrib.sites default site creation in a multiple + database setup (#24000). + * Restored support for objects that aren’t str or bytes in + mark_for_escaping() on Python 3. + * Supported strings escaped by third-party libraries with the + __html__ convention in the template engine (#23831). + * Prevented extraneous DROP DEFAULT SQL in migrations (#23581). + * Restored the ability to use more than five levels of subqueries + (#23758). + * Fixed crash when ValidationError is initialized with a + ValidationError that is initialized with a dictionary (#24008). + * Prevented a crash on apps without migrations when running migrate + --list (#23366). + +------------------------------------------------------------------- +Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7.1 + + * Allowed related many-to-many fields to be referenced in the admin + (#23604). + * Added a more helpful error message if you try to migrate an app + without first creating the contenttypes table (#22411). + * Modified migrations dependency algorithm to avoid possible + infinite recursion. + * Fixed a UnicodeDecodeError when the flush error message contained + Unicode characters (#22882). + * Reinstated missing CHECK SQL clauses which were omitted on some + backends when not using migrations (#23416). + * Fixed serialization of type objects in migrations (#22951). + * Allowed inline and hidden references to admin fields (#23431). + * The @deconstructible decorator now fails with a ValueError if the + decorated object cannot automatically be imported (#23418). + * Fixed a typo in an inlineformset_factory() error message that + caused a crash (#23451). + * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the + 'auth.User' model (#11775). As a side effect, the setting now adds + a get_absolute_url() method to any model that appears in + ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). + * Avoided masking some ImportError exceptions during application + loading (#22920). + * Empty index_together or unique_together model options no longer + results in infinite migrations (#23452). + * Fixed crash in contrib.sitemaps if lastmod returned a date rather + than a datetime (#23403). + * Allowed migrations to work with app_labels that have the same last + part (e.g. django.contrib.auth and vendor.auth) (#23483). + * Restored the ability to deepcopy F objects (#23492). + * Formats for Welsh (cy) and several Chinese locales (zh_CN, + zh_Hans, zh_Hant and zh_TW) have been added. Formats for + Macedonian have been fixed (trailing dot removed, #23532). + * Added quoting of constraint names in the SQL generated by + migrations to prevent crash with uppercase characters in the name + (#23065). + * Fixed renaming of models with a self-referential many-to-many + field (ManyToManyField('self')) (#23503). + * Added the get_extra(), get_max_num(), and get_min_num() hooks to + GenericInlineModelAdmin (#23539). + * Made migrations.RunSQL no longer require percent sign + escaping. This is now consistent with cursor.execute() (#23426). + * Made the SERIALIZE entry in the TEST dictionary usable (#23421). + * Fixed bug in migrations that prevented foreign key constraints to + unmanaged models with a custom primary key (#23415). + * Added SchemaEditor for MySQL GIS backend so that spatial indexes + will be created for apps with migrations (#23538). + * Added SchemaEditor for Oracle GIS backend so that spatial metadata + and indexes will be created for apps with migrations (#23537). + * Coerced the related_name model field option to unicode during + migration generation to generate migrations that work with both + Python 2 and 3 (#23455). + * Fixed MigrationWriter to handle builtin types without imports + (#23560). + * Fixed deepcopy on ErrorList (#23594). + * Made the admindocs view to browse view details check if the view + specified in the URL exists in the URLconf. Previously it was + possible to import arbitrary packages from the Python path. This + was not considered a security issue because admindocs is only + accessible to staff users (#23601). + * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII + characters in the request (#23593). + * Fixed missing get_or_create and update_or_create on related + managers causing IntegrityError (#23611). + * Made urlsafe_base64_decode() return the proper type (byte string) + on Python 3 (#23333). + * makemigrations can now serialize timezone-aware values (#23365). + * Added a prompt to the migrations questioner when removing the null + constraint from a field to prevent an IntegrityError on existing + NULL rows (#23609). + * Fixed generic relations in ModelAdmin.list_filter (#23616). + * Restored RFC compliance for the SMTP backend on Python 3 (#23063). + * Fixed a crash while parsing cookies containing invalid content + (#23638). + * The system check framework now raises error models.E020 when the + class method Model.check() is unreachable (#23615). + * Made the Oracle test database creation drop the test user in the + event of an unclean exit of a previous test run (#23649). + * Fixed makemigrations to detect changes to Meta.db_table (#23629). + * Fixed a regression when feeding the Django test client with an + empty data string (#21740). + * Fixed a regression in makemessages where static files were + unexpectedly ignored (#23583). + +------------------------------------------------------------------- +Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7 + + * A new built-in database migration system. Notes on upgrading from + South (a popular third*party application providing migration + functionality) are also available. + * A refactored concept of Django applications. Django applications + are no longer tied to the existence of a models files, and can now + specify both configuration data and code to be executed as Django + starts up. + * Improvements to the model Field API to support migrations and, in + the future, to enable easy addition of composite-key support to + Django's ORM. + * Improvements for custom Manager and QuerySet classes, allowing + reverse relationship traversal to specify the Manager to use, and + creation of a Manager from a custom QuerySet class. + * An extensible system check framework which can assist developers + in detecting and diagnosing errors. + + Please refer to the release notes for all details and migration + instructions: + https://docs.djangoproject.com/en/1.7/releases/1.7/ + +- Added python-setuptools as a BuildRequires. + +- Fixed Source URL from Django Project site. + +- Reordered sources. + +- Fixed deduplication to avoid wrong mtimes in pyc files. + +------------------------------------------------------------------- +Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- +Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com + +- Fix update-alternatives + +------------------------------------------------------------------- +Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com + +- Update to version 1.6.2: + + Prevented the base geometry object of a prepared geometry to be garbage + collected, which could lead to crash Django (#21662). + + Fixed a crash when executing the changepassword command when the user + object representation contained non-ASCII characters (#21627). + + The collectstatic command will raise an error rather than default to + using the current working directory if STATIC_ROOT is not set. Combined + with the --clear option, the previous behavior could wipe anything + below the current working directory (#21581). + + Fixed mail encoding on Python 3.3.3+ (#21093). + + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, + the connection wasn’t in autocommit mode but Django pretended it was. + + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + + Added missing items to django.utils.timezone.__all__ (#21880). + + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + + Fixed join promotion for negated AND conditions (#21748). + + Oracle database introspection now works with boolean and float fields (#19884). + + Fixed an issue where lazy objects weren’t actually marked as safe when + passed through mark_safe() and could end up being double-escaped (#21882). + +------------------------------------------------------------------- +Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.1: + - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 + release notes. + +------------------------------------------------------------------- +Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com + +- Update-alternatives also for bash-completion + +------------------------------------------------------------------- +Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com + +- Only ghost /etc/alternatives on 12.3 or newer + +------------------------------------------------------------------- +Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com + +- Require python-Pillow for image-related functionality +- Package was renamed from python-django +- Drop Django-1.2-completion-only-for-bash.patch: Useless + +------------------------------------------------------------------- +Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br + +- Update to version 1.6: + - Please read the release notes + https://docs.djangoproject.com/en/1.6/releases/1.6 +- Removed Patch2 as it is no needed anymore: + Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch + +------------------------------------------------------------------- +Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed directory traversal with ssi template tag + +------------------------------------------------------------------- +Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.2: + - Security release, please check release notes for details: + https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued + +------------------------------------------------------------------- +Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.1: + - Memory leak fix, please read release announcement at + https://www.djangoproject.com/weblog/2013/mar/28/django-151. + +------------------------------------------------------------------- +Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5: + - Please read the release notes + https://docs.djangoproject.com/en/1.5/releases/1.5 + +------------------------------------------------------------------- +Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.3: + - Security release: + - Host header poisoning + - Redirect poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/dec/10/security + +------------------------------------------------------------------- +Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- +Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.1: + - Security release: + - Cross-site scripting in authentication views + - Denial-of-service in image validation + - Denial-of-service via get_image_dimensions() + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued + +------------------------------------------------------------------- +Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de + +- Add patch to support CSRF_COOKIE_HTTPONLY config + +------------------------------------------------------------------- +Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4: + - Please read the release notes + https://docs.djangoproject.com/en/dev/releases/1.4 +- Removed Patch2, it was merged on upstream, + +------------------------------------------------------------------- +Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de + +- Set license to SDPX style (BSD-3-Clause) +- Package AUTHORS, LICENE and README files +- No CFLAGS for noarch package +- Drop runtime dependency on gettext-tools + +------------------------------------------------------------------- +Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3.1 to fix security issues, please read + https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. + +------------------------------------------------------------------- +Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br + +- Fix build on SLES_9. + +------------------------------------------------------------------- +Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3 final; +- Refresh patch empty-ip-2.diff. + +------------------------------------------------------------------- +Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3-rc1; +- Regenerated spec file with py2pack; +- No more need to fix wrong line endings; +- Refresh patch empty-ip-2.diff with -p0. + +------------------------------------------------------------------- +Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de + +- Spec file cleanup: + * Removed empty lines, package authors from description + * Cleanup duplicates + * Corrected wrong file endings + * Added zero-length rpmlint filter +- Added AUTHORS, LICENSE and doc files + +------------------------------------------------------------------- +Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.2.5: + - This is a security update that fix: + - Flaw in CSRF handling; + - Potential XSS in file field rendering. + +------------------------------------------------------------------- +Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.4: + - Information leakage in Django administrative interface; + - Denial-of-service attack in password-reset mechanism. +- This is a mandatory security update. + +------------------------------------------------------------------- +Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.3: + - The patch applied for the security issue covered in Django + 1.2.2 caused issues with non-ASCII responses using CSRF + tokens. This has been remedied; + - The patch also caused issues with some forms, most notably + the user-editing forms in the Django administrative interface. + This has been remedied. + - The packaging manifest did not contain the full list of + required files. This has been remedied. + +------------------------------------------------------------------- +Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.2. +- This is a ciritical security update fixing a default XSS bug! + +------------------------------------------------------------------- +Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca + +- Added patch to fix upstream bug 5622: Empty ipaddress raises an error + +------------------------------------------------------------------- +Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.1. + +------------------------------------------------------------------- +Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2. + +------------------------------------------------------------------- +Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-rc-1. + +------------------------------------------------------------------- +Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br + +- Spec file cleaned with spec-cleaner; +- Minor manual adjusts on spec file. + +------------------------------------------------------------------- +Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br + +- Moved autocomplete file path from /etc/profile.d to + /etc/bash_completion.d. Then it works with konsole too. + +------------------------------------------------------------------- +Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-beta-1; +- Using -q option on prep section of spec file; +- Using INSTALLED_FILES instead of declaring files; +- Removed dummy changelog section of spec file; +- Update completion bash patch. + +------------------------------------------------------------------- +Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org + +- Update to 1.1.1 due to security issue described at + http://www.djangoproject.com/weblog/2009/oct/09/security/ + +------------------------------------------------------------------- +Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br + +- Removed old tarball file (Django-1.1.tar.bz2). + +------------------------------------------------------------------- +Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de + +- Fix python version check. + +------------------------------------------------------------------- +Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de + +- Don't require python-sqlite2 for python >= 2.6. + +------------------------------------------------------------------- +Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de + +- Build as noarch on factory. + +------------------------------------------------------------------- +Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de + +- don't run bash completion on shells other than bash. Avoiding + error messages produced at login when using other shells. + +------------------------------------------------------------------- +Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br + +- Added bash auto-complete to openSUSE. + +------------------------------------------------------------------- +Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net + +- update to version 1.1 +- add python-django-rpmlintrc to quiet rpmlint complaints about -lang + +------------------------------------------------------------------- +Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de + +- add python-xml to the Requires (./manage.py syncdb crashes + otherwise) + +------------------------------------------------------------------- +Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 1.0 +- Fix build on SLES9 + +------------------------------------------------------------------- +Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de + +- update to version 1.0 final + +------------------------------------------------------------------- +Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 0.96.2 + +------------------------------------------------------------------- +Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca + +- The way simplejson is included in this package is not useful to other + packages. Removed from provides + +------------------------------------------------------------------- +Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de + +- verion 0.96.1 fixes D.o.S attack in the i18n module + +------------------------------------------------------------------- +Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de + +- update to version 0.96 + see http://www.djangoproject.com/documentation/release_notes_0.96 for details +- this package provides python-simplejson too. diff --git a/python-Django.keyring b/python-Django.keyring new file mode 100644 index 0000000..591726f --- /dev/null +++ b/python-Django.keyring @@ -0,0 +1,132 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBErcoVkRBACt1HBsLQQ9HeRHrqMbYfWEW3d0KoWzjKU9ZW59oq8ceVCYfhyT +ZKxyLobyed+NhL3SJCE5e4hs5UfyBdS4c8I97MFDKCA5TBu3pMnYGxWje3fSwP6o +RGcP8Ji4/tISclyGrkMruDNzpT93R8H/SixPGFcH7kCp4xQxPBc0esdU4wCg1azF +kUuFijNryusT+i58hVE3dMkD/iAfCh4bcLyZ8aygLZxg3bn3YauJASEjuqVXUgTB +diBdhXnldq0xs2IwQJY1paAajXf5FsjlTVQrQWMtTQ5qWKpQr0lAanufnEDNu6GW +orWBzLaSWQWEkcRALmZS6MBkmVCx/JiIvt0sUxrG4boQ6qYlQYZsaHaAMUZT997v +1ktqA/4kPUfV2gqJuVzWwbhrKhAyhSivmhhe+1lUFa7phRmoMNw7/jXi9OV1lmL2 +ty+0LkeCXUChrXarey4AnPI58aR0xshiAxGEI2jPi+vWkgGblOG3TBoZBH5jV+d2 +/5mmlCs/KkJkdsN+LXR3m5o/oFs7MgGD8pxa1jwK9xcu1xKIqrQyTmF0YWxpYSBC +aWRhcnQgKG5lc3NpdGEpIDxuYXRhbGlhYmlkYXJ0QGdtYWlsLmNvbT6IYgQTEQIA +IgUCTG1snwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQrlwdYDo57Zf7 +lQCeIHmWQQek0zboTqMuy60phrUIzowAn0ONlnzzL0oWiNUpbY8nDsernILWiGAE +ExECACAFAkrcoVkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCuXB1gOjnt +l5FdAKCSLwUJNZXs3WXqKabi2adRcdqZ8gCeLgbbqJ2Dqqaeb3tXK6zWC7ZO9CK0 +NE5hdGFsaWEgQmlkYXJ0IChuZXNzaXRhKSA8bmF0YWxpYS5iaWRhcnRAdWJ1bnR1 +LmNvbT6IZQQTEQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk8oONcC +GQEACgkQrlwdYDo57ZejrgCdFyBg4VipDYmoQ5eOpXe4Vegiwl4AoK00YytEeMvO +EFqZY+qVvqaV3It6iGIEExECACIFAkvrLFwCGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAAAoJEK5cHWA6Oe2XD+QAoK02osWaLzROXg54drLpJMNLs/DGAJ9XlSak +dQv6uX5QFT1QZCp/WwozIrQzTmF0YWxpYSBCaWRhcnQgKG5lc3NpdGEpIDxuYXRh +bGlhLmJpZGFydEBnbWFpbC5jb20+iGIEExECACIFAkvrLBMCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJEK5cHWA6Oe2XrQoAoIpzDPsuwhwuVcelVh3F8q3w +qhk2AKCj6rF6x+kzUwtT6lM8wkUj4x+CgLQ3TmF0YWxpYSBCaWRhcnQgKG5lc3Np +dGEpIDxuYXRhbGlhLmJpZGFydEBjYW5vbmljYWwuY29tPohgBBMRAgAgBQJK3gu6 +AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQrlwdYDo57ZfaNgCfXhjx28H4 +WQ8CjWsdyJU2Kmh44qoAn0zp3TeEFuSPCEBZ0jAR4dwuSrpguQINBErcoVkQCACX +mxZ+acE5irfOe09OclJ+vKxqrnaEpveyLJZzKiWz5GlZLV3gPEMs3Pu0tGtTjadG +CRck2xIYArDz1aPwvM4dHswIy3TyzoSTgW1ybz5TXzkxWDcdwukYm1gKlWMb8JQW +v76KtoiNuY/EIUAaO9M7ZyUPSWunh5CK+ttYKs+KrD8wt8Te7PdsrstUMP2uplOt +I0zKK8P+gcCNZQTZh71Z8WAhZF/tn9LpkE9p0Au3pVEVk7Z8492TO4DySFhBNVEM +IY9KVNiZoEMAaiRUFgG3gPj3MD4wDyaiWp+5b8XQylXcfWsPx3nujLJNUiaJlV4u +Wjv0ZgwMHHLgORAlOJ2rAAMFB/94QWkhOmIzzx0iCob4fILZ2lqTt1fAAbaQxyq/ +LIaI6iSHqebEVVR9OUVTzqNtc0yDifxsbDZXEHmU2qx+aARoYmonxNmNoUS/U6Io +2iPgP1Jwt13dbd284xlgDTx8QO/TjX9lFyvt7AEHIrcHaomwVS0Il7wIfzG24kqX +j17VhD2j/2V6uA7ADAh8u0WFO93i30qNSCaCRphCU4K7gLdHLIp8TsGLdx/gf2mB +5SyhNOkHwEx80kSiFt+H5fER7XQep/w51XybqAt7SsWaIjYLsyMYXyiVdQChwzBd +vusRKv9qjg9eiyHI6aOw6foOUFlpfMx1oeknFDJrjJ3PKUPyiEkEGBECAAkFAkrc +oVkCGwwACgkQrlwdYDo57ZffZACfS9pUk1P5poP86jh8K2K6jpjU0y0AoNQ4ejtn +mpJC4x7FruZyi1wVdkMxmQINBGQu6XIBEADAnmu8HNENZh7UTuu5GfTeFhpmyj5K +yz//txfrm0/b6uTW5TXPgLjuvMzGG8PtaZHRIgZ0gzA+x7T5zKMTaoKs3EvgR5D3 +Y9NjteUWpf8FjvPhN01HZfaZ7yChwHwKobW0JYinNpBh0Cz51unGdLIDtELMaEFO +D8qdcpe63qG111S4G+4hcJUkXt4ALBpSnY9GOhlYQDn+ZDRGk1M9rjeMo+QsIJns +UZRlvBroJyg0toUXclw5QXFGp1+mrjOzKqdD0DmSN7LWlU0yCJB8H5bWZTiPAPOE +SW1Kb3kEW+Qy8YkcH7SkQ7N72wsuIwKJNiddMLZnXeR0Lcvt0t7ftUfs44VEZSwm +V0I7lyZZWr+Pei8nGaLxxCI4OtASXcQ+VVKF/HoR/necD1QmqmuCeiMLmYT5jEPZ +oovOri5onkWIQfjfWeUVErxNi9Uz18mi9P7PfAWOzNCmdkuVqsPtpymyDcKYYh9u +D/CTH9w1B69CRjld6NOfal05fIrfKuVgPvmQnPeCn+KgTBwv8T+mgGVjkBlDGpYy +6Y24s13R6WoawJnjIEjA/Q5QOSDXYtpgF8D3cMW+LUlD9lu2A6OO64H33rInIaut +8IFgKcTf3pXbzh1J6Zs+fcjOryitM7t4Fo1ClJ+DSn4yoUHxP2UEZL6LL0DF6LrE +kJjKxwRp20lPwwARAQABtDFOYXRhbGlhIDwxMjQzMDQrbmVzc2l0YUB1c2Vycy5u +b3JlcGx5LmdpdGh1Yi5jb20+iQJOBBMBCAA4FiEEW1sboQ2FrHxcduOPLugqjZRw +mD4FAmQu6XICGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQLugqjZRwmD56 +rQ//UvzX9/4Eo3HPBMDEIwExjmYGyTqiQQm2KW9Z4U0zQVdeLVF8ZOdaIKn1RBUw +M02RJWI2HjovdLN3LbXpTtQtamSvvU6fv7vy5zLBJdVL9eKXXG+3MPCWDHOqwp/u +L/4lq0pUy5ejb4AnIQw1RIQiz6/pprDzgF0celWLhL3krxEqts76X1Jv9wCIYMXV +3reCBqpcfIqWQETLP/NdPVcOIRv0al1qcBw2hUOvEyx72n+17Hb30rFQp+35BaZZ +IjnL3H6pATgjk52EiDdRkyWL9CFrbJ/wkbAvEO29GcUPg1+bT6UZq8LKXyDs/WSL +UkxQ/6w8DzicBiFj/oT7GSMr8KfO4YUMzh/kAFA4v8Q+a53Dq1Icbk9LqkWpu1pA +Hopw3lpGdADuC0z/iYO/U04uUSN5YGyUUOgk5w+CkV8NuL/g2yniNf9AXrbt4ByI +V7cqBt9qdS6z6leuW1M8yrPhX1IcKKqj25sPKAgzp3A6Bt7orr1NZGOVJ4alR4ff +pYvq+wfmIPKf0AbzHGOkYjF4BMvkLRchhi28q+qX5cCuMr+aoqKUtJ2IFiXsvbFN +k0aYWUr5y5qSJoAVf0GMkByQW6+F6bXRRdCpS/JX5JA8qrYp+oV8VhveOOslHVqj +ILAlkMMXoTx6G79DdvQ87fdb4+aIQ96U4T8B6zMxazvmU1i5Ag0EZC7pcgEQAL9n +X/eaWY+v4GgeGjRIWmmrjMBYyeeyJIyL9Mk3iyH/gIOnTDmlX+njjyvyWKfMYIl1 +HmMtzlF3OgsuLeekwbDrXA8xvslp1xmiKLOamPvXwPG/XqkJrYtzVUDEFCtRpEJ0 +c38d+P8WEMjbviyIwJ9PxLllamEK61dRtj1NCMc/Ix4+b54UHxi44Jz1bqQxfgjj +u2o8sPnyZio+DRFWVE3Eocp0rdZ3rlKjUsBXKEElTuIScoKjGwKwaMfxoBgwRhzx +oESwk8CqlH7WzNookx1M1/JjKYdrwln2aNuChtlKLRmUqT7qqTNtett2vy73VM3b +zfXdor94S3q+YtMEvNbo9QCzn6La7HOx+PMm8XM2d9aC7Hz4FBK0xIQB+HLZEIhP +7KQ7GJ2Xn3LStyoO5K64uqi2X2YjsYUcPzvI3uUK+gtH3H1SSIazh7UAUbcEuo7N +K8vF9Vtqp6S2qkjoeV6Dnvy+6735b1WIBZieAmbKaz74IW1IP0lZn3pXeRFo2Wjq +Ojf8zkNacf61exysAkGU2fubsXSZxuxc8DVXKbkpK69tXDSOUmSKTBPVzzmIM79S +yYH1MMRZqQ52Y471qiEZxEPasJXIEVcWbdJxEC/eEiuptPAtojRQH6kJ/AF3Z9Xd +eBaxyuMQ249jqTYwjCehfumTbhP5VhO3QOxs31G/ABEBAAGJAjYEGAEIACAWIQRb +WxuhDYWsfFx2448u6CqNlHCYPgUCZC7pcgIbDAAKCRAu6CqNlHCYPhz3EACx3Hqf +KUMeqUTVOiDyHguBr1FrhMtU5m/nkjdbLWlBHOGHkM4RNDNQTPyQb/C8vcuHYv5l +DPFrzOawdjTyFCuo6f0TMIx38Bbjxo9C8XTnvKbUpyTEQ3dJm67ppF4n6cui+0IC +UefzPkkCbdIPzt2pYopMDB4Hv4Yv6hqeq987Iz1erh7dQe1TDTxIv9PXLYZT60Ro +K0+g+caU9LwVjYiLoeCM1Zhndy6fDV5mu3ctEzcqr/YVH9kDZAuF0O1SX9y42neJ +7hictnE0KrRymVL5d9pp2WKtPny+itSax/a///Q43m1gA9KFuKHtOuGUpYzf76FS +Ld0cC4xjDpPcVTGc8To4+CjNTIrjzbBYa3JU/3J2kwyEw/k1EucRb/RFPbklUSph +Kmd2ewcDLUvcasTwoR/0uplA8gAuV1x7wPBgAW7kmpjiQevl1KLj08HA/jTdfrdx +Yd1GGiNjBmHGu9C8YZ/7fJU50dhv4jWF4dw8OyXtAI4wk5aoJHsJ5iGIMVOVzNLe +mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe +SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv +eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA== +=ul9f +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k +cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW +qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR +vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa +bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz +mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB +a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3 +okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl +EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93 +KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+ +iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm +j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu +NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev +BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK +waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1 +CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC +1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5 +AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi +IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H +MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW +4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C +aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS +h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i +SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU +PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu +tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb +pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA +AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV +sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7 +G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk +334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf +07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj ++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK +qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL +5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8 +BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF +z+gZLcBuv/NdNg== +=B8gH +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python-Django.spec b/python-Django.spec new file mode 100644 index 0000000..cc4eec2 --- /dev/null +++ b/python-Django.spec @@ -0,0 +1,163 @@ +# +# spec file for package python-Django +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# Selenium and memcached are not operational +%bcond_with selenium +%bcond_with memcached +%{?sle15_python_module_pythons} +%if 0%{?suse_version} > 1500 +%bcond_without libalternatives +%else +%bcond_with libalternatives +%endif +Name: python-Django +Version: 5.2.5 +Release: 0 +Summary: A high-level Python Web framework +License: BSD-3-Clause +URL: https://www.djangoproject.com +Source: https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz +Source1: https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt +Source2: %{name}.keyring +Source99: python-Django-rpmlintrc +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. +Patch0: test_strip_tags.patch +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25. +Patch1: support-msgfmt-0.25.patch +BuildRequires: %{python_module Jinja2 >= 2.9.2} +BuildRequires: %{python_module Pillow >= 6.2.0} +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module argon2-cffi >= 19.1.0} +BuildRequires: %{python_module asgiref >= 3.7.0} +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module bcrypt} +BuildRequires: %{python_module docutils} +BuildRequires: %{python_module geoip2} +BuildRequires: %{python_module numpy} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytz} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module sqlparse >= 0.3.1} +BuildRequires: %{python_module tblib >= 1.5.0} +BuildRequires: %{python_module wheel} +BuildRequires: %{pythons} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: python +Requires: python-asgiref >= 3.7.0 +Requires: python-sqlparse >= 0.3.1 +Requires: python-tzdata +Recommends: python-Jinja2 >= 2.9.2 +Recommends: python-Pillow >= 6.2.0 +Recommends: python-PyYAML +Recommends: python-argon2-cffi >= 19.1.0 +Recommends: python-bcrypt +Recommends: python-geoip2 +Recommends: python-pylibmc +Recommends: python-pymemcache +Provides: python-django = %{version} +Obsoletes: python-django < %{version} +Provides: python-South = %{version} +Obsoletes: python-South < %{version} +BuildArch: noarch +%if %{with libalternatives} +BuildRequires: alts +Requires: alts +%else +Requires(post): update-alternatives +Requires(postun): update-alternatives +%endif +%if %{with memcached} +BuildRequires: %{python_module pylibmc} +BuildRequires: %{python_module pymemcache} +%endif +%if %{with selenium} +# python-selenium is supported only on the Intel architecture. +# Additionally chromedriver is only available on x86_64. +%ifarch %{ix86} x86_64 +BuildRequires: %{python_module selenium} +BuildRequires: chromedriver +BuildRequires: xvfb-run +%endif +%endif +%python_subpackages + +%description +Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. + +%prep +# The publisher doesn't sign the source tarball, but a signatures file +# containing multiple hashes. +gpg --import %{SOURCE2} +gpg --verify %{SOURCE1} +# +# Verify hashes in that file against source tarball. +echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-32` %{SOURCE0}" | md5sum -c +echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-40` %{SOURCE0}" | sha1sum -c +echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-64` %{SOURCE0}" | sha256sum -c + +%autosetup -p1 -n django-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install + +%python_clone -a %{buildroot}%{_bindir}/django-admin + +%{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%%{_datadir}/bash-completion/completions/django_bash_completion-%{$python_bin_suffix}.sh +# Fix wrong-script-interpreter +sed -i "s|^#!%{_bindir}/env python$|#!%{_bindir}/$python|" \ + %{buildroot}%{$python_sitelib}/django/conf/project_template/manage.py-tpl +} +%python_compileall +%{python_expand # +%fdupes %{buildroot}%{$python_sitelib}/django/ +%fdupes %{buildroot}%{$python_sitelib}/Django-%{version}-py*.egg-info/ +} + +%check +export LANG=en_US.UTF8 +export PYTHONDONTWRITEBYTECODE=1 +%if %{with selenium} +export PATH=%{_libdir}/chromium:$PATH +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} xvfb-run $python tests/runtests.py -v 2 --selenium=chrome +%else +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2 +%endif + +%pre +%python_libalternatives_reset_alternative django-admin + +%post +%{python_install_alternative django-admin} + +%postun +%{python_uninstall_alternative django-admin} + +%files %{python_files} +%doc AUTHORS README.rst +%license LICENSE +%python_alternative %{_bindir}/django-admin +%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh +%{python_sitelib}/django +%{python_sitelib}/[Dd]jango-%{version}*-info + +%changelog diff --git a/sanitize_address.patch b/sanitize_address.patch new file mode 100644 index 0000000..f9a5916 --- /dev/null +++ b/sanitize_address.patch @@ -0,0 +1,40 @@ +From da2f8e8257d1bea4215381684ca4abfcee333c43 Mon Sep 17 00:00:00 2001 +From: Mariusz Felisiak +Date: Mon, 17 Jul 2023 11:03:36 +0200 +Subject: [PATCH] Refs #34118 -- Improved sanitize_address() error message for + tuple with empty strings. + +--- + django/core/mail/message.py | 2 ++ + tests/mail/tests.py | 3 ++- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/django/core/mail/message.py b/django/core/mail/message.py +index f3fe6186c7f5..4f8c93e9e55e 100644 +--- a/django/core/mail/message.py ++++ b/django/core/mail/message.py +@@ -97,6 +97,8 @@ def sanitize_address(addr, encoding): + domain = token.domain or "" + else: + nm, address = addr ++ if "@" not in address: ++ raise ValueError(f'Invalid address "{address}"') + localpart, domain = address.rsplit("@", 1) + + address_parts = nm + localpart + domain +diff --git a/tests/mail/tests.py b/tests/mail/tests.py +index 54a136c1a98b..848ee32e9f80 100644 +--- a/tests/mail/tests.py ++++ b/tests/mail/tests.py +@@ -1084,9 +1084,10 @@ def test_sanitize_address_invalid(self): + "@", + "to@", + "@example.com", ++ ("", ""), + ): + with self.subTest(email_address=email_address): +- with self.assertRaises(ValueError): ++ with self.assertRaisesMessage(ValueError, "Invalid address"): + sanitize_address(email_address, encoding="utf-8") + + def test_sanitize_address_header_injection(self): diff --git a/support-msgfmt-0.25.patch b/support-msgfmt-0.25.patch new file mode 100644 index 0000000..535692a --- /dev/null +++ b/support-msgfmt-0.25.patch @@ -0,0 +1,69 @@ +From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001 +From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com> +Date: Fri, 6 Jun 2025 04:58:29 +0800 +Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii + compatible with msgfmt 0.25. + +--- + tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py +index 4b0bb9f6bb1..3a57dbf0765 100644 +--- a/tests/i18n/test_compilation.py ++++ b/tests/i18n/test_compilation.py +@@ -1,5 +1,6 @@ + import gettext as gettext_module + import os ++import re + import stat + import unittest + from io import StringIO +@@ -8,10 +9,12 @@ + from unittest import mock + + from django.core.management import CommandError, call_command, execute_from_command_line +-from django.core.management.utils import find_command ++from django.core.management.utils import find_command, popen_wrapper + from django.test import SimpleTestCase, override_settings + from django.test.utils import captured_stderr, captured_stdout + from django.utils import translation ++from django.utils.encoding import DEFAULT_LOCALE_ENCODING ++from django.utils.functional import cached_property + from django.utils.translation import gettext + + from .utils import RunInTmpDirMixin, copytree +@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self): + + + class CompilationErrorHandling(MessageCompilationTests): ++ @cached_property ++ def msgfmt_version(self): ++ # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt ++ # version should align to gettext. ++ out, err, status = popen_wrapper( ++ ["msgfmt", "--version"], ++ stdout_encoding=DEFAULT_LOCALE_ENCODING, ++ ) ++ m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out) ++ return tuple(int(d) for d in m.groups() if d is not None) ++ + def test_error_reported_by_msgfmt(self): + # po file contains wrong po formatting. + with self.assertRaises(CommandError): +@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self): + call_command( + "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr + ) +- self.assertIn("' cannot start a field name", stderr.getvalue()) ++ if self.msgfmt_version < (0, 25): ++ error_msg = "' cannot start a field name" ++ else: ++ error_msg = ( ++ "a field name starts with a character that is not alphanumerical " ++ "or underscore" ++ ) ++ self.assertIn(error_msg, stderr.getvalue()) + + + class ProjectAndAppTests(MessageCompilationTests): diff --git a/test_strip_tags.patch b/test_strip_tags.patch new file mode 100644 index 0000000..2f1363f --- /dev/null +++ b/test_strip_tags.patch @@ -0,0 +1,46 @@ +From 578ef30376fd279865d1719fcad064a00c625a6b Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Mon, 14 Jul 2025 14:45:03 -0300 +Subject: [PATCH] Fixed #36499 -- Adjusted + utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's + HTMLParser new behavior. + +--- + tests/test_utils/tests.py | 4 ++-- + tests/utils_tests/test_html.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/tests/test_utils/tests.py b/tests/test_utils/tests.py +index 494a0ea8d384..0de19eae9072 100644 +--- a/tests/test_utils/tests.py ++++ b/tests/test_utils/tests.py +@@ -959,10 +959,10 @@ def test_parsing_errors(self): + self.assertHTMLEqual("", "

        ") + error_msg = ( + "First argument is not valid HTML:\n" +- "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" ++ "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))" + ) + with self.assertRaisesMessage(AssertionError, error_msg): +- self.assertHTMLEqual("< div>", "

        ") ++ self.assertHTMLEqual("", "
        ") + with self.assertRaises(HTMLParseError): + parse_html("

        ") + +diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py +index 4ce552e79a0d..205eaeca1668 100644 +--- a/tests/utils_tests/test_html.py ++++ b/tests/utils_tests/test_html.py +@@ -142,10 +142,10 @@ def test_strip_tags(self): + ("&gotcha&#;<>", "&gotcha&#;<>"), + ("ript>test</script>", "ript>test"), + ("&h", "alert()h"), +- (">"), + ("X<<<
        br>br>br>X", "XX"), + ("<" * 50 + "a>" * 50, ""), +- (">" + "" + "" + ""), + (" Date: Thu, 4 Sep 2025 11:14:46 +0000 Subject: [PATCH 4/6] - Update to 5.2.6 (bsc#1248810) * CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases * Fixed a bug where using QuerySet.values() or values_list() with a ForeignObject composed of multiple fields returned incorrect results instead of tuples of the referenced fields - Rebased test_strip_tags.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=214 --- .gitattributes | 23 + .gitignore | 1 + Django-5.2.6.checksum.txt | 66 + django-5.2.6.tar.gz | 3 + python-Django-rpmlintrc | 5 + python-Django.changes | 3058 +++++++++++++++++++++++++++++++++++++ python-Django.keyring | 132 ++ python-Django.spec | 164 ++ support-msgfmt-0.25.patch | 69 + test_strip_tags.patch | 49 + 10 files changed, 3570 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Django-5.2.6.checksum.txt create mode 100644 django-5.2.6.tar.gz create mode 100644 python-Django-rpmlintrc create mode 100644 python-Django.changes create mode 100644 python-Django.keyring create mode 100644 python-Django.spec create mode 100644 support-msgfmt-0.25.patch create mode 100644 test_strip_tags.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Django-5.2.6.checksum.txt b/Django-5.2.6.checksum.txt new file mode 100644 index 0000000..e24bd5a --- /dev/null +++ b/Django-5.2.6.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.6, released September 3, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.6.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.6/tarball/ +https://www.djangoproject.com/download/5.2.6/wheel/ + +MD5 checksums +============= + +1f0327293cc3768903ce8cd390ec3f47 django-5.2.6.tar.gz +fca0005922f8db95eb97108e3d8e0b24 django-5.2.6-py3-none-any.whl + +SHA1 checksums +============== + +ada4c057790d255039ac5fe3a31378e5fde0417a django-5.2.6.tar.gz +f92e94e9ab2e21f3d681918d67b15e7e54d348f6 django-5.2.6-py3-none-any.whl + +SHA256 checksums +================ + +da5e00372763193d73cecbf71084a3848458cecf4cee36b9a1e8d318d114a87b django-5.2.6.tar.gz +60549579b1174a304b77e24a93d8d9fafe6b6c03ac16311f3e25918ea5a20058 django-5.2.6-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmi4JLQtHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +rLQL/AmvGY0A1mnf22ZarnqGyH1pRyC7ZrhX2XtoCN6rOjYHleXDqjCIRnbJPnSP +QoKVj6C0xiWsueetEWdrQd2iwgwuAir2dZ0x4TR9ejmVqUUb/R5BakqjZ7g46lsy +GOvU+MlQjzbu1sh0T2G7DC/z019v3+/3lHGpI4HkUFpIb6EOybKW61+MbZZqQMyY +EC/bYEIzfmoJN0Hyi9FoFx0aE/kMpeEYn6wXmEVUfpW7xqXy5AsA2VpU1/nbu0xS +2R+rOljxTSTvqZknDQhr3WbS6D8m/odlcF59pVNzuBwPChz78o6PtwKLitaUy1sp +LOiunKvQYU7Syt4yz+ro+5S+4bcCsIArOe4SKvkMOCi6pFxyXNz0a8PYXpCbg5ER +PQD6RhUbpz2FFMBTeGjPM4JhrIA06A4goX0Q6PHvOLDPg1WlopSKMu5BBGL7fr/O +7jfGeDf5qKIIJ9ZfZS/flS/ebxm8cG9sF7gpbganJC0TnOWmKLdPYQzLia4zFx3f +pj+RwA== +=g/HH +-----END PGP SIGNATURE----- diff --git a/django-5.2.6.tar.gz b/django-5.2.6.tar.gz new file mode 100644 index 0000000..4d5759a --- /dev/null +++ b/django-5.2.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:da5e00372763193d73cecbf71084a3848458cecf4cee36b9a1e8d318d114a87b +size 10858861 diff --git a/python-Django-rpmlintrc b/python-Django-rpmlintrc new file mode 100644 index 0000000..0159bae --- /dev/null +++ b/python-Django-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("file-not-in-%lang") +# Empty model.py files should be kept around: +addFilter("zero-length") +# Bash completion isn't config: +# addFilter("non-conffile-in-etc /etc/bash_completion.d/django_bash_completion*") diff --git a/python-Django.changes b/python-Django.changes new file mode 100644 index 0000000..4e92a8c --- /dev/null +++ b/python-Django.changes @@ -0,0 +1,3058 @@ +------------------------------------------------------------------- +Thu Sep 4 10:02:00 UTC 2025 - Markéta Machová + +- Update to 5.2.6 (bsc#1248810) + * CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases + * Fixed a bug where using QuerySet.values() or values_list() with a ForeignObject + composed of multiple fields returned incorrect results instead of tuples of + the referenced fields +- Rebased test_strip_tags.patch + +------------------------------------------------------------------- +Tue Aug 12 10:52:26 UTC 2025 - Markéta Machová + +- Update to 5.2.5 + * Fixed a regression in Django 5.2.1 that prevented the usage of UNNEST + PostgreSQL strategy of QuerySet.bulk_create() with foreign keys + * Fixed a crash in Django 5.2 when filtering against a composite primary key + using a tuple containing expressions + * Fixed a crash in Django 5.2 when validating a model that uses + GeneratedField or constraints composed of Q and Case lookups + * Added compatibility for docutils 0.22 + * Fixed a crash in Django 5.2 when using a ManyToManyField on a model with + a composite primary key, by extending the fields.E347 system check +- Convert to libalternatives on SLE-16-based and newer systems + +------------------------------------------------------------------- +Fri Aug 1 02:09:01 UTC 2025 - Steve Kowalik + +- Reinstate Requires on tzdata, a lot of packages use it. + +------------------------------------------------------------------- +Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik + +- Add patch support-msgfmt-0.25.patch: + * Support msgfmt 0.25 error messages changes. (bsc#1246966) +- Remove unneeded Requires on tzdata. + +------------------------------------------------------------------- +Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová + +- Add upstream test_strip_tags.patch to fix test errors with + at-this-point future python interpreters + +------------------------------------------------------------------- +Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová + +- Update to 5.2.4 + * Fixed a log injection possibility by migrating remaining response logging + to django.utils.log.log_response(), which safely escapes arguments + such as the request path to prevent unsafe log output (CVE 2025-48432). + * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to + incorrectly convert None to JSON null instead of SQL NULL for JSONField + * Fixed a regression in Django 5.2.2 where the q parameter was removed from + the internal django.http.MediaType.params property + * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type() + incorrectly preferred more specific media types with a lower quality + * Fixed a crash in Django 5.2 when performing an __in lookup involving a + composite primary key and a subquery on certain backends + +------------------------------------------------------------------- +Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová + +- Update to 5.2.2 (bsc#1244095) + * CVE-2025-48432: Potential log injection via unescaped request path + * Fixed a crash when using select_related against a ForeignObject + originating from a model with a CompositePrimaryKey + * Fixed a regression in Django 5.2 that caused a crash when no + arguments were passed into QuerySet.union(). + * Fixed a regression in Django 5.2 that caused a crash when using OuterRef + in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg. + * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not + account for media type parameters in Accept headers, reducing specificity + in content negotiation. + +------------------------------------------------------------------- +Mon May 12 08:20:40 UTC 2025 - Markéta Machová + +- Update to 5.2.1 (bsc#1242210) + * This release was built using an upgraded setuptools, producing + filenames compliant with PEP 491 and PEP 625 and thus addressing + a PyPI warning about non-compliant distribution filenames. This + change only affects the Django packaging process and does not + impact Django’s behavior. + * CVE-2025-32873: Denial-of-service possibility in strip_tags() + * Fixed a data corruption possibility in file_move_safe() when + allow_overwrite=True + * Fixed a regression introduced when fixing CVE 2025-26699, where + the wordwrap template filter did not preserve empty lines between + paragraphs after wrapping text + * Fixed many bugs and regressions in Django 5.2, see upstream changelog + +------------------------------------------------------------------- +Tue Apr 22 15:46:20 UTC 2025 - Markéta Machová + +- Add missing runtime dependency on tzdata + +------------------------------------------------------------------- +Mon Apr 7 15:02:18 UTC 2025 - Markéta Machová + +- Update to 5.2 + * Django 5.2 is designated as a long-term support release. It will receive + security updates for at least three years after its release. + * Django 5.2 supports Python 3.10, 3.11, 3.12, and 3.13. + ** What’s new in Django 5.2 ** + * Automatic models import in the shell + * Composite Primary Keys + * Simplified override of BoundField + * ... and many more smaller features + ** Backwards incompatible changes in 5.2 ** + * Database backend API changes + * Dropped support for PostgreSQL 13 + * Changed MySQL connection character set default + * ... and more, see upstream changelog + ** Features deprecated in 5.2 ** + * The all argument for the django.contrib.staticfiles.finders.find() + function is deprecated in favor of the find_all argument. + * The ordering keyword argument of the PostgreSQL specific aggregation + functions is deprecated in favor of the order_by argument. + +------------------------------------------------------------------- +Mon Apr 7 14:19:10 UTC 2025 - Markéta Machová + +- Update to 5.1.8 + * CVE-2025-27556: Potential denial-of-service vulnerability in + LoginView, LogoutView, and set_language() on Windows + * Fixed a regression in Django 5.1.7 where the removal of the single_object + parameter unintentionally altered the signature and return type of + LogEntryManager.log_actions() + +------------------------------------------------------------------- +Sun Mar 30 08:28:57 UTC 2025 - Dirk Müller + +- update filelist to be compatible with newer setuptools + +------------------------------------------------------------------- +Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová + +- Update to 5.1.7 (bsc#1239052) + * CVE-2025-26699: Potential denial-of-service vulnerability in + django.utils.text.wrap() + * Fixed a bug in Django 5.1 where the {% querystring %} template tag + returned an empty string rather than "?" + * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite + set to True, did not truncate the overwritten file content + * Fixed a regression in Django 5.1 where the count and exists methods of + ManyToManyField related managers would always return 0 and False when + the intermediary model back references used to_field + * Fixed a regression in Django 5.1 where the pre_save and post_save signals + for LogEntry were not sent when deleting a single object in the admin + +------------------------------------------------------------------- +Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová + +- Update to 5.1.6 + * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() + and validate_ipv46_address() to crash when handling non-string values + * Fixed a regression in Django 5.1 where password fields, despite being + set to required=False, were still treated as required in forms derived + from BaseUserCreationForm + +------------------------------------------------------------------- +Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová + +- Update to 5.1.5 (bsc#1235856) + * CVE-2024-56374: Potential denial-of-service vulnerability in + IPv6 validation + * Fixed a crash when applying migrations with references to the + removed Meta.index_together option + +------------------------------------------------------------------- +Mon Dec 9 09:13:02 UTC 2024 - Markéta Machová + +- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) + * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() + * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle + * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError + * Fixed a regression in Django 5.1 where relational fields were not updated + * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value + that contained a valid domain name, rather than only input values that were + a valid domain name + * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 + * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed + when rendering admin fieldsets + +------------------------------------------------------------------- +Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová + +- Update to 5.1.2 + * Fixed a regression in Django 5.1 that caused a crash when using + the PostgreSQL lookup trigram_similar on output fields from Concat + * Fixed a regression in Django 5.1 that caused a crash of JSONObject() + when using server-side binding with PostgreSQL 16+ + * Fixed a regression in Django 5.1 that made selected items in + multi-select widgets indistinguishable from non-selected items in + the admin dark theme + +------------------------------------------------------------------- +Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.1.1 (bsc#1229823, bsc#1229824) + * CVE-2024-45230: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-45231: Potential user email enumeration via response + status on password reset + * Fixed a regression in Django 5.1 that caused a crash of Window() + when passing an empty sequence to the order_by parameter, and a + crash of Prefetch() for a sliced queryset without ordering + * Fixed a regression in Django 5.1 where a new usable_password field + was included in BaseUserCreationForm (and children). A new + AdminUserCreationForm including this field was added, isolating + the feature to the admin where it was intended + * Adjusted the deprecation warning stacklevel in Model.save() and + Model.asave() to correctly point to the offending call site + * Adjusted the deprecation warning stacklevel when using + OS_OPEN_FLAGS in FileSystemStorage to correctly point to the + offending call site + * Adjusted the deprecation warning stacklevel in + FieldCacheMixin.get_cache_name() to correctly point to the + offending call site + * Restored, following a regression in Django 5.1, the ability to + override the timezone and role setting behavior used within the + init_connection_state method of the PostgreSQL backend + * Fixed a bug in Django 5.1 where variable lookup errors were logged + when rendering admin fieldsets + +------------------------------------------------------------------- +Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová + +- Update to 5.1 + * Supports Python >= 3.10. + * Easier guardrails for authentication: the new and shiny + LoginRequiredMiddleware, when added to MIDDLEWARE, enforces + authentication for all views by default. + * A more inclusive framework: Django 5.1 includes several accessibility + enhancements, such as improved screen reader support in the admin + interface, more semantic HTML elements, and better association of + help text and labels with form fieldsets. + * The second oldest ticket fixed in this release provides the long awaited + querystring template tag, which greatly simplifies the handling of query + strings when building URLs in templates. + * For a detailed list of changes see https://docs.djangoproject.com/en/5.1/releases/5.1/ +- Refreshed python-Django.keyring + +------------------------------------------------------------------- +Wed Aug 7 06:07:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632) + * CVE-2024-41989: Memory exhaustion in + django.utils.numberformat.floatformat() + * CVE-2024-41990: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-41991: Potential denial-of-service vulnerability in + django.utils.html.urlize() and AdminURLFieldWidget + * CVE-2024-42005: Potential SQL injection in QuerySet.values() and + values_list() + * Added missing validation for + UniqueConstraint(nulls_distinct=False) when using *expressions + * Fixed a regression in Django 5.0 where ModelAdmin.action_checkbox + could break the admin changelist HTML page when rendering a model + instance with a __html__ method + * Fixed a crash when creating a model with a Field.db_default and a + Meta.constraints constraint composed of __endswith, __startswith, + or __contains lookups + * Fixed a regression in Django 5.0.7 that caused a crash in + LocaleMiddleware when processing a language code over 500 + characters + * Fixed a bug in Django 5.0 that caused a system check crash when + ModelAdmin.date_hierarchy was a GeneratedField with an + output_field of DateField or DateTimeField + * Fixed a bug in Django 5.0 which caused constraint validation to + either crash or incorrectly raise validation errors for + constraints referring to fields using Field.db_default + * Fixed a crash in Django 5.0 when saving a model containing a + FileField with a db_default set + +------------------------------------------------------------------- +Tue Jul 9 14:03:46 UTC 2024 - Markéta Machová + +- Update to 5.0.7 + * Supports Python >= 3.10. + * Facet counts are now shown for applied filters in the admin changelist + when toggled on via the UI. This behavior can be changed via the new + ModelAdmin.show_facets attribute. + * Django 5.0 introduces the concept of a field group, and field group + templates. This simplifies rendering of the related elements of a + Django form field such as its label, widget, help text, and errors. + * The new Field.db_default parameter sets a database-computed default value. + * The new GeneratedField allows creation of database generated columns. + This field can be used on all supported database backends to create + a field that is always computed from other fields. + * More options for declaring field choices + * Few backwards-incompatible changes in the database backend API, + django.contrib.gis and django.contrib.sitemaps + * Dropped support for MySQL < 8.0.11 + * Using create_defaults__exact may now be required with QuerySet.update_or_create() + * Migrating existing UUIDField on MariaDB 10.7+ +- This release also fixes several security issues: + * bsc#1227590 (CVE-2024-38875) + * bsc#1227593 (CVE-2024-39329) + * bsc#1227594 (CVE-2024-39330) + * bsc#1227595 (CVE-2024-39614) +- Drop no-longer-needed patches: + * dirty-hack-remove-assert.patch + * sanitize_address.patch + +------------------------------------------------------------------- +Wed May 8 07:30:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.13 + + Django 4.2.13 fixes a packaging error in 4.2.12. +- Update to 4.2.12 + + Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+. + + Fixed a crash in Django 4.2 when validating email max line lengths + with content decoded using the surrogateescape error handling + scheme +- Drop fix-safemimetext-set_payload.patch, already merged upstream + +------------------------------------------------------------------- +Thu Apr 18 06:39:36 UTC 2024 - Daniel Garcia + +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) + +------------------------------------------------------------------- +Mon Mar 4 14:05:28 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +------------------------------------------------------------------- +Fri Feb 9 10:18:37 UTC 2024 - Daniel Garcia + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. + +------------------------------------------------------------------- +Thu Jan 4 09:27:51 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.9: + * Fixed a regression in Django 4.2.8 where admin fields on the same + line could overflow the page and become non-interactive + +------------------------------------------------------------------- +Mon Dec 4 10:21:00 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.8 + * Fixed a regression in Django 4.2 that caused makemigrations + --check to stop displaying pending migrations + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing other aggregates + or window functions through conditional expressions + * Fixed a regression in Django 4.2 that caused a crash when + annotating a QuerySet with a Window expressions composed of a + partition_by clause mixing field types and aggregation expressions + * Fixed a regression in Django 4.2 where the admin’s change list + page had misaligned pagination links and inputs when using + list_editable + * Fixed a regression in Django 4.2 where checkboxes in the admin + would be centered on narrower screen widths + * Fixed a regression in Django 4.2 that caused a crash of querysets + with aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode + was enabled + * Fixed a regression in Django 4.2 where the admin’s read-only + password widget and some help texts were incorrectly aligned at + tablet widths + * Fixed a regression in Django 4.2 that caused a migration crash on + SQLite when altering unsupported Meta.db_table_comment + +------------------------------------------------------------------- +Mon Nov 27 12:20:48 UTC 2023 - Dirk Müller + +- add dirty-hack-remove-assert.patch from fedora to fix + minor test failure with python 3.12 + +------------------------------------------------------------------- +Wed Nov 1 08:12:59 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.7 + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing expressions + containing subqueries + * Restored, following a regression in Django 4.2, creating + varchar/text_pattern_ops indexes on CharField and TextField with + deterministic collations on PostgreSQL + +------------------------------------------------------------------- +Mon Oct 16 08:33:05 UTC 2023 - Daniel Garcia Moreno + +- Update to 4.2.6 (bsc#1215978, CVE-2023-43665) + * CVE-2023-43665: Denial-of-service possibility in + django.utils.text.Truncator + The input processed by Truncator, when operating in HTML mode, has + been limited to the first five million characters in order to + avoid potential performance and memory issues. + * Fixed a regression in Django 4.2.5 where overriding the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests + caused the main STORAGES to mutate (#34821). + * Fixed a regression in Django 4.2 that caused unnecessary casting + of string based fields (CharField, EmailField, TextField, + CICharField, CIEmailField, and CITextField) used with the __isnull + lookup on PostgreSQL. As a consequence, indexes using an __isnull + expression or condition created before Django 4.2 wouldn’t be used + by the query planner, leading to a performance regression + (#34840). + +------------------------------------------------------------------- +Mon Sep 4 12:10:50 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.5 (CVE-2023-41164) + + Bugfixes + * Fixed a regression in Django 4.2 that caused an incorrect + validation of CheckConstraints on __isnull lookups against + JSONField + * Fixed a bug in Django 4.2 where the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings were not + synced with STORAGES + * Fixed a regression in Django 4.2.2 that caused an unnecessary + selection of a non-nullable ManyToManyField without a natural + key during serialization + * Fixed a regression in Django 4.2 that caused a crash of a + queryset when filtering against deeply nested OuterRef() + annotations + +------------------------------------------------------------------- +Wed Aug 2 07:35:04 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.4 + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing window + functions + * Fixed a regression in Django 4.2 that caused a crash when + grouping by a reference in a subquery + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping by multi-valued annotations to + group against the wrong columns + +------------------------------------------------------------------- +Tue Jul 18 12:50:29 UTC 2023 - Markéta Machová + +- Add upstream sanitize_address.patch + * fixes build with yet another CPython upstream fix (bsc#1210638) + +------------------------------------------------------------------- +Mon Jul 10 09:28:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.3 (bsc#1212742, CVE-2023-36053) + + CVE-2023-36053: Potential regular expression denial of service + vulnerability in EmailValidator/URLValidator + + Bugfixes + * Fixed a regression in Django 4.2 that caused incorrect alignment + of timezone warnings for DateField and TimeField in the admin + * Fixed a regression in Django 4.2 that caused incorrect + highlighting of rows in the admin changelist view when + ModelAdmin.list_editable contained a BooleanField + +------------------------------------------------------------------- +Fri Jun 9 11:41:19 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Tue Jun 6 06:35:28 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.2 + + Bugfixes + * Fixed a regression in Django 4.2 that caused an unnecessary + DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None + lookups for TextField()/BinaryField() on Oracle + * Restored, following a regression in Django 4.2, get_prep_value() + call in JSONField subclasses + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when passing a ManyToManyField or + GenericForeignKey reference. While doing so is a no-op, it was + allowed in older version + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.only() when passing a reverse OneToOneField reference + * Fixed a bug in Django 4.2 where makemigrations --update didn’t + respect the --name option + * Fixed a performance regression in Django 4.2 when compiling + queries without ordering + * Fixed a regression in Django 4.2 where nonexistent stylesheet + was linked on a “Congratulations!” page + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with expressions referencing other + aggregates + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing subqueries + * Fixed a regression in Django 4.2 that caused a crash of + querysets on SQLite when filtering on DecimalField against + values outside of the defined range + * Fixed a regression in Django 4.2 that caused a serialization + crash on a ManyToManyField without a natural key when its + Manager’s base QuerySet used select_related() + +------------------------------------------------------------------- +Thu May 4 07:02:58 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.1 + + CVE-2023-31047: Potential bypass of validation when uploading + multiple files using one form field (bsc#1210866) + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when deferring fields by attribute names + * Fixed a regression in Django 4.2 that caused a crash of + SearchVector function with % characters + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping to group against the wrong + columns + * Reallowed, following a regression in Django 4.2, setting the + "cursor_factory" option in OPTIONS on PostgreSQL + * Enforced UTF-8 client encoding on PostgreSQL, following a + regression in Django 4.2 + * Fixed a regression in Django 4.2 where i18n_patterns() didn’t + respect the prefix_default_language argument when a fallback + language of the default language was used + * Fixed a regression in Django 4.2 where translated URLs of the + default language from i18n_patterns() with + prefix_default_language set to False raised 404 errors for a + request with a different language + * Fixed a regression in Django 4.2 where creating copies and deep + copies of HttpRequest, HttpResponse, and their subclasses didn’t + always work correctly + * Fixed a regression in Django 4.2 where timesince and timeuntil + template filters returned incorrect results for a datetime with + a non-UTC timezone when a time difference is less than 1 day + * Fixed a regression in Django 4.2 that caused a crash of + SearchHeadline function with psycopg 3 + * Fixed a regression in Django 4.2 that caused incorrect + ClearableFileInput margins in the admin + * Fixed a regression in Django 4.2 where breadcrumbs didn’t appear + on admin site app index views + * Made squashing migrations reduce AddIndex, RemoveIndex, + RenameIndex, and CreateModel operations which allows removing a + deprecated Meta.index_together option from historical migrations + and use Meta.indexes instead + +------------------------------------------------------------------- +Thu Apr 6 06:38:13 UTC 2023 - David Anes + +- Update minimal dependency versions. + +------------------------------------------------------------------- +Tue Apr 4 07:19:56 UTC 2023 - David Anes + +- Update to 4.2: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.2/releases/4.2/ + + Psycopg 3 support + + Comments on columns and tables + + Mitigation for the BREACH attack + + In-memory file storage + + Custom file storages + + For backwards incompatible changes in 4.2 see + https://docs.djangoproject.com/en/4.2/releases/4.2/#backwards-incompatible-changes-in-4-2 + +- Update of keyring file + +------------------------------------------------------------------- +Tue Feb 14 09:59:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.7: + + CVE-2023-24580: Potential denial-of-service vulnerability in file + uploads (bsc#1208082) + + Fixed a bug in Django 4.1 that caused a crash of model validation + on ValidationError with no code + +------------------------------------------------------------------- +Wed Feb 1 12:48:49 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.6: + + CVE-2023-23969: Potential denial-of-service via Accept-Language + headers Bugfixes + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint with ordered expressions + +------------------------------------------------------------------- +Mon Jan 2 19:07:30 UTC 2023 - David Anes + +- Update to 4.1.5: + + Fixed a long standing bug in the __len lookup for ArrayField + that caused a crash of model validation on Meta.constraints. +- Update keyring file. + +------------------------------------------------------------------- +Wed Dec 21 09:39:56 UTC 2022 - Daniel Garcia + +- Recommends python-pymemcache instead of the deprecated + python-python-memcached. This is the module used in Django since 3.2 + https://docs.djangoproject.com/en/3.2/releases/3.2/#pymemcache-support + +------------------------------------------------------------------- +Tue Dec 6 13:30:53 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.4 + + Fixed a regression in Django 4.1 that caused an unnecessary table + rebuild when adding a ManyToManyField on SQLite + + Fixed a bug in Django 4.1 that caused a crash of the sitemap index + view with an empty Sitemap.items() and a callable lastmod + + Fixed a bug in Django 4.1 that caused a crash using acreate(), + aget_or_create(), and aupdate_or_create() asynchronous methods of + related managers + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() with "pk" in unique_fields + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() on fields with db_column + +------------------------------------------------------------------- +Wed Nov 2 15:50:11 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.3 + + Fixed a bug in Django 4.1 that caused non-Python files created by + startproject and startapp management commands from custom + templates to be incorrectly formatted using the black command + +------------------------------------------------------------------- +Tue Oct 4 08:22:42 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.2 (bsc#1203793, CVE-2022-41323) + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when adding a model with ExclusionConstraint + + Fixed a regression in Django 4.1 that caused aggregation over a + queryset that contained an Exists annotation to crash due to too + many selected columns + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint on NULL values + + Fixed a regression in Django 4.1 that caused a + QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg() + + Fixed a bug in Django 4.1 that caused + ModelAdmin.autocomplete_fields to be incorrectly selected after + adding/changing related instances via popups + + Fixed a regression in Django 4.1 where the app registry was not + populated when running parallel tests with the multiprocessing + start method spawn + + Fixed a regression in Django 4.1 where the --debug-mode argument + to test did not work when running parallel tests with the + multiprocessing start method spawn + + Fixed a regression in Django 4.1 that didn’t alter a sequence type + when altering type of pre-Django 4.1 serial columns on PostgreSQL + + Fixed a regression in Django 4.1 that caused a crash for View + subclasses with asynchronous handlers when handling non-allowed + HTTP methods + + Reverted caching related managers for ForeignKey, ManyToManyField, + and GenericRelation that caused the incorrect refreshing of + related objects + + Relaxed the system check added in Django 4.1 for the same name + used for multiple template tag modules to a warning + +------------------------------------------------------------------- +Mon Sep 5 11:14:19 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.1 + + Reallowed, following a regression in Django 4.1, using GeoIP2() + when GEOS is not installed + + Fixed a regression in Django 4.1 that caused a crash of admin’s + autocomplete widgets when translations are deactivated + + Fixed a regression in Django 4.1 that caused a crash of the test + management command when running in parallel and multiprocessing + start method is spawn + + Fixed a regression in Django 4.1 that caused an incorrect + redirection to the admin changelist view when using "Save and + continue editing" and "Save and add another" options + + Fixed a regression in Django 4.1 that caused a crash of Window + expressions with ArrayAgg + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite 3.35.5+ when removing an indexed field + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint() with field names in expressions + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint() with range fields on PostgreSQL + + Fixed a regression in Django 4.1 that caused an incorrect + migration when adding AutoField, BigAutoField, or SmallAutoField + on PostgreSQL + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when altering AutoField, BigAutoField, or + SmallAutoField to OneToOneField + + Fixed a migration crash on ManyToManyField fields with through + referencing models in different apps + + Fixed a regression in Django 4.1 that caused an incorrect + migration when renaming a model with ManyToManyField and db_table + + Reallowed, following a regression in Django 4.1, creating reverse + foreign key managers on unsaved instances + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite < 3.20 + + Fixed a regression in Django 4.1 that caused an admin crash when + the admindocs app was used +- Remove 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch + (already upstream) +- Verify the tarball with gpg + +------------------------------------------------------------------- +Wed Aug 3 13:20:52 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.1/releases/4.1/ + + Django 4.1 supports Python 3.8, 3.9, and 3.10 + + Asynchronous handlers for class-based views + + Asynchronous ORM interface + + Validation of Constraints + + Form rendering accessibility + + CSRF_COOKIE_MASKED setting +- Drop fix_test_custom_fields_SQLite.patch (already merged) +- Add 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch to fix + test + +------------------------------------------------------------------- +Wed Aug 3 11:48:48 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.7 (CVE-2022-36359, bsc#1201923): + + Django 4.0.7 fixes a security issue with severity “high” in 4.0.6. + +------------------------------------------------------------------- +Tue Jul 5 08:04:12 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.6 + + CVE-2022-34265: Potential SQL injection via Trunc(kind) and + Extract(lookup_name) arguments + +------------------------------------------------------------------- +Thu Jun 2 07:34:17 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.5 + + Fixed a bug in Django 4.0 where not all OPTIONS were passed to a + Redis client + + Fixed a bug in Django 4.0 that caused a crash of QuerySet.filter() + on IsNull() expressions + + Fixed a bug in Django 4.0 where a hidden quick filter toolbar in + the admin’s navigation sidebar was focusable + +------------------------------------------------------------------- +Mon Apr 11 14:21:09 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.4 + + CVE-2022-28346: Potential SQL injection in "QuerySet.annotate()", + "aggregate()", and "extra()" + + CVE-2022-28347: Potential SQL injection via + "QuerySet.explain(**options)" on PostgreSQL + +------------------------------------------------------------------- +Tue Mar 1 10:49:51 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.3 + + Prevented, following a regression in Django 4.0.1, makemigrations + from generating infinite migrations for a model with + ManyToManyField to a lowercased swappable model such as + 'auth.user' + + Fixed a regression in Django 4.0 that caused a crash when + rendering invalid inlines with readonly_fields in the admin + +------------------------------------------------------------------- +Tue Feb 1 10:15:38 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.2 (CVE-2022-22818, bsc#1195086) (CVE-2022-23833, bsc#1195088) + + CVE-2022-22818: Possible XSS via {% debug %} template tag + + CVE-2022-23833: Denial-of-service possibility in file uploads + + Fixed a bug in Django 4.0 where + TestCase.captureOnCommitCallbacks() could execute callbacks + multiple times + + Fixed a regression in Django 4.0 where help_text was HTML-escaped + in automatically-generated forms + + Fixed a regression in Django 4.0 that caused displaying an + incorrect name for class-based views on the technical 404 debug + page + + Fixed a regression in Django 4.0 that caused an incorrect repr of + ResolverMatch for class-based views + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations on models without Meta.order_with_respect_to but + with a field named _order + + Fixed a regression in Django 4.0 that caused incorrect + ModelAdmin.radio_fields layout in the admin + + Fixed a duplicate operation regression in Django 4.0 that caused a + migration crash when altering a primary key type for a concrete + parent model referenced by a foreign key + + Fixed a bug in Django 4.0 that caused a crash of + QuerySet.aggregate() after annotate() on an aggregate function + with a default + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations when renaming a field of a renamed model + +------------------------------------------------------------------- +Wed Jan 12 14:16:23 UTC 2022 - Matej Cepl + +- Add fix_test_custom_fields_SQLite.patch fixing issues with + modern SQLite (gh#django/django#15168). + +------------------------------------------------------------------- +Mon Jan 10 09:27:36 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.1 (CVE-2021-45115, CVE-2021-45452, bsc#1194117) + + CVE-2021-45115: Denial-of-service possibility in + UserAttributeSimilarityValidator + + CVE-2021-45452: Potential directory-traversal via Storage.save() + + Fixed a regression in Django 4.0 that caused a crash of + assertFormsetError() on a formset named form + + Fixed a bug in Django 4.0 that caused a crash on booleans with the + RedisCache backend + + Relaxed the check added in Django 4.0 to reallow use of a + duck-typed HttpRequest in + django.views.decorators.cache.cache_control() and never_cache() + decorators + + Fixed a regression in Django 4.0 that caused creating bogus + migrations for models that reference swappable models such as + auth.User + + Fixed a long standing bug in Geometry Collections and Polygon that + caused a crash on some platforms (reported on macOS based on the + ARM64 architecture) + +------------------------------------------------------------------- +Mon Dec 27 12:11:09 UTC 2021 - Ben Greiner + +- Fix u-a scriptlet dependency. +- Remove python36 conditional on numpy dep. + +------------------------------------------------------------------- +Fri Dec 24 02:26:37 UTC 2021 - John Vandenberg + +- Avoid dependency on backports.zoneinfo except on Python 3.8 + +------------------------------------------------------------------- +Mon Dec 20 10:37:10 UTC 2021 - Matej Cepl + +- Clean up PYTHONPATH to make test_extra_tests_build_suite pass. + +------------------------------------------------------------------- +Tue Dec 7 14:09:24 UTC 2021 - Alberto Planas Dominguez + +- Update to 4.0 + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.0/releases/4.0/. + - Django 4.0 supports Python 3.8, 3.9, and 3.10. We highly + recommend and only officially support the latest release of + each series. + The Django 3.2.x series is the last to support Python 3.6 and + 3.7. + - The Python standard library’s zoneinfo is now the default + timezone implementation in Django. This is the next step in + the migration from using pytz to using zoneinfo. Django 3.2 + allowed the use of non-pytz time zones. Django 4.0 makes + zoneinfo the default implementation. Support for pytz is now + deprecated and will be removed in Django 5.0. + - The new *expressions positional argument of + UniqueConstraint() enables creating functional unique + constraints on expressions and database functions. + - The new scrypt password hasher is more secure and recommended + over PBKDF2. However, it’s not the default as it requires + OpenSSL 1.1+ and more memory. + - Redis cache backend + - Template based form rendering. Forms, Formsets, and ErrorList + are now rendered using the template engine to enhance + customization. + +------------------------------------------------------------------- +Tue Nov 2 12:45:45 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.9 + + Fixed a bug in Django 3.2 that caused a migration crash on SQLite + when altering a field with a functional index + +------------------------------------------------------------------- +Tue Oct 5 14:25:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.8 + + Fixed a bug in Django 3.2 that caused incorrect links on read-only + fields in the admin + + Fixed a regression in Django 3.2 that caused incorrect selection + of items across all pages when actions were placed both on the top + and bottom of the admin change-list view +- Drop failing_test_subparser_invalid_option.patch, as is already in + the upstream code. + +------------------------------------------------------------------- +Thu Sep 9 15:21:45 UTC 2021 - Matej Cepl + +- Add failing_test_subparser_invalid_option.patch fixing + https://code.djangoproject.com/ticket/33082 + +------------------------------------------------------------------- +Wed Sep 1 10:13:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.7 + + Fixed a regression in Django 3.2 that caused the incorrect offset + extraction from fixed offset timezones + +------------------------------------------------------------------- +Mon Aug 16 08:27:28 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.6 + + Fixed a regression in Django 3.2 that caused a crash validating + "NaN" input with a forms.DecimalField when additional constraints, + e.g. max_value, were specified + + Fixed a bug in Django 3.2 where a system check would crash on a + model with a reverse many-to-many relation inherited from a parent + class + +------------------------------------------------------------------- +Thu Jul 1 07:50:35 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.5 (CVE-2021-35042, bsc#1187785) + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values_list(..., named=True) after prefetch_related() + + Fixed a bug in Django 3.2 that caused a migration crash on MySQL + 8.0.13+ when altering BinaryField, JSONField, or TextField to + non-nullable + + Fixed a regression in Django 3.2 that caused a migration crash on + MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or + TextField with a default value + + Fixed a bug in Django 3.2 where a system check would crash on a + model with an invalid app_label + +------------------------------------------------------------------- +Wed Jun 2 10:45:01 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571) + + CVE-2021-33203: Potential directory traversal via admindocs + + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks + since validators accepted leading zeros in IPv4 addresses + + Fixed a bug in Django 3.2 where a final catch-all view in the + admin didn’t respect the server-provided value of SCRIPT_NAME when + redirecting unauthenticated users to the login page + + Fixed a bug in Django 3.2 where a system check would crash on an + abstract model + + Prevented unnecessary initialization of unused caches following a + regression in Django 3.2 + + Fixed a crash in Django 3.2 that could occur when running mod_wsgi + with the recommended settings while the Windows colorama library + was installed + + Fixed a bug in Django 3.2 that would trigger the auto-reloader for + template changes when directory paths were specified with strings + + Fixed a regression in Django 3.2 that caused a crash of + auto-reloader with AttributeError, e.g. inside a Conda environment + + Fixed a regression in Django 3.2 that caused a loss of precision + for operations with DecimalField on MySQL + +------------------------------------------------------------------- +Mon May 17 07:37:47 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.3 + + Prepared for mysqlclient > 2.0.3 support + + Fixed a regression in Django 3.2 that caused the incorrect + filtering of querysets combined with the | operator + + Fixed a regression in Django 3.2.1 where saving FileField would + raise a SuspiciousFileOperation even when a custom upload_to + returns a valid file path + +------------------------------------------------------------------- +Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.2 (CVE-2021-32052) + + CVE-2021-32052: Header injection possibility since URLValidator + accepted newlines in input on Python 3.9.5+ + + Prevented, following a regression in Django 3.2.1, makemigrations + from generating infinite migrations for a model with Meta.ordering + contained OrderBy expressions + +------------------------------------------------------------------- +Wed May 5 17:25:18 UTC 2021 - Ben Greiner + +- Keep rpm runtime requirements in sync. Downstream packages often + read the egg-info and fail if they are not fulfilled. + +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + +------------------------------------------------------------------- +Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Automatic ~django.apps.AppConfig discovery + + Customizing type of auto-created primary keys + + Functional indexes + + pymemcache support + + New decorators for the admin site + + For a complete description of new features check: + https://github.com/django/django/blob/main/docs/releases/3.2.txt +- Update PYTHOPATH to include the local tests +- Drop i18n_test.patch, i18n_test_extraction.patch, + test_clear_site_cache-sort.patch + +------------------------------------------------------------------- +Sat Feb 13 22:41:42 UTC 2021 - Ben Greiner + +- Don't install python36-numpy for testing. It is no longer + available. (The tests or portions of tests requiring numpy + are skipped automatically in this case.) +- Let the singlespec macro do its job to set the primary provider + for python3-django and python3-South on the primary flavor only. +- Fix mtime of cache file by recompiling. + +------------------------------------------------------------------- +Wed Dec 9 12:16:46 UTC 2020 - Ondřej Súkup + +- Update to 3.1.4 + * Fixed setting the Content-Length HTTP header in AsyncRequestFactory + * Fixed passing extra HTTP headers to AsyncRequestFactory request methods + * Fixed crash of key transforms for JSONField on PostgreSQL when usingi + on a Subquery() annotation + * Fixed a regression in Django 3.1 that caused the incorrect grouping + by a Q object annotation + * Fixed a regression in Django 3.1 that caused suppressing connection errors + when JSONField is used on SQLite + * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained + key transforms for JSONField returning non-string primitive values + +------------------------------------------------------------------- +Mon Nov 2 15:03:13 UTC 2020 - Ondřej Súkup + +- Update to 3.1.3 + * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin + changelist search bar + * Fixed a regression in Django 3.1.2 that caused the incorrect width of the + admin changelist search bar on a filtered page + * Fixed displaying Unicode characters in forms.JSONField and read-only + models.JSONField values in the admin + * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg + with ordering on key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using + key transforms for JSONField in the lookup value + * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with + key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL + when adding an ExclusionConstraint with key transforms for JSONField in expressions + * Fixed a regression in Django 3.1 where ProtectedError.protected_objects + and RestrictedError.restricted_objects attributes returned iterators instead + of set of objects + * Fixed a regression in Django 3.1.2 that caused incorrect form input layout + on small screens in the admin change form view + * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens + * Added support for asgiref 3.3 + * Fixed a regression in Django 3.1 that caused incorrect textarea layout + on medium-sized screens in the admin change form view with the sidebar open + * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases + in the GROUP BY clause + * Fixed a bug in Django 3.1 where FileField instances with a callable storage were + not correctly deconstructed + * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned + incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with + Meta.ordering. A model’s Meta.ordering doesn’t affect such queries + * Fixed a regression in Django 3.1 where a queryset would crash if it contained + an aggregation and a Q object annotation + * Fixed a bug in Django 3.1 where a test database was not synced during creation + when using the MIGRATE test database setting + * Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a GenericRelation + * Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar + would not scroll for a long list of available filters + +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + +------------------------------------------------------------------- +Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg + +- Require asgiref >= 3.2.10 per upstream + +------------------------------------------------------------------- +Tue Aug 11 07:48:29 UTC 2020 - Alberto Planas Dominguez + +- Update to 3.1 + * Asynchronous views and middleware support + * JSONField for all supported database backends + * DEFAULT_HASHING_ALGORITHM settings¶ + * Read https://docs.djangoproject.com/en/3.1/releases/3.1/ +- Drop fix-selenium-test.patch. Already upstream. +- Add i18n_test_extraction.patch to support xgettext 0.21 + +------------------------------------------------------------------- +Thu Aug 6 11:36:36 UTC 2020 - Ondřej Súkup + +- update to 3.0.9 + * Allowed setting the SameSite cookie flag in HttpResponse.delete_cookie() + * Fixed crash when sending emails to addresses with display names longer than + 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+ + +------------------------------------------------------------------- +Wed Jul 8 11:52:27 UTC 2020 - Ondřej Súkup + +- update to 3.0.8 + * Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings + raised by cache key validation + * Fixed a regression in Django 3.0.7 that caused a queryset crash + when grouping by a many-to-one relationship + * Reallowed, following a regression in Django 3.0, non-expressions having + a filterable attribute to be used as the right-hand side in queryset filters + * Fixed a regression in Django 3.0.2 that caused a migration crash + on PostgreSQL when adding a foreign key to a model with a namespaced db_table + * Added compatibility for cx_Oracle 8 + +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + +------------------------------------------------------------------- +Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal + +- Add patch to fix the 32bit build: + * 32bit.patch + +------------------------------------------------------------------- +Thu Apr 23 16:58:12 UTC 2020 - Marcus Rueckert + +- Update to 3.0.5 + https://docs.djangoproject.com/en/3.0/releases/3.0.5/ + https://docs.djangoproject.com/en/3.0/releases/3.0.4/ + https://docs.djangoproject.com/en/3.0/releases/3.0.3/ + https://docs.djangoproject.com/en/3.0/releases/3.0.2/ + https://docs.djangoproject.com/en/3.0/releases/3.0.1/ + https://docs.djangoproject.com/en/3.0/releases/3.0/ +- new dependency: python-asgiref + +------------------------------------------------------------------- +Fri Apr 3 06:55:41 UTC 2020 - Tomáš Chvátal + +- Update to 2.2.12: + * Added the ability to handle .po files containing different plural + equations for the same language (#30439). + +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + +------------------------------------------------------------------- +Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup + +- update to 2.2.10 +- drop pyyaml53.patch + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` + +------------------------------------------------------------------- +Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup + +- add pyyaml53.patch - fix tests with PyYAML 5.3 + +------------------------------------------------------------------- +Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup + +- Update to 2.2.9 + * CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447) + * Fixed a data loss possibility in SplitArrayField. + +------------------------------------------------------------------- +Mon Dec 2 09:45:57 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.8 + * CVE-2019-19118: Privilege escalation in the Django admin (boo#1157705) + * Fixed a data loss possibility in the admin changelist view when a + custom formset’s prefix contains regular expression special + characters, e.g. '$' + * Fixed a regression in Django 2.2.1 that caused a crash when + migrating permissions for proxy models with a multiple database + setup if the default entry was empty + * Fixed a data loss possibility in the select_for_update(). When + using 'self' in the of argument with multi-table inheritance, a + parent model was locked instead of the queryset’s model +- Add patch fix-selenium-test.patch to fix a test when selenium is + missing + +------------------------------------------------------------------- +Fri Nov 15 10:53:24 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.7: + * Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform (#30826). + * Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan (#30870). + * Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses (#30903). + * Restored the ability to override get_FOO_display() (#30931). + +------------------------------------------------------------------- +Fri Nov 15 07:49:06 UTC 2019 - Tomáš Chvátal + +- Require full python interpreter on build and runtime + +------------------------------------------------------------------- +Mon Oct 7 13:15:57 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.6: + * Fixed migrations crash on SQLite when altering a model + containing partial indexes (#30754). + * Fixed a regression in Django 2.2.4 that caused a crash when + filtering with a Subquery() annotation of a queryset containing + JSONField or HStoreField (#30769). + +------------------------------------------------------------------- +Mon Sep 16 10:13:08 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.5: + * Relaxed the system check added in Django 2.2 for models to reallow use of the same db_table by multiple models when database routers are installed (#30673). + * Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672). + * Fixed a regression in Django 2.2 where ModelAdmin.list_filter choices to foreign objects don’t respect a model’s Meta.ordering (#30449). + * Fixed a race condition in loading URLconf module that could cause a crash of auto-reloader on Python 3.5 and below (#30500). + +------------------------------------------------------------------- +Thu Aug 1 11:13:37 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.4: + * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 + bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880 + * Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628). + * Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647). + +------------------------------------------------------------------- +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- +Mon Jun 3 11:01:44 UTC 2019 - Ondřej Súkup + +- update to 2.2.2 + * Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468) + * Fixes CVE-2019-11358: Prototype pollution + +------------------------------------------------------------------- +Tue May 7 07:13:09 UTC 2019 - Tomáš Chvátal + +- Update keyring file + +------------------------------------------------------------------- +Mon May 6 14:11:22 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.1 + * Fixed a regression in Django 2.1 that caused the incorrect quoting + of database user password when using dbshell on Oracle (#30307). + * Added compatibility for psycopg2 2.8 (#30331). + * Fixed a regression in Django 2.2 that caused a crash when loading + the template for the technical 500 debug page (#30324). + * Fixed crash of ordering argument in ArrayAgg and StringAgg when it + contains an expression with params (#30332). + * Fixed a regression in Django 2.2 that caused a single instance + fast-delete to not set the primary key to None (#30330). + * Prevented makemigrations from generating infinite migrations for + check constraints and partial indexes when condition contains a + range object (#30350). Reverted an optimization in Django 2.2 + (#29725) that caused the inconsistent behavior of count() and + exists() on a reverse many-to-many relationship with a custom + manager (#30325). + * Fixed a regression in Django 2.2 where Paginator crashes if + object_list is a queryset ordered or aggregated over a nested + JSONField key transform (#30335). + * Fixed a regression in Django 2.2 where IntegerField validation of + database limits crashes if limit_value attribute in a custom + validator is callable (#30328). + * Fixed a regression in Django 2.2 where SearchVector generates SQL + that is not indexable (#30385). + * Fixed a regression in Django 2.2 that caused an exception to be + raised when a custom error handler could not be imported (#30318). + * Relaxed the system check added in Django 2.2 for the admin app’s + dependencies to reallow use of SessionMiddleware subclasses, + rather than requiring django.contrib.sessions to be in + INSTALLED_APPS (#30312). + * Increased the default timeout when using Watchman to 5 seconds to + prevent falling back to StatReloader on larger projects and made + it customizable via the DJANGO_WATCHMAN_TIMEOUT environment + variable (#30361). + * Fixed a regression in Django 2.2 that caused a crash when + migrating permissions for proxy models if the target permissions + already existed. For example, when a permission had been created + manually or a model had been migrated from concrete to proxy + (#30351). + * Fixed a regression in Django 2.2 that caused a crash of runserver + when URLConf modules raised exceptions (#30323). + * Fixed a regression in Django 2.2 where changes were not reliably + detected by auto-reloader when using StatReloader (#30323). + * Fixed a migration crash on Oracle and PostgreSQL when adding a + check constraint with a contains, startswith, or endswith lookup + (or their case-insensitive variant) (#30408). + * Fixed a migration crash on Oracle and SQLite when adding a check + constraint with condition contains | (OR) operator (#30412). + +------------------------------------------------------------------- +Wed Apr 10 07:55:46 UTC 2019 - John Vandenberg + +- Add test_clear_site_cache-sort.patch to workaround flaky test +- Add bcond_with for selenium and memcached, as those tests are inactive, + and add missing dependencies and setup for selenium testing +- Move removal of executable bit from a JavaScript file to %prep +- Fix fdupes + +------------------------------------------------------------------- +Wed Apr 3 11:21:56 UTC 2019 - Ondřej Súkup + +- update to 2.2 +- drop pyyaml5.patch +- add i18n_test.patch + * HttpRequest.headers to allow simple access to a request’s headers. + * Database-level constraints on models. + * Watchman compatibility for runserver to improve the performance + +------------------------------------------------------------------- +Sat Mar 23 16:31:46 UTC 2019 - Tomáš Chvátal + +- Add patch to build with PyYAML >5: + * pyyaml5.patch + +------------------------------------------------------------------- +Tue Feb 12 09:24:53 UTC 2019 - Thomas Bechtold + +- update to 2.1.7 (CVE-2019-6975, bsc#1124991): + * Corrected packaging error from 2.1.6 + * Memory exhaustion in django.utils.numberformat.format() + If django.utils.numberformat.format() – used by contrib.admin as well + as the the floatformat, filesizeformat, and intcomma templates + filters – received a Decimal with a large number of digits or a + large exponent, it could lead to significant memory usage + due to a call to '{:f}'.format(). + To avoid this, decimals with more than 200 digits are now formatted + using scientific notation. + * Made the obj argument of InlineModelAdmin.has_add_permission() optional + to restore backwards compatibility with third-party code that doesn’t + provide it + +------------------------------------------------------------------- +Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold + +- update to 2.1.5 (CVE-2019-3498, bsc#1120932): + * CVE-2019-3498: Content spoofing possibility in the default 404 page + * Fixed compatibility with mysqlclient 1.3.14 (#30013). + * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop + and rebuild your SQLite database if you applied a migration while using + an older version of Django with SQLite 3.26 or later (#29182). + * Prevented SQLite schema alterations while foreign key checks are enabled + to avoid the possibility of schema corruption (#30023). + * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) + where request body data isn’t properly consumed for such + connections (#30015). + * Fixed a regression in Django 2.1.4 where + InlineModelAdmin.has_change_permission() is incorrectly called with + a non-None obj argument during an object add (#30050). + +------------------------------------------------------------------- +Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup + +- Update to version 2.1.4 + * Corrected the default password list that CommonPasswordValidator uses + by lowercasing all passwords to match the format expected by the validator + * Prevented repetitive calls to geos_version_tuple() in the WKBWriter class in + an attempt to fix a random crash involving LooseVersion + * Fixed keep-alive support in runserver after it was disabled o 2.0 + * Fixed admin view-only change form crash when using ModelAdmin.prepopulated_fields + * Fixed “Please correct the errors below” error message when editing an object + in the admin if the user only has the “view” permission on inlines + * Fixed a regression in Django 2.0 where combining Q objects with __in lookups + and lists crashed + * Fixed a regression in Django 2.0 where test databases aren’t reused + with manage.py test --keepdb on MySQL + * Fixed a regression where cached foreign keys that use to_field were + incorrectly cleared in Model.save() + * Fixed a regression in Django 2.0 where FileSystemStorage crashes + with FileExistsError if concurrent saves try to create the same directory + +------------------------------------------------------------------- +Thu Oct 4 13:13:00 UTC 2018 - Alberto Planas Dominguez + +- Update to version 2.1.2 + * CVE-2018-16984: Password hash disclosure to “view only” admin + users + * Fixed a regression where nonexistent joins in F() no longer raised + FieldError (#29727). + * Fixed a regression where files starting with a tilde or underscore + weren’t ignored by the migrations loader (#29749). + * Made migrations detect changes to Meta.default_related_name + (#29755). + * Added compatibility for cx_Oracle 7 (#29759). + * Fixed a regression in Django 2.0 where unique index names weren’t + quoted (#29778). + * Fixed a regression where sliced queries with multiple columns with + the same name crashed on Oracle 12.1 (#29630). + * Fixed a crash when a user with the view (but not change) + permission made a POST request to an admin user change form + (#29809). + +------------------------------------------------------------------- +Tue Sep 18 13:17:15 CEST 2018 - Matěj Cepl + +- Switch of BR selenium for non-Intel platforms. + +------------------------------------------------------------------- +Tue Sep 4 12:24:15 UTC 2018 - Ondřej Súkup + +- update to version 2.1.1 +- drop django-urlencode.patch + * Fixed a race condition in QuerySet.update_or_create() that could result + in data loss + * Fixed a regression where QueryDict.urlencode() crashed if the dictionary + contains a non-string value + * Fixed a regression in Django 2.0 where using manage.py test --keepdb fails + on PostgreSQL if the database exists and the user doesn’t have permission + to create databases + * Fixed a regression in Django 2.0 where combining Q objects with __in + lookups and lists crashed + * Fixed translation failure of DurationField’s “overflow” error message + * Fixed a regression where the admin change form crashed if the user doesn’t + have the ‘add’ permission to a model that uses TabularInline + * Fixed a regression where a related_query_name reverse accessor wasn’t + set up when a GenericRelation is declared on an abstract base model + * Fixed the test client’s JSON serialization of a request data dictionary + for structured content type suffixes + * Made the admin change view redirect to the changelist view after a POST + if the user has the ‘view’ permission + * Fixed admin change view crash for view-only users if the form + has an extra form field + * Fixed a regression in Django 2.0.5 where QuerySet.values() or values_list() + after combining querysets with extra() with union(), difference(), + or intersection() crashed due to mismatching columns + +------------------------------------------------------------------- +Tue Aug 14 07:46:04 UTC 2018 - tchvatal@suse.com + +- Apply patch to fix urlencode nonstring values: + * django-urlencode.patch + +------------------------------------------------------------------- +Wed Aug 8 13:33:57 UTC 2018 - tchvatal@suse.com + +- Enable testsuite + +------------------------------------------------------------------- +Wed Aug 8 09:35:51 UTC 2018 - mimi.vx@gmail.com + +- update to version 2.1 +- move bash completion to right location +- for full chanfges please see https://docs.djangoproject.com/en/2.1/releases/2.1/ + * Dropped support for MySQL 5.5 + * Dropped support for PostgreSQL 9.3 + * Support for SpatiaLite 4.0 is removed + * Support for SQLite < 3.7.15 is removed. + +------------------------------------------------------------------- +Mon Jul 2 13:15:55 UTC 2018 - aplanas@suse.com + +- update to version 2.0.7: + * Fixed admin changelist crash when using a query expression without + asc() or desc() in the page’s ordering (#29428). + * Fixed admin check crash when using a query expression in + ModelAdmin.ordering (#29428). + * Fixed __regex and __iregex lookups with MySQL 8 (#29451). + * Fixed migrations crash with namespace packages on Python 3.7 + (#28814). +- update to version 2.0.6 + * Fixed a regression that broke custom template filters that use + decorators (#29400). + * Fixed detection of custom URL converters in included patterns + (#29415). + * Fixed a regression that added an unnecessary subquery to the GROUP + BY clause on MySQL when using a RawSQL annotation (#29416). + * Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS + 3.6.1+ (#29460). + * Fixed a regression in Django 1.10 that could result in large + memory usage when making edits using ModelAdmin.list_editable + (#28462). +- update to version 2.0.5 + * Corrected the import paths that inspectdb generates for + django.contrib.postgres fields (#29307). + * Fixed a regression in Django 1.11.8 where altering a field with a + unique constraint may drop and rebuild more foreign keys than + necessary (#29193). + * Fixed crashes in django.contrib.admindocs when a view is a + callable object, such as django.contrib.syndication.views.Feed + (#29296). + * Fixed a regression in Django 1.11.12 where QuerySet.values() or + values_list() after combining an annotated and unannotated + queryset with union(), difference(), or intersection() crashed due + to mismatching columns (#29286). + +------------------------------------------------------------------- +Sat Apr 7 19:21:18 UTC 2018 - tbechtold@suse.com + +- update to version 2.0.4: + * Fixed #29265 -- Removed the suggestion to hardcode static URLs. + * Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. + * Fixed #29195 -- Fixed Exists.output_field resolution on single-valued queries. + * Fixed links to Sphinx docs. + * Fixed typo in docs/releases/2.0.4.txt. + * Clarified docs about ISO 8601 week numbering. + * Fixed #29116 -- Fixed OpenLayersWidget deserialization ignoring the widget map's SRID. + * Added CVE-2018-7536,7 to the security release archive. + * Fixed #29221 -- Corrected admin's autocomplete widget to add a space after custom classes. + * Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets. + * Added a pagination example to ListView docs. + * Fixed #28514 -- Clarifed docs about idempotence of RelatedManager.add(). + * isorted import statements in tutorial example. + * Fixed #29192 -- Corrected docs regarding overriding fields from abstract base classes. + * Refs #11278 -- Clarified RelatedManager differences between reverse one-to-many and many-to-many relations. + * Added stub release notes for 1.11.12. + * Fixed #29165 -- Clarified how to load initial data with migrations. + * Fixed #29213 -- Fixed autocomplete widget's translations for zh-hans/zh-hant. + * Reverted "Expanded docs for AbstractBaseUser.has_usable_password()." + * Fixed typo in docs/releases/2.0.4/1.11.12.txt. + * Bumped version for 2.0.4 release. + * Fixed #29250 -- Added 'django_version' context to startapp/project docs. + * Added release date for 2.0.4 and 1.11.12. + * Post-release version bump. + * Clarified a sentence in docs/topics/i18n/translation.txt. + * Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection(). + * Added stub release notes for 2.0.4. + * Fixed a couple mistakes in docs/ref/forms/widgets.txt. + * Fixed #28655 -- Added more examples for customizing widgets in a form. + +------------------------------------------------------------------- +Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com + +- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537): + * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets. + * Added CVE-2018-6188 to the security release archive. + * Post-release version bump. + * Updated translations from Transifex + * Added stub release notes for security releases. + * Fixed incorrect regex in re_path() example. + * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. + * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. + * Used a CSS positioning in tutorial 6 that doesn't differ across browsers. + * Fixed typo in bulk_create() documentation. + * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. + * Removed blank lines per isort 4.3.0. + * Added stub release notes for 2.0.3. + * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. + * Fixed #29172 -- Fixed crash with Window expression in a subquery. + * Fixed #29166 -- Fixed crash in When() expression with a list argument. + * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. + * Improved clarity of docs/topics/install.txt. + * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value. + * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. + * Bumped version for 2.0.3 release. + * Corrected doc'd type of some parameters from string to str. + * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. + * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. + * Switched test requirement to new psycopg2-binary package. + * Added backticks around obj argument in admin docs. + * Fixed typo in docs/topics/forms/media.txt. + * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. + * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). + +------------------------------------------------------------------- +Wed Feb 7 13:54:36 UTC 2018 - tbechtold@suse.com + +- update to 2.0.2 (bsc#1077714, CVE-2018-6188): + * Fixed #28883 -- Doc'd that the uuid URL path converter matches lowercase only letters. + * Fixed a GeoIP2 test failure with the latest GeoIP2 database. + * Added stub release notes for 2.0.1. + * Bumped version for 2.0.2 release. + * Fixed location of spatialite_source label. + * Fixed #28958 -- Fixed admin changelist crash when using a query expression in the page's ordering. + * Fixed #28231 -- Doc'd that QuerySet.bulk_create() casts objs to a list. + * Fixed #29032 -- Fixed an example of using expressions in QuerySet.values(). + * Disambiguated "settings" in SpatiaLite note. + * Fixed typo in docs/topics/testing/advanced.txt. + * Post-release version bump. + * Refs #25604 -- Removed docs for makemigrations --exit. + * Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled. + * Fixed typo in TemplateCommand argument help text. + * Added stub release notes for 1.11.9. + * Fixed #28915 -- Prevented SQLite from truncating trailing zeros in the fractional part of DecimalField. + * Refs #29086 -- Doc'd how to detect bytestring mistakes. + * Fixed #28886 -- Updated prefix for example django.contrib.auth.urls URLs. + * Fixed #29081 -- Clarified comments in QuerySet.select_related() example. + * Refs #27985 -- Reallowed using __exact=None as an alias for __isnull=True if a custom lookup class with lookup_name != None is registered as the exact lookup. + * Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table. + * Removed 'development' word in contributing docs + * Fixed #29055 -- Doc'd that escapejs doesn't make template literals safe. + * Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion. + * Fixed grammar in docs/releases/2.0.txt. + * Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does. + * Fixed #28944 -- Fixed crash when chaining values()/values_list() after QuerySet.select_for_update(of=()). + * Fixed #29091 -- Fixed makemigrations crash if migrations directory doesn't have __init__.py. + * Fixed #28898 -- Corrected admin check to allow a OneToOneField in ModelAdmin.autocomplete_fields. + * Fixed #28896 -- Reallowed filtering a queryset with GeometryField=None. + * Fixed #28891 -- Documented Origin's loader attribute. + * Confirmed support for PostGIS 2.4. + * Wrapped an import per isort. + * Added release date for 2.0.1 and 1.11.9. + * Fixed #28884 -- Fixed crash on SQLite when renaming a field in a model referenced by a ManyToManyField. + * Fixed "template tag" spelling in docs. + * Fixed #28947 -- Fixed crash when coercing a translatable URL pattern to str. + * Fixed typo in docs/topics/i18n/translation.txt. + * Refs #28932 -- Skipped the failing test for refs #28915 on Oracle. + * Refs #25181 -- Updated timezone.now() docs about obtaining the time in the current time zone. + * Updated documented mysqlclient requirement to 1.3.7. + * Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages. + * Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. + * Fixed #29067 -- Fixed regression in QuerySet.values_list(..., flat=True) followed by annotate(). + * Removed note in tutorial about bypassing manage.py. + * Fixed #28929 -- Corrected QUnit examples. + * Refs #28958 -- Added a test for ModelAdmin with query expressions in ordering. + * Updated various links in docs to use HTTPS. + * Expanded docs for AbstractBaseUser.has_usable_password(). + * Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073. + * Doc'd specifying the ENGINE setting as part of configuring contrib.gis. + * Added stub release notes for 1.11.10. + * Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase. + * Fixed #28784 -- Clarified how migrate --fake works. + * Fixed typo in docs/ref/models/expressions.txt. + * Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields. + * Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table. + * Bumped version for 2.0.1 release. + * Fixed #25277 -- Restored test dependency to the original python-memcached. + * Fixed #28761 -- Documented how an inline formset's prefix works. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Fixed #28966 -- Doc'd that the uuid URL path converter requires dashes + * Fixed #29054 -- Fixed a regression where a queryset that annotates with geometry objects crashes. + * Reverted "[1.11.x] Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI." + * Added "Python 3 Only" trove classifier. + * Fixed #28941 -- Fixed crash in testserver command startup. + * Fixed import in docs/ref/models/conditional-expressions.txt example. + * Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. + * Fixed #28594 -- Removed Jython docs and specific code + * Renamed the "Supported versions" label. + * Fixed #28878 -- Added python_requires in setup.py and a warning for older pips that don't recognize it. + * Fixed typo in docs/ref/contrib/admin/index.txt. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Added stub release notes for 2.0.2. + * Fixed #28938 -- Corrected Python compatibility in the tutorial. + * Fixed #28890 -- Removed newlines between MultiWidget's subwidgets. + +------------------------------------------------------------------- +Tue Dec 12 21:12:18 UTC 2017 - mimi.vx@gmail.com + +- update to 2.0 + * drop python 2 support + * Simplified URL routing syntax + * Mobile-friendly contrib.admin + * Window expressions + * Removed support for bytestrings in some places + * Dropped support for Oracle 11.2 +- Please read Release Notes - https://docs.djangoproject.com/en/2.0/releases/2.0/ + +------------------------------------------------------------------- +Tue Dec 12 05:16:57 UTC 2017 - tbechtold@suse.com + +- update to 1.11.8: + * Fixed #28488 -- Reallowed error handlers to access CSRF tokens. + * Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey + pointing to a MTI model. + * Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary + key in an Index's fields. + * Added stub release notes for 1.11.7. + * Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint" + crash on MySQL with a sequence of AlterField or RenameField operations. + * Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef. + * Added assertion helpers for PostgreSQL's server-side cursor tests. + * Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs. + * Fixed #28786 -- Doc'd middleware ordering considerations due to + CommonMiddleware setting Content-Length. + * Added release date for 1.11.8. + * Fixed #28702 -- Made query lookups for CIText fields use citext. + * Added 2017-12794 to the security release archive. + * Fixed typo in docs/topics/cache.txt. + * Bumped version for 1.11.6 release. + * Added release date for 1.11.6. + * Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt. + * Bumped version for 1.11.7 release. + * Added stub release notes for 1.11.8. + * Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered + subquery that uses nulls_first/nulls_last. + * Fixed typo in docs/topics/db/aggregation.txt. + * Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt. + * Fixed typo in docs/topics/forms/media.txt. + * Bumped version for 1.11.8 release. + * Fixed typo in docs/ref/models/querysets.txt. + * Fixed test failures due to ordering differences on PostgreSQL 10. + * Fixed #28710 -- Fixed the Basque DATE_FORMAT string + * Added stub release notes for 1.11.6. + * Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. + * Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after + values() and values_list(). + * Post-release version bump. + * Fixed #28792 -- Fixed index name truncation of namespaced tables. + * Fixed #28781 -- Added QuerySet.values()/values_list() support for union(), + difference(), and intersection(). + * Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last. + * Refs #28710 -- Simplified l10n format test + * Initialized CsrfViewMiddleware once in csrf_tests. + * Added release date for 1.11.7. + * Linked to prefetch_related_objects func in DB optimization docs. + * Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user + error when using ModelBackend. + * Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs. + * Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins. + * Fixed #28555 -- Made CharField convert whitespace-only values to the + empty_value when strip is enabled. + * Fixed #28601 -- Prevented cache.get_or_set() from caching None if default + is a callable that returns None. + +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + +------------------------------------------------------------------- +Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com + +- update to version 1.11.4: + * Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3. + * Fixed #27956 -- Fixed display of errors in an {% extends %} child. + * Updated various links in docs to avoid redirects + * Fixed typo in docs/topics/auth/default.txt. + * Double quoted HTML attributes in widget docs + * Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template. + * Added stub release notes for 1.11.3. + * Documented OSMWidget.default_lat/lon. + * Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field. + * Bumped version for 1.11.4 release. + * Bumped version for 1.11.3 release. + * Updated translations from Transifex + * Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets(). + * Fixed #28242 -- Moved ImageField file extension validation to the form field. + * Made docs/topics/migrations.txt use single quotes consistently. + * Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2. + * Updated name of topics/db/queries link on index. + * Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt. + * Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state. + * Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. + * Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test. + * Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs. + * Fixed typo in docs/topics/testing/advanced.txt. + * Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context. + * Refs #18974 -- Added stacklevel for permalink() deprecation. + * Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field. + * Fixed #28051 -- Made migrations respect Index's name argument. + * Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous. + * Added release date for 1.11.4. + * Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path. + * Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__(). + * Fixed #28148 -- Doc'd ImageField name validation concerns with the test client. + * Added stub release notes for 1.11.2. + * Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+. + * Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor. + * Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt. + * Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms. + * Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible(). + * Fixed docstring typo in django/contrib/admin/actions.py. + * Fixed #28102 -- Doc'd how to compute path to built-in widget template directories. + * Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples. + * Fixed #28181 -- Added detection for GDAL 2.1 and 2.0. + * Refs #23853 -- Updated sql.query.Query.join() docstring. + * Added a test for Model._meta._property_names. + * Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg. + * Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept. + * Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis. + * Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget. + * Added content_type filtering in Permission querying example. + * Corrected FileExtensionValidator doc regarding the value being validated. + * Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash. + * Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. + * Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices. + * Post-release version bump. + * Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False. + * Refs #28192 -- Fixed documentation of ChoiceField choices requirement + * Fixed #27966 -- Bumped required psycopg2 version to 2.5.4. + * Linked GIS QuerySet API docs to corresponding PostGIS docs. + * Fixed #27974 -- Kept resolved templates constant during one rendering cycle. + * Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations + * Fixed typo in docs/ref/request-response.txt. + * Fixed #27963 -- Removed unneeded docstring example in contributing docs. + * Added stub release notes for security releases. + * Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS. + * Fixed typo in docs/ref/forms/fields.txt. + * Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). + * Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount. + * Fixed broken links to Oracle docs. + * Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches. + * Added links and cosmetic edits to docs/ref/request-response.txt. + * Added stub release notes for 1.11.1. + * Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page. + * Removed incorrect "required" attribute in docs/ref/forms/fields.txt. + * Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context. + * Refs #24423 -- Readded inadvertently deleted i18n tests. + * Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939). + * Corrected post-release version bump. + * Made runtests.py run gis_tests only when using a GIS database backend. + * Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool. + * Fixed broken link to QUnit docs. + * Removed MySQL (unsupported) from Perimeter docs. + * Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt. + * Fixed #28139 -- Added another level of headings in the topics index. + * Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like. + * Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed. + * Updated man page for Django 1.11. + * Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt. + * Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST. + * Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. + * Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS. + * Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. + * Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering. + * Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor. + * Tested EmailMessage(attachments=[MIMEText]) + * Clarified return value of NumGeometries GIS function. + * Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL. + * Fixed #28058 -- Restored empty BoundFields evaluating to True. + * Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt. + * Added CVE-2017-7233,4 to the security release archive. + * Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII. + * Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters. + * Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet. + * Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults. + * Refs #27556, #27488 -- Updated support backends docs for isvalid lookup. + * Fixed nondeterministic ordering test failure in model_forms. + * Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__(). + * Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758. + * Made a few cosmetic updates to "Migrations that add unique fields". + * Bumped version for 1.11 release. + * Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory. + * Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input. + * Fixed #27949 -- Doc'd how OpenLayers 3 widgets work. + * Pass type to sql_alter_column_* where it was missing. + * Fixed #27866 -- Made ChoiceWidget.format_value() return a list + * Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667). + * Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed. + * Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet. + * Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date. + * Fixed #28161 -- Fixed return type of ArrayField(CITextField()). + * Corrected docs regarding MySQL support of Length GIS function. + * Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value. + * Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest. + * Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials. + * Fixed #27644 -- Doc'd FileSystemStorage.get_created_time(). + * Added test for intersection() when combining with a queryset raising EmptyResultSet. + * Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL. + * Removed extra characters in docs header underlines. + * Fixed GEOSGeometry reference in GIS tutorial. + * Refs #28066 -- Fixed Python 2 failures in sessions_tests. + * Removed obsolete Widget.format_output() in tests. + * Fixed #28059 -- Restored class attribute in
          of widgets that use multiple_input.html. + * Fixed typo in docs/ref/contrib/postgres/fields.txt. + * Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. + * Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537). + * Removed unexpected initial attribute in data migration examples. + * Renamed "Mac OS X" to "macOS" in docs. + * Sorted imports per isort 4.2.9. + * Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331. + * Back to the future. + * Fixed #27993 -- Fixed model form default fallback for SelectMultiple. + * Refs #27866 -- Adapted backport for Python 2 compatibility + * Removed unused links in docs/internals/contributing/triaging-tickets.txt. + * Clarified QuerySet.iterator()'s docs on server-side cursors. + * Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses + * Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget. + * Corrected REPL example in forms docs for Python 3. + * Refs #28181 -- Corrected detection of GDAL 2.1 on Windows. + * Fixed #28075 -- Prevented ChoiceWidget from localizing option values. + * Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model. + * Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL. + * Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model. + * Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL. + * Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs. + * Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend. + * Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options. + * Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11. + * Fixed a forms test after updated translations. + * Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt. + * Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists(). + * Fixed #28336 -- Fixed typo in docs/ref/settings.txt. + * Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet. + * Refs #28052 -- Cleaned up some indexes in schema tests. + * Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk. + * Added release date for 1.11.1. + * Fixed #28327 -- Removed contradictory description of mod_wsgi docs. + * Clarified "newly-introduced features" in the supported versions policy. + * Fixed docs build with Sphinx 1.6. + * Fixed #28239 -- Removed docs for a removed arg of template.Context. + * Bumped version for 1.11.2 release. + * Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests. + * Updated postgis.net and gaia-gis.it links to https. + * Fixed typos in docs/topic/db/search.txt. + * Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables. + * Fixed typos in docs/howto/static-files/index.txt. + * Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views. + * Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk. + * Fixed db backend discovery in admin_scripts tests. + * Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt. + * Fixed #26028 -- Added overriding templates howto. + * Updated was_published_recently() tutorial test to check boundary condition. + * Fix a typo in django/db/transaction.py + * Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings. + * Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. + * Refs #22397 -- Removed model in test cleanup + * Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False. + * Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField. + * Updated core translations from Transifex + * Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model. + * Added missing import in docs/topics/db/queries.txt. + * Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected. + * Fixed #28229 -- Fixed the value of LoginView's "next" template variable. + * Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None. + * Added release date for 1.11.2. + * Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. + * Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new. + * Removed an obsolete temporal reference in docs/faq/general.txt. + * Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg. + * Fixed #27945 -- Clarified that RegexValidator searches with the regex. + * Linked GIS functions docs to corresponding PostGIS docs. + * Refs #17453 -- Fixed broken link to #django IRC logs. + * Fixed gis_tests.geoapp test with incorrect geodetic coordinates. + * Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data. + * Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it. + * Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5. + * Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms. + * Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails + * Clarified backend support of Area GIS function. + * Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it. + * Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models. + * Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable. + * Fixed #28188 -- Fixed crash when pickling model fields. + * Fixed typo in docs/ref/models/querysets.txt. + * Pointed Dive into Python links to python3 site + * Refs #25240 -- Added ExtractWeek examples. + * Added some shell output in tutorial 2. + * Removed inappropriate highlighting in committing-code.txt. + * Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries. + * Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses. + * Fixed flake8 warning on Python 2. + * Clarified meaning of "Optional" in auth.models.User field docs. + * Clarified HStoreField model/form difference in 1.11 release notes. + * Removed self from method signatures in docs. + * Added stub release notes for 1.11.4. + * Updated tests after French translation update + * Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once. + * Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter. + * Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form. + * Refs #21415 -- Fixed contrib.humanize translations for es_AR + * Fixed #27655 -- Added some guidelines to the coding style docs. + * Updated contrib translations from Transifex + * Removed nonexistent methods from File's docs. + * Doc'd the need to remove default ordering on Subquery aggregates. + * Fixed broken link to mysqlclient docs. + * Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model. + * Removed usage of deprecated sphinx.util.compat.Directive. + * Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da. + * Fixed #28190 -- Clarifed how include/extends treat template names. + * Refs #26294 -- Fixed typo in docs/ref/django-admin.txt. + * Refs #28091 -- Fixed typo and rephrased 1.11.1 release note. + * Fixed typo in docs/ref/class-based-views/mixins-single-object.txt. + * Bumped version for 1.11.1 release. + * Added release date for 1.11.3. + * Bumped version for 1.11 release candidate 1. + * Simplified tutorial's test names and docstrings. + * Fixed typo in django/db/backends/base/schema.py comment. + * Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs. +- Require python-pytz and Recommend python-bcrypt + +------------------------------------------------------------------- +Wed Aug 9 17:58:19 UTC 2017 - toddrme2178@gmail.com + +- Fix building on older Python versions. + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. + +------------------------------------------------------------------- +Mon May 8 14:32:03 UTC 2017 - toddrme2178@gmail.com + +- django-admin.py should be the master, not django-admin. + +------------------------------------------------------------------- +Sat May 6 03:31:54 UTC 2017 - toddrme2178@gmail.com + +- Don't provide python2-django or python2-South, singlespec + packages should use correct name. + +------------------------------------------------------------------- +Thu May 4 15:33:21 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Apr 4 14:38:13 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.7 + Bugfixes + * Made admin’s RelatedFieldWidgetWrapper use the wrapped widget’s + value_omitted_from_data() method (#27905) + * Fixed model form default fallback for SelectMultiple (#27993) + +------------------------------------------------------------------- +Wed Mar 1 14:24:17 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.6 + Bugfixes + * Fixed ClearableFileInput’s “Clear” checkbox on model form fields where the + model field has a default + * Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than + generating a bad request response + * Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or + IntegerField from DateField + * Fixed query expression date subtraction accuracy on PostgreSQL for differences + large an a month + * Fixed a GDALException raised by GDALClose on GDAL >= 2.0 + +------------------------------------------------------------------- +Tue Jan 31 14:00:11 UTC 2017 - michal@cihar.com + +- Update to 1.10.5 + * See https://docs.djangoproject.com/en/1.10/releases/1.10/ + * Full text search for PostgreSQL + * New-style middleware + * Official support for Unicode usernames + +------------------------------------------------------------------- +Fri Dec 2 10:17:25 UTC 2016 - appleonkel@opensuse.org + +- Update to 1.9.12 + Bugfixes + * Quoted the Oracle test user’s password in queries to fix the “ORA-00922: missing + or invalid option” error when the password starts with a number or + special character (#27420) + * DNS rebinding vulnerability when DEBUG=True + * CSRF protection bypass on a site with Google Analytics + +------------------------------------------------------------------- +Sat Sep 24 16:42:55 UTC 2016 - sbahling@suse.com + +- Change Requires: python-Pillow to python-imaging for compatibility + with SLE-12 which provides PIL instead of Pillow. + +------------------------------------------------------------------- +Tue Aug 9 09:11:24 UTC 2016 - aplanas@suse.com + +- Update to 1.9.9 + Bugfixes + * Fixed invalid HTML in template postmortem on the debug page + (#26938). + * Fixed some GIS database function crashes on MySQL 5.7 (#26657). + +- Update to 1.9.8 + Fix XSS in admin’s add/change related popup (bsc#988420) + Unsafe usage of JavaScript’s Element.innerHTML could result in XSS + in the admin’s add/change related popup. Element.textContent is now + used to prevent execution of the data. + The debug view also used innerHTML. Although a security issue wasn’t + identified there, out of an abundance of caution it’s also updated + to use textContent. + + Bugfixes + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AddField on PostgreSQL (#26889). + * Fixed makemessages crash on Python 2 with non-ASCII file names + (#26897). + +- Update to 1.9.7 + Bugfixes + * Removed the need for the request context processor on the admin + login page to fix a regression in 1.9 (#26558). + * Fixed translation of password validators’ help_text in forms + (#26544). + * Fixed a regression causing the cached template loader to crash + when using lazy template names (#26603). + * Fixed on_commit callbacks execution order when callbacks make + transactions (#26627). + * Fixed HStoreField to raise a ValidationError instead of crashing + on non-dictionary JSON input (#26672). + * Fixed dbshell crash on PostgreSQL with an empty database name + (#26698). + * Fixed a regression in queries on a OneToOneField that has to_field + and primary_key=True (#26667). + +------------------------------------------------------------------- +Tue May 3 08:23:48 UTC 2016 - aplanas@suse.com + +- Update to 1.9.6 + Bugfixes + * Added support for relative path redirects to the test client and + to SimpleTestCase.assertRedirects() because Django 1.9 no longer + converts redirects to absolute URIs (#26428). + * Fixed TimeField microseconds round-tripping on MySQL and SQLite + (#26498). + * Prevented makemigrations from generating infinite migrations for a + model field that references a functools.partial (#26475). + * Fixed a regression where SessionBase.pop() returned None rather + than raising a KeyError for nonexistent values (#26520). + * Fixed a regression causing the cached template loader to crash + when using template names starting with a dash (#26536). + * Restored conversion of an empty string to null when saving values + of GenericIPAddressField on SQLite and MySQL (#26557). + * Fixed a makemessages regression where temporary .py extensions + were leaked in source file paths (#26341). + +------------------------------------------------------------------- +Sun May 1 12:29:52 UTC 2016 - michael@stroeder.com + +- Update to 1.9.5 + +------------------------------------------------------------------- +Tue Feb 2 09:21:43 UTC 2016 - aplanas@suse.com + +- Update to 1.9.2 + Security issue + * User with "change" but not "add" permission can create objects for + ModelAdmin's with save_as=True + Backwards incompatible change + * .py-tpl files rewritten in project/app templates + Bugfixes + * Fixed a regression in ConditionalGetMiddleware causing + If-None-Match checks to always return HTTP 200 (#26024). + * Fixed a regression that caused the "user-tools" items to display + on the admin's logout page (#26035). + * Fixed a crash in the translations system when the current language + has no translations (#26046). + * Fixed a regression that caused the incorrect day to be selected + when opening the admin calendar widget for timezones from GMT+0100 + to GMT+1200 (#24980). + * Fixed a regression in the admin's edit related model popup that + caused an escaped value to be displayed in the select dropdown of + the parent window (#25997). + * Fixed a regression in 1.8.8 causing incorrect index handling in + migrations on PostgreSQL when adding db_index=True or unique=True + to a CharField or TextField that already had the other specified, + or when removing one of them from a field that had both, or when + adding unique=True to a field already listed in unique_together + (#26034). + * Fixed a regression where defining a relation on an abstract + model's field using a string model name without an app_label no + longer resolved that reference to the abstract model's app if + using that model in another application (#25858). + * Fixed a crash when destroying an existing test database on MySQL + or PostgreSQL (#26096). + * Fixed CSRF cookie check on POST requests when + USE_X_FORWARDED_PORT=True (#26094). + * Fixed a QuerySet.order_by() crash when ordering by a relational + field of a ManyToManyField through model (#26092). + * Fixed a regression that caused an exception when making database + queries on SQLite with more than 2000 parameters when DEBUG is + True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER + compile-time limit to over 2000, such as Debian (#26063). + * Fixed a crash when using a reverse OneToOneField in + ModelAdmin.readonly_fields (#26060). + * Fixed a crash when calling the migrate command in a test case with + the available_apps attribute pointing to an application with + migrations disabled using the MIGRATION_MODULES setting (#26135). + * Restored the ability for testing and debugging tools to determine + the template from which a node came from, even during template + inheritance or inclusion. Prior to Django 1.9, debugging tools + could access the template origin from the node via + Node.token.source[0]. This was an undocumented, private API. The + origin is now available directly on each node using the + Node.origin attribute (#25848). + * Fixed a regression in Django 1.8.5 that broke copying a + SimpleLazyObject with copy.copy() (#26122). + * Always included geometry_field in the GeoJSON serializer output + regardless of the fields parameter (#26138). + * Fixed the contrib.gis map widgets when using + USE_THOUSAND_SEPARATOR=True (#20415). + * Made invalid forms display the initial of values of their disabled + fields (#26129). + +------------------------------------------------------------------- +Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com + +- Update to 1.9.1 + Bugfixes + * Fixed BaseCache.get_or_set() with the DummyCache backend (#25840). + * Fixed a regression in FormMixin causing forms to be validated + twice (#25548, #26018). + * Fixed a system check crash with nested ArrayFields (#25867). + * Fixed a state bug when migrating a SeparateDatabaseAndState + operation backwards (#25896). + * Fixed a regression in CommonMiddleware causing If-None-Match + checks to always return HTTP 200 (#25900). + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AlterField on PostgreSQL + (#25412). + * Fixed admin’s delete confirmation page’s summary counts of related + objects (#25883). + * Added from __future__ import unicode_literals to the default + apps.py created by startapp on Python 2 (#25909). Add this line to + your own apps.py files created using Django 1.9 if you want your + migrations to work on both Python 2 and Python 3. + * Prevented QuerySet.delete() from crashing on MySQL when querying + across relations. + * Fixed evaluation of zero-length slices of QuerySet.values() + (#25894). + * ... + * https://docs.djangoproject.com/en/1.9/releases/1.9.1/ + +------------------------------------------------------------------- +Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com + +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) + * https://docs.djangoproject.com/en/1.9/releases/1.9/ + * Performing actions after a transaction commit + * Password validation + * Permission mixins for class-based views + * New styling for "contrib.admin" + * Running tests in parallel + +------------------------------------------------------------------- +Tue Nov 10 10:39:22 UTC 2015 - tbechtold@suse.com + +- update to 1.8.6: + * https://docs.djangoproject.com/en/1.8/releases/1.8.5/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.6/ + +------------------------------------------------------------------- +Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com + +- add missing Requires for python-setuptools (bsc#952198) + /usr/bin/django-admin needs the pkg_resources framework from + python-setuptools to run properly. + +------------------------------------------------------------------- +Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com + +- update to 1.8.4 (CVE-2015-5963): + * https://docs.djangoproject.com/en/1.8/releases/1.8.4/ + +------------------------------------------------------------------- +Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com + +- add keyring and verify source signature + +------------------------------------------------------------------- +Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com + +- update to 1.8.3: + * https://docs.djangoproject.com/en/1.8/releases/1.8.3/ + Various bugfixes/security fixes (CVE-2015-5145, bsc#937524) + +------------------------------------------------------------------- +Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com + +- update to 1.8.2 (CVE-2015-3982): + * https://docs.djangoproject.com/en/1.8/releases/1.8.2/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.1/ + +------------------------------------------------------------------- +Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com + +- Update to Django 1.8 + * "Long-Term Support" (LTS) release + New features: + * Model._meta API + * Multiple template engines + * Security enhancements + * New PostgreSQL specific functionality + * New data types + * Query Expressions, Conditional Expressions, and Database Functions + * TestCase data setup + Backwards incompatible changes: + * Related object operations are run in a transaction + * Assigning unsaved objects to relations raises an error + * Management commands that only accept positional arguments + * Custom test management command arguments through test runner + * Model check ensures auto-generated column names are within limits + specified by database + * Query relation lookups now check object types + * select_related() now checks given fields + * Default EmailField.max_length increased to 254 + * (DROP) Support for PostgreSQL versions older than 9.0 + * (DROP) Support for MySQL versions older than 5.5 + * (DROP) Support for Oracle versions older than 11.1 + * Specific privileges used instead of roles for tests on Oracle + * ... + +------------------------------------------------------------------- +Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.7: + Security issues: + * Denial-of-service possibility with strip_tags() + * Mitigated possible XSS attack via user-supplied redirect URLs + Bugfixes: + * Fixed renaming of classes in migrations where renaming a subclass would + cause incorrect state to be recorded for objects that referenced the + superclass (#24354). + * Stopped writing migration files in dry run mode when merging migration + conflicts. When makemigrations --merge is called with verbosity=3 the + migration file is written to stdout (:ticket: 24427). + +------------------------------------------------------------------- +Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com + +- Update to Djano 1.7.6: + Bugfixes + * Mitigated an XSS attack via properties in + "ModelAdmin.readonly_fields" + * Fixed crash when coercing "ManyRelatedManager" to a string + (#24352). + * Fixed a bug that prevented migrations from adding a foreign key + constraint when converting an existing field to a foreign key + (#24447). + +------------------------------------------------------------------- +Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.5: + Bugfixes + * Reverted a fix that prevented a migration crash when unapplying + contrib.contenttypes's or contrib.auth's first migration (#24075) + due to severe impact on the test performance (#24251) and problems + in multi-database setups (#24298). + * Fixed a regression that prevented custom fields inheriting from + ManyToManyField from being recognized in migrations (#24236). + * Fixed crash in contrib.sites migrations when a default database + isn't used (#24332). + * Added the ability to set the isolation level on PostgreSQL with + psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in + Django 1.6 but it didn't work in practice. + * Formats for the Azerbaijani locale (az) have been added. + +------------------------------------------------------------------- +Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.4: + Bugfixes + * Fixed a migration crash when unapplying ``contrib.contenttypes``’s + or ``contrib.auth``’s first migration (:ticket:`24075`). + * Made the migration's ``RenameModel`` operation rename + ``ManyToManyField`` tables (:ticket:`24135`). + * Fixed a migration crash on MySQL when migrating from a + ``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`). + * Prevented the ``static.serve`` view from producing + ``ResourceWarning``\s in certain circumstances (security fix + regression, :ticket:`24193`). + * Fixed schema check for ManyToManyField to look for internal type + instead of checking class instance, so you can write custom + m2m-like fields with the same behavior. (:ticket:`24104`). + +------------------------------------------------------------------- +Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.3: + Security fixes: + * WSGI header spoofing via underscore/dash conflation. + * Mitigated possible XSS attack via user-supplied redirect URLs. + * Denial-of-service attack against django.views.static.serve. + * Database denial-of-service with ModelMultipleChoiceField. + Bug fixes: + * The default iteration count for the PBKDF2 password hasher has been + increased by 25%. This part of the normal major release process was + inadvertently omitted in 1.7. This backwards compatible change will not + affect users who have subclassed + django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default + value. + * Fixed a crash in the CSRF middleware when handling non-ASCII referer + header (#23815). + * Fixed a crash in the django.contrib.auth.redirect_to_login view when + passing a reverse_lazy() result on Python 3 (#24097). + * Added correct formats for Greek (el) (#23967). + * Fixed a migration crash when unapplying a migration where multiple + operations interact with the same model (#24110). + +------------------------------------------------------------------- +Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com + +- South has been merged in main Django; provide and obsolete it + +------------------------------------------------------------------- +Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com + +- Update to Django 1.7.2: + + * Fixed migration’s renaming of auto-created many-to-many tables + when changing Meta.db_table (#23630). + * Fixed a migration crash when adding an explicit id field to a + model on SQLite (#23702). + * Added a warning for duplicate models when a module is + reloaded. Previously a RuntimeError was raised every time two + models clashed in the app registry. (#23621). + * Prevented flush from loading initial data for migrated apps + (#23699). + * Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the + default None value (#23717). + * Added GeoDjango compatibility with mysqlclient database driver. + * Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719). + * Fixed a migration crash when removing a field that is referenced + in AlterIndexTogether or AlterUniqueTogether (#23614). + * Updated the first day of the week in the Ukrainian locale to + Monday. + * Added support for transactional spatial metadata initialization on + SpatiaLite 4.1+ (#23152). + * Fixed a migration crash that prevented changing a nullable field + with a default to non-nullable with the same default (#23738). + * Fixed a migration crash when adding GeometryFields with blank=True + on PostGIS (#23731). + * Allowed usage of DateTimeField() as Transform.output_field + (#23420). + * Fixed a migration serializing bug involving float("nan") and + float("inf") (#23770). + * Fixed a regression where custom form fields having a queryset + attribute but no limit_choices_to could not be used in a ModelForm + (#23795). + * Fixed a custom field type validation error with MySQL backend when + db_type returned None (#23761). + * Fixed a migration crash when a field is renamed that is part of an + index_together (#23859). + * Fixed squashmigrations to respect the --no-optimize parameter + (#23799). + * Made RenameModel reversible (#22248) + * Avoided unnecessary rollbacks of migrations from other apps when + migrating backwards (#23410). + * Fixed a rare query error when using deeply nested subqueries + (#23605). + * Fixed a crash in migrations when deleting a field that is part of + a index/unique_together constraint (#23794). + * Fixed django.core.files.File.__repr__() when the file’s name + contains Unicode characters (#23888). + * Added missing context to the admin’s delete_selected view that + prevented custom site header, etc. from appearing (#23898). + * Fixed a regression with dynamically generated inlines and allowed + field references in the admin (#23754). + * Fixed an infinite loop bug for certain cyclic migration + dependencies, and made the error message for cyclic dependencies + much more helpful. + * Added missing index_together handling for SQLite (#23880). + * Fixed a crash when RunSQL SQL content was collected by the schema + editor, typically when using sqlmigrate (#23909). + * Fixed a regression in contrib.admin add/change views which caused + some ModelAdmin methods to receive the incorrect obj value + (#23934). + * Fixed runserver crash when socket error message contained Unicode + characters (#23946). + * Fixed serialization of type when adding a deconstruct() method + (#23950). + * Prevented the SessionAuthenticationMiddleware from setting a + "Vary: Cookie" header on all responses (#23939). + * Fixed a crash when adding blank=True to TextField() on MySQL + (#23920). + * Fixed index creation by the migration infrastructure, particularly + when dealing with PostgreSQL specific {text|varchar}_pattern_ops + indexes (#23954). + * Fixed bug in makemigrations that created broken migration files + when dealing with multiple table inheritance and inheriting from + more than one model (#23956). + * Fixed a crash when a MultiValueField has invalid data (#23674). + * Fixed a crash in the admin when using “Save as new” and also + deleting a related inline (#23857). + * Always converted related_name to text (unicode), since that is + required on Python 3 for interpolation. Removed conversion of + related_name to text in migration deconstruction (#23455 and + #23982). + * Enlarged the sizes of tablespaces which are created by default for + testing on Oracle (the main tablespace was increased from 200M to + 300M and the temporary tablespace from 100M to 150M). This was + required to accommodate growth in Django’s own test suite + (#23969). + * Fixed timesince filter translations in Korean (#23989). + * Fixed the SQLite SchemaEditor to properly add defaults in the + absence of a user specified default. For example, a CharField with + blank=True didn’t set existing rows to an empty string which + resulted in a crash when adding the NOT NULL constraint (#23987). + * makemigrations no longer prompts for a default value when adding + TextField() or CharField() without a default (#23405). + * Fixed a migration crash when adding order_with_respect_to to a + table with existing rows (#23983). + * Restored the pre_migrate signal if all apps have migrations + (#23975). + * Made admin system checks run for custom AdminSites (#23497). + * Ensured the app registry is fully populated when unpickling + models. When an external script (like a queueing infrastructure) + reloads pickled models, it could crash with an AppRegistryNotReady + exception (#24007). + * Added quoting to field indexes in the SQL generated by migrations + to prevent a crash when the index name requires it (##24015). + * Added datetime.time support to migrations questioner (#23998). + * Fixed admindocs crash on apps installed as eggs (#23525). + * Changed migrations autodetector to generate an AlterModelOptions + operation instead of DeleteModel and CreateModel operations when + changing Meta.managed. This prevents data loss when changing + managed from False to True and vice versa (#24037). + * Enabled the sqlsequencereset command on apps with migrations + (#24054). + * Added tablespace SQL to apps with migrations (#24051). + * Corrected contrib.sites default site creation in a multiple + database setup (#24000). + * Restored support for objects that aren’t str or bytes in + mark_for_escaping() on Python 3. + * Supported strings escaped by third-party libraries with the + __html__ convention in the template engine (#23831). + * Prevented extraneous DROP DEFAULT SQL in migrations (#23581). + * Restored the ability to use more than five levels of subqueries + (#23758). + * Fixed crash when ValidationError is initialized with a + ValidationError that is initialized with a dictionary (#24008). + * Prevented a crash on apps without migrations when running migrate + --list (#23366). + +------------------------------------------------------------------- +Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7.1 + + * Allowed related many-to-many fields to be referenced in the admin + (#23604). + * Added a more helpful error message if you try to migrate an app + without first creating the contenttypes table (#22411). + * Modified migrations dependency algorithm to avoid possible + infinite recursion. + * Fixed a UnicodeDecodeError when the flush error message contained + Unicode characters (#22882). + * Reinstated missing CHECK SQL clauses which were omitted on some + backends when not using migrations (#23416). + * Fixed serialization of type objects in migrations (#22951). + * Allowed inline and hidden references to admin fields (#23431). + * The @deconstructible decorator now fails with a ValueError if the + decorated object cannot automatically be imported (#23418). + * Fixed a typo in an inlineformset_factory() error message that + caused a crash (#23451). + * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the + 'auth.User' model (#11775). As a side effect, the setting now adds + a get_absolute_url() method to any model that appears in + ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). + * Avoided masking some ImportError exceptions during application + loading (#22920). + * Empty index_together or unique_together model options no longer + results in infinite migrations (#23452). + * Fixed crash in contrib.sitemaps if lastmod returned a date rather + than a datetime (#23403). + * Allowed migrations to work with app_labels that have the same last + part (e.g. django.contrib.auth and vendor.auth) (#23483). + * Restored the ability to deepcopy F objects (#23492). + * Formats for Welsh (cy) and several Chinese locales (zh_CN, + zh_Hans, zh_Hant and zh_TW) have been added. Formats for + Macedonian have been fixed (trailing dot removed, #23532). + * Added quoting of constraint names in the SQL generated by + migrations to prevent crash with uppercase characters in the name + (#23065). + * Fixed renaming of models with a self-referential many-to-many + field (ManyToManyField('self')) (#23503). + * Added the get_extra(), get_max_num(), and get_min_num() hooks to + GenericInlineModelAdmin (#23539). + * Made migrations.RunSQL no longer require percent sign + escaping. This is now consistent with cursor.execute() (#23426). + * Made the SERIALIZE entry in the TEST dictionary usable (#23421). + * Fixed bug in migrations that prevented foreign key constraints to + unmanaged models with a custom primary key (#23415). + * Added SchemaEditor for MySQL GIS backend so that spatial indexes + will be created for apps with migrations (#23538). + * Added SchemaEditor for Oracle GIS backend so that spatial metadata + and indexes will be created for apps with migrations (#23537). + * Coerced the related_name model field option to unicode during + migration generation to generate migrations that work with both + Python 2 and 3 (#23455). + * Fixed MigrationWriter to handle builtin types without imports + (#23560). + * Fixed deepcopy on ErrorList (#23594). + * Made the admindocs view to browse view details check if the view + specified in the URL exists in the URLconf. Previously it was + possible to import arbitrary packages from the Python path. This + was not considered a security issue because admindocs is only + accessible to staff users (#23601). + * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII + characters in the request (#23593). + * Fixed missing get_or_create and update_or_create on related + managers causing IntegrityError (#23611). + * Made urlsafe_base64_decode() return the proper type (byte string) + on Python 3 (#23333). + * makemigrations can now serialize timezone-aware values (#23365). + * Added a prompt to the migrations questioner when removing the null + constraint from a field to prevent an IntegrityError on existing + NULL rows (#23609). + * Fixed generic relations in ModelAdmin.list_filter (#23616). + * Restored RFC compliance for the SMTP backend on Python 3 (#23063). + * Fixed a crash while parsing cookies containing invalid content + (#23638). + * The system check framework now raises error models.E020 when the + class method Model.check() is unreachable (#23615). + * Made the Oracle test database creation drop the test user in the + event of an unclean exit of a previous test run (#23649). + * Fixed makemigrations to detect changes to Meta.db_table (#23629). + * Fixed a regression when feeding the Django test client with an + empty data string (#21740). + * Fixed a regression in makemessages where static files were + unexpectedly ignored (#23583). + +------------------------------------------------------------------- +Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7 + + * A new built-in database migration system. Notes on upgrading from + South (a popular third*party application providing migration + functionality) are also available. + * A refactored concept of Django applications. Django applications + are no longer tied to the existence of a models files, and can now + specify both configuration data and code to be executed as Django + starts up. + * Improvements to the model Field API to support migrations and, in + the future, to enable easy addition of composite-key support to + Django's ORM. + * Improvements for custom Manager and QuerySet classes, allowing + reverse relationship traversal to specify the Manager to use, and + creation of a Manager from a custom QuerySet class. + * An extensible system check framework which can assist developers + in detecting and diagnosing errors. + + Please refer to the release notes for all details and migration + instructions: + https://docs.djangoproject.com/en/1.7/releases/1.7/ + +- Added python-setuptools as a BuildRequires. + +- Fixed Source URL from Django Project site. + +- Reordered sources. + +- Fixed deduplication to avoid wrong mtimes in pyc files. + +------------------------------------------------------------------- +Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- +Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com + +- Fix update-alternatives + +------------------------------------------------------------------- +Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com + +- Update to version 1.6.2: + + Prevented the base geometry object of a prepared geometry to be garbage + collected, which could lead to crash Django (#21662). + + Fixed a crash when executing the changepassword command when the user + object representation contained non-ASCII characters (#21627). + + The collectstatic command will raise an error rather than default to + using the current working directory if STATIC_ROOT is not set. Combined + with the --clear option, the previous behavior could wipe anything + below the current working directory (#21581). + + Fixed mail encoding on Python 3.3.3+ (#21093). + + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, + the connection wasn’t in autocommit mode but Django pretended it was. + + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + + Added missing items to django.utils.timezone.__all__ (#21880). + + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + + Fixed join promotion for negated AND conditions (#21748). + + Oracle database introspection now works with boolean and float fields (#19884). + + Fixed an issue where lazy objects weren’t actually marked as safe when + passed through mark_safe() and could end up being double-escaped (#21882). + +------------------------------------------------------------------- +Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.1: + - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 + release notes. + +------------------------------------------------------------------- +Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com + +- Update-alternatives also for bash-completion + +------------------------------------------------------------------- +Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com + +- Only ghost /etc/alternatives on 12.3 or newer + +------------------------------------------------------------------- +Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com + +- Require python-Pillow for image-related functionality +- Package was renamed from python-django +- Drop Django-1.2-completion-only-for-bash.patch: Useless + +------------------------------------------------------------------- +Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br + +- Update to version 1.6: + - Please read the release notes + https://docs.djangoproject.com/en/1.6/releases/1.6 +- Removed Patch2 as it is no needed anymore: + Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch + +------------------------------------------------------------------- +Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed directory traversal with ssi template tag + +------------------------------------------------------------------- +Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.2: + - Security release, please check release notes for details: + https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued + +------------------------------------------------------------------- +Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.1: + - Memory leak fix, please read release announcement at + https://www.djangoproject.com/weblog/2013/mar/28/django-151. + +------------------------------------------------------------------- +Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5: + - Please read the release notes + https://docs.djangoproject.com/en/1.5/releases/1.5 + +------------------------------------------------------------------- +Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.3: + - Security release: + - Host header poisoning + - Redirect poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/dec/10/security + +------------------------------------------------------------------- +Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- +Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.1: + - Security release: + - Cross-site scripting in authentication views + - Denial-of-service in image validation + - Denial-of-service via get_image_dimensions() + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued + +------------------------------------------------------------------- +Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de + +- Add patch to support CSRF_COOKIE_HTTPONLY config + +------------------------------------------------------------------- +Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4: + - Please read the release notes + https://docs.djangoproject.com/en/dev/releases/1.4 +- Removed Patch2, it was merged on upstream, + +------------------------------------------------------------------- +Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de + +- Set license to SDPX style (BSD-3-Clause) +- Package AUTHORS, LICENE and README files +- No CFLAGS for noarch package +- Drop runtime dependency on gettext-tools + +------------------------------------------------------------------- +Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3.1 to fix security issues, please read + https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. + +------------------------------------------------------------------- +Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br + +- Fix build on SLES_9. + +------------------------------------------------------------------- +Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3 final; +- Refresh patch empty-ip-2.diff. + +------------------------------------------------------------------- +Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3-rc1; +- Regenerated spec file with py2pack; +- No more need to fix wrong line endings; +- Refresh patch empty-ip-2.diff with -p0. + +------------------------------------------------------------------- +Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de + +- Spec file cleanup: + * Removed empty lines, package authors from description + * Cleanup duplicates + * Corrected wrong file endings + * Added zero-length rpmlint filter +- Added AUTHORS, LICENSE and doc files + +------------------------------------------------------------------- +Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.2.5: + - This is a security update that fix: + - Flaw in CSRF handling; + - Potential XSS in file field rendering. + +------------------------------------------------------------------- +Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.4: + - Information leakage in Django administrative interface; + - Denial-of-service attack in password-reset mechanism. +- This is a mandatory security update. + +------------------------------------------------------------------- +Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.3: + - The patch applied for the security issue covered in Django + 1.2.2 caused issues with non-ASCII responses using CSRF + tokens. This has been remedied; + - The patch also caused issues with some forms, most notably + the user-editing forms in the Django administrative interface. + This has been remedied. + - The packaging manifest did not contain the full list of + required files. This has been remedied. + +------------------------------------------------------------------- +Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.2. +- This is a ciritical security update fixing a default XSS bug! + +------------------------------------------------------------------- +Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca + +- Added patch to fix upstream bug 5622: Empty ipaddress raises an error + +------------------------------------------------------------------- +Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.1. + +------------------------------------------------------------------- +Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2. + +------------------------------------------------------------------- +Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-rc-1. + +------------------------------------------------------------------- +Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br + +- Spec file cleaned with spec-cleaner; +- Minor manual adjusts on spec file. + +------------------------------------------------------------------- +Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br + +- Moved autocomplete file path from /etc/profile.d to + /etc/bash_completion.d. Then it works with konsole too. + +------------------------------------------------------------------- +Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-beta-1; +- Using -q option on prep section of spec file; +- Using INSTALLED_FILES instead of declaring files; +- Removed dummy changelog section of spec file; +- Update completion bash patch. + +------------------------------------------------------------------- +Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org + +- Update to 1.1.1 due to security issue described at + http://www.djangoproject.com/weblog/2009/oct/09/security/ + +------------------------------------------------------------------- +Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br + +- Removed old tarball file (Django-1.1.tar.bz2). + +------------------------------------------------------------------- +Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de + +- Fix python version check. + +------------------------------------------------------------------- +Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de + +- Don't require python-sqlite2 for python >= 2.6. + +------------------------------------------------------------------- +Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de + +- Build as noarch on factory. + +------------------------------------------------------------------- +Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de + +- don't run bash completion on shells other than bash. Avoiding + error messages produced at login when using other shells. + +------------------------------------------------------------------- +Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br + +- Added bash auto-complete to openSUSE. + +------------------------------------------------------------------- +Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net + +- update to version 1.1 +- add python-django-rpmlintrc to quiet rpmlint complaints about -lang + +------------------------------------------------------------------- +Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de + +- add python-xml to the Requires (./manage.py syncdb crashes + otherwise) + +------------------------------------------------------------------- +Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 1.0 +- Fix build on SLES9 + +------------------------------------------------------------------- +Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de + +- update to version 1.0 final + +------------------------------------------------------------------- +Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 0.96.2 + +------------------------------------------------------------------- +Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca + +- The way simplejson is included in this package is not useful to other + packages. Removed from provides + +------------------------------------------------------------------- +Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de + +- verion 0.96.1 fixes D.o.S attack in the i18n module + +------------------------------------------------------------------- +Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de + +- update to version 0.96 + see http://www.djangoproject.com/documentation/release_notes_0.96 for details +- this package provides python-simplejson too. diff --git a/python-Django.keyring b/python-Django.keyring new file mode 100644 index 0000000..591726f --- /dev/null +++ b/python-Django.keyring @@ -0,0 +1,132 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBErcoVkRBACt1HBsLQQ9HeRHrqMbYfWEW3d0KoWzjKU9ZW59oq8ceVCYfhyT +ZKxyLobyed+NhL3SJCE5e4hs5UfyBdS4c8I97MFDKCA5TBu3pMnYGxWje3fSwP6o +RGcP8Ji4/tISclyGrkMruDNzpT93R8H/SixPGFcH7kCp4xQxPBc0esdU4wCg1azF +kUuFijNryusT+i58hVE3dMkD/iAfCh4bcLyZ8aygLZxg3bn3YauJASEjuqVXUgTB +diBdhXnldq0xs2IwQJY1paAajXf5FsjlTVQrQWMtTQ5qWKpQr0lAanufnEDNu6GW +orWBzLaSWQWEkcRALmZS6MBkmVCx/JiIvt0sUxrG4boQ6qYlQYZsaHaAMUZT997v +1ktqA/4kPUfV2gqJuVzWwbhrKhAyhSivmhhe+1lUFa7phRmoMNw7/jXi9OV1lmL2 +ty+0LkeCXUChrXarey4AnPI58aR0xshiAxGEI2jPi+vWkgGblOG3TBoZBH5jV+d2 +/5mmlCs/KkJkdsN+LXR3m5o/oFs7MgGD8pxa1jwK9xcu1xKIqrQyTmF0YWxpYSBC +aWRhcnQgKG5lc3NpdGEpIDxuYXRhbGlhYmlkYXJ0QGdtYWlsLmNvbT6IYgQTEQIA +IgUCTG1snwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQrlwdYDo57Zf7 +lQCeIHmWQQek0zboTqMuy60phrUIzowAn0ONlnzzL0oWiNUpbY8nDsernILWiGAE +ExECACAFAkrcoVkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCuXB1gOjnt +l5FdAKCSLwUJNZXs3WXqKabi2adRcdqZ8gCeLgbbqJ2Dqqaeb3tXK6zWC7ZO9CK0 +NE5hdGFsaWEgQmlkYXJ0IChuZXNzaXRhKSA8bmF0YWxpYS5iaWRhcnRAdWJ1bnR1 +LmNvbT6IZQQTEQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk8oONcC +GQEACgkQrlwdYDo57ZejrgCdFyBg4VipDYmoQ5eOpXe4Vegiwl4AoK00YytEeMvO +EFqZY+qVvqaV3It6iGIEExECACIFAkvrLFwCGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAAAoJEK5cHWA6Oe2XD+QAoK02osWaLzROXg54drLpJMNLs/DGAJ9XlSak +dQv6uX5QFT1QZCp/WwozIrQzTmF0YWxpYSBCaWRhcnQgKG5lc3NpdGEpIDxuYXRh +bGlhLmJpZGFydEBnbWFpbC5jb20+iGIEExECACIFAkvrLBMCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJEK5cHWA6Oe2XrQoAoIpzDPsuwhwuVcelVh3F8q3w +qhk2AKCj6rF6x+kzUwtT6lM8wkUj4x+CgLQ3TmF0YWxpYSBCaWRhcnQgKG5lc3Np +dGEpIDxuYXRhbGlhLmJpZGFydEBjYW5vbmljYWwuY29tPohgBBMRAgAgBQJK3gu6 +AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQrlwdYDo57ZfaNgCfXhjx28H4 +WQ8CjWsdyJU2Kmh44qoAn0zp3TeEFuSPCEBZ0jAR4dwuSrpguQINBErcoVkQCACX +mxZ+acE5irfOe09OclJ+vKxqrnaEpveyLJZzKiWz5GlZLV3gPEMs3Pu0tGtTjadG +CRck2xIYArDz1aPwvM4dHswIy3TyzoSTgW1ybz5TXzkxWDcdwukYm1gKlWMb8JQW +v76KtoiNuY/EIUAaO9M7ZyUPSWunh5CK+ttYKs+KrD8wt8Te7PdsrstUMP2uplOt +I0zKK8P+gcCNZQTZh71Z8WAhZF/tn9LpkE9p0Au3pVEVk7Z8492TO4DySFhBNVEM +IY9KVNiZoEMAaiRUFgG3gPj3MD4wDyaiWp+5b8XQylXcfWsPx3nujLJNUiaJlV4u +Wjv0ZgwMHHLgORAlOJ2rAAMFB/94QWkhOmIzzx0iCob4fILZ2lqTt1fAAbaQxyq/ +LIaI6iSHqebEVVR9OUVTzqNtc0yDifxsbDZXEHmU2qx+aARoYmonxNmNoUS/U6Io +2iPgP1Jwt13dbd284xlgDTx8QO/TjX9lFyvt7AEHIrcHaomwVS0Il7wIfzG24kqX +j17VhD2j/2V6uA7ADAh8u0WFO93i30qNSCaCRphCU4K7gLdHLIp8TsGLdx/gf2mB +5SyhNOkHwEx80kSiFt+H5fER7XQep/w51XybqAt7SsWaIjYLsyMYXyiVdQChwzBd +vusRKv9qjg9eiyHI6aOw6foOUFlpfMx1oeknFDJrjJ3PKUPyiEkEGBECAAkFAkrc +oVkCGwwACgkQrlwdYDo57ZffZACfS9pUk1P5poP86jh8K2K6jpjU0y0AoNQ4ejtn +mpJC4x7FruZyi1wVdkMxmQINBGQu6XIBEADAnmu8HNENZh7UTuu5GfTeFhpmyj5K +yz//txfrm0/b6uTW5TXPgLjuvMzGG8PtaZHRIgZ0gzA+x7T5zKMTaoKs3EvgR5D3 +Y9NjteUWpf8FjvPhN01HZfaZ7yChwHwKobW0JYinNpBh0Cz51unGdLIDtELMaEFO +D8qdcpe63qG111S4G+4hcJUkXt4ALBpSnY9GOhlYQDn+ZDRGk1M9rjeMo+QsIJns +UZRlvBroJyg0toUXclw5QXFGp1+mrjOzKqdD0DmSN7LWlU0yCJB8H5bWZTiPAPOE +SW1Kb3kEW+Qy8YkcH7SkQ7N72wsuIwKJNiddMLZnXeR0Lcvt0t7ftUfs44VEZSwm +V0I7lyZZWr+Pei8nGaLxxCI4OtASXcQ+VVKF/HoR/necD1QmqmuCeiMLmYT5jEPZ +oovOri5onkWIQfjfWeUVErxNi9Uz18mi9P7PfAWOzNCmdkuVqsPtpymyDcKYYh9u +D/CTH9w1B69CRjld6NOfal05fIrfKuVgPvmQnPeCn+KgTBwv8T+mgGVjkBlDGpYy +6Y24s13R6WoawJnjIEjA/Q5QOSDXYtpgF8D3cMW+LUlD9lu2A6OO64H33rInIaut +8IFgKcTf3pXbzh1J6Zs+fcjOryitM7t4Fo1ClJ+DSn4yoUHxP2UEZL6LL0DF6LrE +kJjKxwRp20lPwwARAQABtDFOYXRhbGlhIDwxMjQzMDQrbmVzc2l0YUB1c2Vycy5u +b3JlcGx5LmdpdGh1Yi5jb20+iQJOBBMBCAA4FiEEW1sboQ2FrHxcduOPLugqjZRw +mD4FAmQu6XICGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQLugqjZRwmD56 +rQ//UvzX9/4Eo3HPBMDEIwExjmYGyTqiQQm2KW9Z4U0zQVdeLVF8ZOdaIKn1RBUw +M02RJWI2HjovdLN3LbXpTtQtamSvvU6fv7vy5zLBJdVL9eKXXG+3MPCWDHOqwp/u +L/4lq0pUy5ejb4AnIQw1RIQiz6/pprDzgF0celWLhL3krxEqts76X1Jv9wCIYMXV +3reCBqpcfIqWQETLP/NdPVcOIRv0al1qcBw2hUOvEyx72n+17Hb30rFQp+35BaZZ +IjnL3H6pATgjk52EiDdRkyWL9CFrbJ/wkbAvEO29GcUPg1+bT6UZq8LKXyDs/WSL +UkxQ/6w8DzicBiFj/oT7GSMr8KfO4YUMzh/kAFA4v8Q+a53Dq1Icbk9LqkWpu1pA +Hopw3lpGdADuC0z/iYO/U04uUSN5YGyUUOgk5w+CkV8NuL/g2yniNf9AXrbt4ByI +V7cqBt9qdS6z6leuW1M8yrPhX1IcKKqj25sPKAgzp3A6Bt7orr1NZGOVJ4alR4ff +pYvq+wfmIPKf0AbzHGOkYjF4BMvkLRchhi28q+qX5cCuMr+aoqKUtJ2IFiXsvbFN +k0aYWUr5y5qSJoAVf0GMkByQW6+F6bXRRdCpS/JX5JA8qrYp+oV8VhveOOslHVqj +ILAlkMMXoTx6G79DdvQ87fdb4+aIQ96U4T8B6zMxazvmU1i5Ag0EZC7pcgEQAL9n +X/eaWY+v4GgeGjRIWmmrjMBYyeeyJIyL9Mk3iyH/gIOnTDmlX+njjyvyWKfMYIl1 +HmMtzlF3OgsuLeekwbDrXA8xvslp1xmiKLOamPvXwPG/XqkJrYtzVUDEFCtRpEJ0 +c38d+P8WEMjbviyIwJ9PxLllamEK61dRtj1NCMc/Ix4+b54UHxi44Jz1bqQxfgjj +u2o8sPnyZio+DRFWVE3Eocp0rdZ3rlKjUsBXKEElTuIScoKjGwKwaMfxoBgwRhzx +oESwk8CqlH7WzNookx1M1/JjKYdrwln2aNuChtlKLRmUqT7qqTNtett2vy73VM3b +zfXdor94S3q+YtMEvNbo9QCzn6La7HOx+PMm8XM2d9aC7Hz4FBK0xIQB+HLZEIhP +7KQ7GJ2Xn3LStyoO5K64uqi2X2YjsYUcPzvI3uUK+gtH3H1SSIazh7UAUbcEuo7N +K8vF9Vtqp6S2qkjoeV6Dnvy+6735b1WIBZieAmbKaz74IW1IP0lZn3pXeRFo2Wjq +Ojf8zkNacf61exysAkGU2fubsXSZxuxc8DVXKbkpK69tXDSOUmSKTBPVzzmIM79S +yYH1MMRZqQ52Y471qiEZxEPasJXIEVcWbdJxEC/eEiuptPAtojRQH6kJ/AF3Z9Xd +eBaxyuMQ249jqTYwjCehfumTbhP5VhO3QOxs31G/ABEBAAGJAjYEGAEIACAWIQRb +WxuhDYWsfFx2448u6CqNlHCYPgUCZC7pcgIbDAAKCRAu6CqNlHCYPhz3EACx3Hqf +KUMeqUTVOiDyHguBr1FrhMtU5m/nkjdbLWlBHOGHkM4RNDNQTPyQb/C8vcuHYv5l +DPFrzOawdjTyFCuo6f0TMIx38Bbjxo9C8XTnvKbUpyTEQ3dJm67ppF4n6cui+0IC +UefzPkkCbdIPzt2pYopMDB4Hv4Yv6hqeq987Iz1erh7dQe1TDTxIv9PXLYZT60Ro +K0+g+caU9LwVjYiLoeCM1Zhndy6fDV5mu3ctEzcqr/YVH9kDZAuF0O1SX9y42neJ +7hictnE0KrRymVL5d9pp2WKtPny+itSax/a///Q43m1gA9KFuKHtOuGUpYzf76FS +Ld0cC4xjDpPcVTGc8To4+CjNTIrjzbBYa3JU/3J2kwyEw/k1EucRb/RFPbklUSph +Kmd2ewcDLUvcasTwoR/0uplA8gAuV1x7wPBgAW7kmpjiQevl1KLj08HA/jTdfrdx +Yd1GGiNjBmHGu9C8YZ/7fJU50dhv4jWF4dw8OyXtAI4wk5aoJHsJ5iGIMVOVzNLe +mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe +SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv +eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA== +=ul9f +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k +cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW +qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR +vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa +bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz +mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB +a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3 +okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl +EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93 +KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+ +iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm +j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu +NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev +BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK +waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1 +CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC +1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5 +AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi +IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H +MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW +4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C +aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS +h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i +SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU +PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu +tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb +pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA +AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV +sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7 +G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk +334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf +07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj ++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK +qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL +5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8 +BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF +z+gZLcBuv/NdNg== +=B8gH +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python-Django.spec b/python-Django.spec new file mode 100644 index 0000000..2f9abae --- /dev/null +++ b/python-Django.spec @@ -0,0 +1,164 @@ +# +# spec file for package python-Django +# +# Copyright (c) 2025 SUSE LLC and contributors +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# Selenium and memcached are not operational +%bcond_with selenium +%bcond_with memcached +%{?sle15_python_module_pythons} +%if 0%{?suse_version} > 1500 +%bcond_without libalternatives +%else +%bcond_with libalternatives +%endif +Name: python-Django +Version: 5.2.6 +Release: 0 +Summary: A high-level Python Web framework +License: BSD-3-Clause +URL: https://www.djangoproject.com +Source: https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz +Source1: https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt +Source2: %{name}.keyring +Source99: python-Django-rpmlintrc +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. +# fixed and refined upstream, but some of our interpreters weren't updated to a new version yet and still only carry the patch, so providing the non-conditional version +Patch0: test_strip_tags.patch +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25. +Patch1: support-msgfmt-0.25.patch +BuildRequires: %{python_module Jinja2 >= 2.9.2} +BuildRequires: %{python_module Pillow >= 6.2.0} +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module argon2-cffi >= 19.1.0} +BuildRequires: %{python_module asgiref >= 3.7.0} +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module bcrypt} +BuildRequires: %{python_module docutils} +BuildRequires: %{python_module geoip2} +BuildRequires: %{python_module numpy} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytz} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module sqlparse >= 0.3.1} +BuildRequires: %{python_module tblib >= 1.5.0} +BuildRequires: %{python_module wheel} +BuildRequires: %{pythons} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: python +Requires: python-asgiref >= 3.7.0 +Requires: python-sqlparse >= 0.3.1 +Requires: python-tzdata +Recommends: python-Jinja2 >= 2.9.2 +Recommends: python-Pillow >= 6.2.0 +Recommends: python-PyYAML +Recommends: python-argon2-cffi >= 19.1.0 +Recommends: python-bcrypt +Recommends: python-geoip2 +Recommends: python-pylibmc +Recommends: python-pymemcache +Provides: python-django = %{version} +Obsoletes: python-django < %{version} +Provides: python-South = %{version} +Obsoletes: python-South < %{version} +BuildArch: noarch +%if %{with libalternatives} +BuildRequires: alts +Requires: alts +%else +Requires(post): update-alternatives +Requires(postun): update-alternatives +%endif +%if %{with memcached} +BuildRequires: %{python_module pylibmc} +BuildRequires: %{python_module pymemcache} +%endif +%if %{with selenium} +# python-selenium is supported only on the Intel architecture. +# Additionally chromedriver is only available on x86_64. +%ifarch %{ix86} x86_64 +BuildRequires: %{python_module selenium} +BuildRequires: chromedriver +BuildRequires: xvfb-run +%endif +%endif +%python_subpackages + +%description +Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. + +%prep +# The publisher doesn't sign the source tarball, but a signatures file +# containing multiple hashes. +gpg --import %{SOURCE2} +gpg --verify %{SOURCE1} +# +# Verify hashes in that file against source tarball. +echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-32` %{SOURCE0}" | md5sum -c +echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-40` %{SOURCE0}" | sha1sum -c +echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-64` %{SOURCE0}" | sha256sum -c + +%autosetup -p1 -n django-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install + +%python_clone -a %{buildroot}%{_bindir}/django-admin + +%{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%%{_datadir}/bash-completion/completions/django_bash_completion-%{$python_bin_suffix}.sh +# Fix wrong-script-interpreter +sed -i "s|^#!%{_bindir}/env python$|#!%{_bindir}/$python|" \ + %{buildroot}%{$python_sitelib}/django/conf/project_template/manage.py-tpl +} +%python_compileall +%{python_expand # +%fdupes %{buildroot}%{$python_sitelib}/django/ +%fdupes %{buildroot}%{$python_sitelib}/Django-%{version}-py*.egg-info/ +} + +%check +export LANG=en_US.UTF8 +export PYTHONDONTWRITEBYTECODE=1 +%if %{with selenium} +export PATH=%{_libdir}/chromium:$PATH +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} xvfb-run $python tests/runtests.py -v 2 --selenium=chrome +%else +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2 +%endif + +%pre +%python_libalternatives_reset_alternative django-admin + +%post +%{python_install_alternative django-admin} + +%postun +%{python_uninstall_alternative django-admin} + +%files %{python_files} +%doc AUTHORS README.rst +%license LICENSE +%python_alternative %{_bindir}/django-admin +%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh +%{python_sitelib}/django +%{python_sitelib}/[Dd]jango-%{version}*-info + +%changelog diff --git a/support-msgfmt-0.25.patch b/support-msgfmt-0.25.patch new file mode 100644 index 0000000..535692a --- /dev/null +++ b/support-msgfmt-0.25.patch @@ -0,0 +1,69 @@ +From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001 +From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com> +Date: Fri, 6 Jun 2025 04:58:29 +0800 +Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii + compatible with msgfmt 0.25. + +--- + tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py +index 4b0bb9f6bb1..3a57dbf0765 100644 +--- a/tests/i18n/test_compilation.py ++++ b/tests/i18n/test_compilation.py +@@ -1,5 +1,6 @@ + import gettext as gettext_module + import os ++import re + import stat + import unittest + from io import StringIO +@@ -8,10 +9,12 @@ + from unittest import mock + + from django.core.management import CommandError, call_command, execute_from_command_line +-from django.core.management.utils import find_command ++from django.core.management.utils import find_command, popen_wrapper + from django.test import SimpleTestCase, override_settings + from django.test.utils import captured_stderr, captured_stdout + from django.utils import translation ++from django.utils.encoding import DEFAULT_LOCALE_ENCODING ++from django.utils.functional import cached_property + from django.utils.translation import gettext + + from .utils import RunInTmpDirMixin, copytree +@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self): + + + class CompilationErrorHandling(MessageCompilationTests): ++ @cached_property ++ def msgfmt_version(self): ++ # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt ++ # version should align to gettext. ++ out, err, status = popen_wrapper( ++ ["msgfmt", "--version"], ++ stdout_encoding=DEFAULT_LOCALE_ENCODING, ++ ) ++ m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out) ++ return tuple(int(d) for d in m.groups() if d is not None) ++ + def test_error_reported_by_msgfmt(self): + # po file contains wrong po formatting. + with self.assertRaises(CommandError): +@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self): + call_command( + "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr + ) +- self.assertIn("' cannot start a field name", stderr.getvalue()) ++ if self.msgfmt_version < (0, 25): ++ error_msg = "' cannot start a field name" ++ else: ++ error_msg = ( ++ "a field name starts with a character that is not alphanumerical " ++ "or underscore" ++ ) ++ self.assertIn(error_msg, stderr.getvalue()) + + + class ProjectAndAppTests(MessageCompilationTests): diff --git a/test_strip_tags.patch b/test_strip_tags.patch new file mode 100644 index 0000000..f06403f --- /dev/null +++ b/test_strip_tags.patch @@ -0,0 +1,49 @@ +From 578ef30376fd279865d1719fcad064a00c625a6b Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Mon, 14 Jul 2025 14:45:03 -0300 +Subject: [PATCH] Fixed #36499 -- Adjusted + utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's + HTMLParser new behavior. + +--- + tests/test_utils/tests.py | 4 ++-- + tests/utils_tests/test_html.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +Index: django-5.2.6/tests/test_utils/tests.py +=================================================================== +--- django-5.2.6.orig/tests/test_utils/tests.py ++++ django-5.2.6/tests/test_utils/tests.py +@@ -945,10 +945,10 @@ class HTMLEqualTests(SimpleTestCase): + self.assertHTMLEqual("", "

          ") + error_msg = ( + "First argument is not valid HTML:\n" +- "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" ++ "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))" + ) + with self.assertRaisesMessage(AssertionError, error_msg): +- self.assertHTMLEqual("< div>", "

          ") ++ self.assertHTMLEqual("", "
          ") + with self.assertRaises(HTMLParseError): + parse_html("

          ") + +Index: django-5.2.6/tests/utils_tests/test_html.py +=================================================================== +--- django-5.2.6.orig/tests/utils_tests/test_html.py ++++ django-5.2.6/tests/utils_tests/test_html.py +@@ -162,13 +162,13 @@ class TestUtilsHtml(SimpleTestCase): + ("&h", "alert()h"), + ( + ">" if htmlparser_fixed else ">", + ), + ("X<<<
          br>br>br>X", "XX"), + ("<" * 50 + "a>" * 50, ""), + ( + ">" + "" if htmlparser_fixed else ">" + "", + ), + (" Date: Thu, 2 Oct 2025 10:47:09 +0000 Subject: [PATCH 5/6] - Update to 5.2.7 (bsc#1250485, bsc#1250487) * CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB * CVE-2025-59682: Potential partial directory-traversal via archive.extract() * Fixed a regression in Django 5.2 that reduced the color contrast of the label of filter_horizontal and filter_vertical widgets within a TabularInline OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=216 --- .gitattributes | 23 + .gitignore | 1 + Django-5.2.6.checksum.txt | 66 + Django-5.2.7.checksum.txt | 67 + django-5.2.6.tar.gz | 3 + django-5.2.7.tar.gz | 3 + python-Django-rpmlintrc | 5 + python-Django.changes | 3068 +++++++++++++++++++++++++++++++++++++ python-Django.keyring | 184 +++ python-Django.spec | 164 ++ support-msgfmt-0.25.patch | 69 + test_strip_tags.patch | 49 + 12 files changed, 3702 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Django-5.2.6.checksum.txt create mode 100644 Django-5.2.7.checksum.txt create mode 100644 django-5.2.6.tar.gz create mode 100644 django-5.2.7.tar.gz create mode 100644 python-Django-rpmlintrc create mode 100644 python-Django.changes create mode 100644 python-Django.keyring create mode 100644 python-Django.spec create mode 100644 support-msgfmt-0.25.patch create mode 100644 test_strip_tags.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Django-5.2.6.checksum.txt b/Django-5.2.6.checksum.txt new file mode 100644 index 0000000..e24bd5a --- /dev/null +++ b/Django-5.2.6.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.6, released September 3, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.6.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.6/tarball/ +https://www.djangoproject.com/download/5.2.6/wheel/ + +MD5 checksums +============= + +1f0327293cc3768903ce8cd390ec3f47 django-5.2.6.tar.gz +fca0005922f8db95eb97108e3d8e0b24 django-5.2.6-py3-none-any.whl + +SHA1 checksums +============== + +ada4c057790d255039ac5fe3a31378e5fde0417a django-5.2.6.tar.gz +f92e94e9ab2e21f3d681918d67b15e7e54d348f6 django-5.2.6-py3-none-any.whl + +SHA256 checksums +================ + +da5e00372763193d73cecbf71084a3848458cecf4cee36b9a1e8d318d114a87b django-5.2.6.tar.gz +60549579b1174a304b77e24a93d8d9fafe6b6c03ac16311f3e25918ea5a20058 django-5.2.6-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmi4JLQtHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +rLQL/AmvGY0A1mnf22ZarnqGyH1pRyC7ZrhX2XtoCN6rOjYHleXDqjCIRnbJPnSP +QoKVj6C0xiWsueetEWdrQd2iwgwuAir2dZ0x4TR9ejmVqUUb/R5BakqjZ7g46lsy +GOvU+MlQjzbu1sh0T2G7DC/z019v3+/3lHGpI4HkUFpIb6EOybKW61+MbZZqQMyY +EC/bYEIzfmoJN0Hyi9FoFx0aE/kMpeEYn6wXmEVUfpW7xqXy5AsA2VpU1/nbu0xS +2R+rOljxTSTvqZknDQhr3WbS6D8m/odlcF59pVNzuBwPChz78o6PtwKLitaUy1sp +LOiunKvQYU7Syt4yz+ro+5S+4bcCsIArOe4SKvkMOCi6pFxyXNz0a8PYXpCbg5ER +PQD6RhUbpz2FFMBTeGjPM4JhrIA06A4goX0Q6PHvOLDPg1WlopSKMu5BBGL7fr/O +7jfGeDf5qKIIJ9ZfZS/flS/ebxm8cG9sF7gpbganJC0TnOWmKLdPYQzLia4zFx3f +pj+RwA== +=g/HH +-----END PGP SIGNATURE----- diff --git a/Django-5.2.7.checksum.txt b/Django-5.2.7.checksum.txt new file mode 100644 index 0000000..9288589 --- /dev/null +++ b/Django-5.2.7.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.7, released October 1, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``131403F4D16D8DC7`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 131403F4D16D8DC7 + +or via the GitHub API: + + curl https://github.com/jacobtylerwalls.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.7.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.7/tarball/ +https://www.djangoproject.com/download/5.2.7/wheel/ + +MD5 checksums +============= + +699a77ac347ca3484939762483dc4b08 django-5.2.7.tar.gz +30df887c6ba5244acd04a278f8481a06 django-5.2.7-py3-none-any.whl + +SHA1 checksums +============== + +bce22898e62c431f76348b8aae1f5d4cea7591dc django-5.2.7.tar.gz +42b63a5c8bb660e8235cd56ae18b39dce593c7ce django-5.2.7-py3-none-any.whl + +SHA256 checksums +================ + +e0f6f12e2551b1716a95a63a1366ca91bbcd7be059862c1b18f989b1da356cdd django-5.2.7.tar.gz +59a13a6515f787dec9d97a0438cd2efac78c8aca1c80025244b0fe507fe0754b django-5.2.7-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmjdIyIACgkQExQD9NFt +jccrNhAAxBJuzYdRSWlL0lRJO/H14bZsOqzxGzLFx7uytj6mSrIWxc5+aStdkQM3 +DxDY8h9jcBqm2d7qSe0enPmqTCJKjZGgPOGDHl/d8p/cZ3l5ClEqrXw9QHiK0jff +WBdFQBSQ1YD/ZQ/W7RSgeWE3fD2Vrp7FrGMRIoy0GIJ5Fm2MDv+xi4epj/BWYNjI +MNu4dHwquo3Dfb5tdFmfjkTP9YDKbAAlEqFoj9VbtSzuhk/waTuIOqt8oOH1m7hF +fd+7+DXtYpRCQ/cw58qozG3yfgnf9loQevRfmQQa5RthEuXmixyVPrwASM6AJ+P9 +HdDS4p85+sHqyi/idXzkzml7WnTBtBMd8o9/2sVoWSEzQ8mUZ32NeMWE+A0u7hsl +krhnu1vJiqsJjAufbKZtjiuZwLHrt2iAQW1eRiW+pUGWMfqMidcMl88X1dFL3zI2 +Lgc4tt1607JRGA4aLoS0u2JQYsTu23I6fWklGq0ZxfkiAYPZ5H8o1vzk6gu+915b +0tySfttPk7DU4Qih7OLXHNeInPFSSUaKMzuKRKozWDFscHjTfxzzabCtuOP0hUCH +7ReoUJzUosxgvds8LoL07b3yP9qvA1IGDgseBxFlW3Vqv5GTwWQsTWwfVgxgP+tN +LXzQviPgWINscDdwx2uyYWpYFCCIOMYYL5pbBdb//ahug90gweM= +=RaIt +-----END PGP SIGNATURE----- diff --git a/django-5.2.6.tar.gz b/django-5.2.6.tar.gz new file mode 100644 index 0000000..4d5759a --- /dev/null +++ b/django-5.2.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:da5e00372763193d73cecbf71084a3848458cecf4cee36b9a1e8d318d114a87b +size 10858861 diff --git a/django-5.2.7.tar.gz b/django-5.2.7.tar.gz new file mode 100644 index 0000000..3211f25 --- /dev/null +++ b/django-5.2.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e0f6f12e2551b1716a95a63a1366ca91bbcd7be059862c1b18f989b1da356cdd +size 10865812 diff --git a/python-Django-rpmlintrc b/python-Django-rpmlintrc new file mode 100644 index 0000000..0159bae --- /dev/null +++ b/python-Django-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("file-not-in-%lang") +# Empty model.py files should be kept around: +addFilter("zero-length") +# Bash completion isn't config: +# addFilter("non-conffile-in-etc /etc/bash_completion.d/django_bash_completion*") diff --git a/python-Django.changes b/python-Django.changes new file mode 100644 index 0000000..51bed81 --- /dev/null +++ b/python-Django.changes @@ -0,0 +1,3068 @@ +------------------------------------------------------------------- +Thu Oct 2 09:41:30 UTC 2025 - Markéta Machová + +- Update to 5.2.7 (bsc#1250485, bsc#1250487) + * CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), + aggregate(), and extra() on MySQL and MariaDB + * CVE-2025-59682: Potential partial directory-traversal via archive.extract() + * Fixed a regression in Django 5.2 that reduced the color contrast of the + label of filter_horizontal and filter_vertical widgets within a TabularInline + +------------------------------------------------------------------- +Thu Sep 4 10:02:00 UTC 2025 - Markéta Machová + +- Update to 5.2.6 (bsc#1248810) + * CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases + * Fixed a bug where using QuerySet.values() or values_list() with a ForeignObject + composed of multiple fields returned incorrect results instead of tuples of + the referenced fields +- Rebased test_strip_tags.patch + +------------------------------------------------------------------- +Tue Aug 12 10:52:26 UTC 2025 - Markéta Machová + +- Update to 5.2.5 + * Fixed a regression in Django 5.2.1 that prevented the usage of UNNEST + PostgreSQL strategy of QuerySet.bulk_create() with foreign keys + * Fixed a crash in Django 5.2 when filtering against a composite primary key + using a tuple containing expressions + * Fixed a crash in Django 5.2 when validating a model that uses + GeneratedField or constraints composed of Q and Case lookups + * Added compatibility for docutils 0.22 + * Fixed a crash in Django 5.2 when using a ManyToManyField on a model with + a composite primary key, by extending the fields.E347 system check +- Convert to libalternatives on SLE-16-based and newer systems + +------------------------------------------------------------------- +Fri Aug 1 02:09:01 UTC 2025 - Steve Kowalik + +- Reinstate Requires on tzdata, a lot of packages use it. + +------------------------------------------------------------------- +Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik + +- Add patch support-msgfmt-0.25.patch: + * Support msgfmt 0.25 error messages changes. (bsc#1246966) +- Remove unneeded Requires on tzdata. + +------------------------------------------------------------------- +Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová + +- Add upstream test_strip_tags.patch to fix test errors with + at-this-point future python interpreters + +------------------------------------------------------------------- +Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová + +- Update to 5.2.4 + * Fixed a log injection possibility by migrating remaining response logging + to django.utils.log.log_response(), which safely escapes arguments + such as the request path to prevent unsafe log output (CVE 2025-48432). + * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to + incorrectly convert None to JSON null instead of SQL NULL for JSONField + * Fixed a regression in Django 5.2.2 where the q parameter was removed from + the internal django.http.MediaType.params property + * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type() + incorrectly preferred more specific media types with a lower quality + * Fixed a crash in Django 5.2 when performing an __in lookup involving a + composite primary key and a subquery on certain backends + +------------------------------------------------------------------- +Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová + +- Update to 5.2.2 (bsc#1244095) + * CVE-2025-48432: Potential log injection via unescaped request path + * Fixed a crash when using select_related against a ForeignObject + originating from a model with a CompositePrimaryKey + * Fixed a regression in Django 5.2 that caused a crash when no + arguments were passed into QuerySet.union(). + * Fixed a regression in Django 5.2 that caused a crash when using OuterRef + in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg. + * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not + account for media type parameters in Accept headers, reducing specificity + in content negotiation. + +------------------------------------------------------------------- +Mon May 12 08:20:40 UTC 2025 - Markéta Machová + +- Update to 5.2.1 (bsc#1242210) + * This release was built using an upgraded setuptools, producing + filenames compliant with PEP 491 and PEP 625 and thus addressing + a PyPI warning about non-compliant distribution filenames. This + change only affects the Django packaging process and does not + impact Django’s behavior. + * CVE-2025-32873: Denial-of-service possibility in strip_tags() + * Fixed a data corruption possibility in file_move_safe() when + allow_overwrite=True + * Fixed a regression introduced when fixing CVE 2025-26699, where + the wordwrap template filter did not preserve empty lines between + paragraphs after wrapping text + * Fixed many bugs and regressions in Django 5.2, see upstream changelog + +------------------------------------------------------------------- +Tue Apr 22 15:46:20 UTC 2025 - Markéta Machová + +- Add missing runtime dependency on tzdata + +------------------------------------------------------------------- +Mon Apr 7 15:02:18 UTC 2025 - Markéta Machová + +- Update to 5.2 + * Django 5.2 is designated as a long-term support release. It will receive + security updates for at least three years after its release. + * Django 5.2 supports Python 3.10, 3.11, 3.12, and 3.13. + ** What’s new in Django 5.2 ** + * Automatic models import in the shell + * Composite Primary Keys + * Simplified override of BoundField + * ... and many more smaller features + ** Backwards incompatible changes in 5.2 ** + * Database backend API changes + * Dropped support for PostgreSQL 13 + * Changed MySQL connection character set default + * ... and more, see upstream changelog + ** Features deprecated in 5.2 ** + * The all argument for the django.contrib.staticfiles.finders.find() + function is deprecated in favor of the find_all argument. + * The ordering keyword argument of the PostgreSQL specific aggregation + functions is deprecated in favor of the order_by argument. + +------------------------------------------------------------------- +Mon Apr 7 14:19:10 UTC 2025 - Markéta Machová + +- Update to 5.1.8 + * CVE-2025-27556: Potential denial-of-service vulnerability in + LoginView, LogoutView, and set_language() on Windows + * Fixed a regression in Django 5.1.7 where the removal of the single_object + parameter unintentionally altered the signature and return type of + LogEntryManager.log_actions() + +------------------------------------------------------------------- +Sun Mar 30 08:28:57 UTC 2025 - Dirk Müller + +- update filelist to be compatible with newer setuptools + +------------------------------------------------------------------- +Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová + +- Update to 5.1.7 (bsc#1239052) + * CVE-2025-26699: Potential denial-of-service vulnerability in + django.utils.text.wrap() + * Fixed a bug in Django 5.1 where the {% querystring %} template tag + returned an empty string rather than "?" + * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite + set to True, did not truncate the overwritten file content + * Fixed a regression in Django 5.1 where the count and exists methods of + ManyToManyField related managers would always return 0 and False when + the intermediary model back references used to_field + * Fixed a regression in Django 5.1 where the pre_save and post_save signals + for LogEntry were not sent when deleting a single object in the admin + +------------------------------------------------------------------- +Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová + +- Update to 5.1.6 + * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() + and validate_ipv46_address() to crash when handling non-string values + * Fixed a regression in Django 5.1 where password fields, despite being + set to required=False, were still treated as required in forms derived + from BaseUserCreationForm + +------------------------------------------------------------------- +Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová + +- Update to 5.1.5 (bsc#1235856) + * CVE-2024-56374: Potential denial-of-service vulnerability in + IPv6 validation + * Fixed a crash when applying migrations with references to the + removed Meta.index_together option + +------------------------------------------------------------------- +Mon Dec 9 09:13:02 UTC 2024 - Markéta Machová + +- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) + * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() + * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle + * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError + * Fixed a regression in Django 5.1 where relational fields were not updated + * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value + that contained a valid domain name, rather than only input values that were + a valid domain name + * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 + * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed + when rendering admin fieldsets + +------------------------------------------------------------------- +Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová + +- Update to 5.1.2 + * Fixed a regression in Django 5.1 that caused a crash when using + the PostgreSQL lookup trigram_similar on output fields from Concat + * Fixed a regression in Django 5.1 that caused a crash of JSONObject() + when using server-side binding with PostgreSQL 16+ + * Fixed a regression in Django 5.1 that made selected items in + multi-select widgets indistinguishable from non-selected items in + the admin dark theme + +------------------------------------------------------------------- +Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.1.1 (bsc#1229823, bsc#1229824) + * CVE-2024-45230: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-45231: Potential user email enumeration via response + status on password reset + * Fixed a regression in Django 5.1 that caused a crash of Window() + when passing an empty sequence to the order_by parameter, and a + crash of Prefetch() for a sliced queryset without ordering + * Fixed a regression in Django 5.1 where a new usable_password field + was included in BaseUserCreationForm (and children). A new + AdminUserCreationForm including this field was added, isolating + the feature to the admin where it was intended + * Adjusted the deprecation warning stacklevel in Model.save() and + Model.asave() to correctly point to the offending call site + * Adjusted the deprecation warning stacklevel when using + OS_OPEN_FLAGS in FileSystemStorage to correctly point to the + offending call site + * Adjusted the deprecation warning stacklevel in + FieldCacheMixin.get_cache_name() to correctly point to the + offending call site + * Restored, following a regression in Django 5.1, the ability to + override the timezone and role setting behavior used within the + init_connection_state method of the PostgreSQL backend + * Fixed a bug in Django 5.1 where variable lookup errors were logged + when rendering admin fieldsets + +------------------------------------------------------------------- +Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová + +- Update to 5.1 + * Supports Python >= 3.10. + * Easier guardrails for authentication: the new and shiny + LoginRequiredMiddleware, when added to MIDDLEWARE, enforces + authentication for all views by default. + * A more inclusive framework: Django 5.1 includes several accessibility + enhancements, such as improved screen reader support in the admin + interface, more semantic HTML elements, and better association of + help text and labels with form fieldsets. + * The second oldest ticket fixed in this release provides the long awaited + querystring template tag, which greatly simplifies the handling of query + strings when building URLs in templates. + * For a detailed list of changes see https://docs.djangoproject.com/en/5.1/releases/5.1/ +- Refreshed python-Django.keyring + +------------------------------------------------------------------- +Wed Aug 7 06:07:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632) + * CVE-2024-41989: Memory exhaustion in + django.utils.numberformat.floatformat() + * CVE-2024-41990: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-41991: Potential denial-of-service vulnerability in + django.utils.html.urlize() and AdminURLFieldWidget + * CVE-2024-42005: Potential SQL injection in QuerySet.values() and + values_list() + * Added missing validation for + UniqueConstraint(nulls_distinct=False) when using *expressions + * Fixed a regression in Django 5.0 where ModelAdmin.action_checkbox + could break the admin changelist HTML page when rendering a model + instance with a __html__ method + * Fixed a crash when creating a model with a Field.db_default and a + Meta.constraints constraint composed of __endswith, __startswith, + or __contains lookups + * Fixed a regression in Django 5.0.7 that caused a crash in + LocaleMiddleware when processing a language code over 500 + characters + * Fixed a bug in Django 5.0 that caused a system check crash when + ModelAdmin.date_hierarchy was a GeneratedField with an + output_field of DateField or DateTimeField + * Fixed a bug in Django 5.0 which caused constraint validation to + either crash or incorrectly raise validation errors for + constraints referring to fields using Field.db_default + * Fixed a crash in Django 5.0 when saving a model containing a + FileField with a db_default set + +------------------------------------------------------------------- +Tue Jul 9 14:03:46 UTC 2024 - Markéta Machová + +- Update to 5.0.7 + * Supports Python >= 3.10. + * Facet counts are now shown for applied filters in the admin changelist + when toggled on via the UI. This behavior can be changed via the new + ModelAdmin.show_facets attribute. + * Django 5.0 introduces the concept of a field group, and field group + templates. This simplifies rendering of the related elements of a + Django form field such as its label, widget, help text, and errors. + * The new Field.db_default parameter sets a database-computed default value. + * The new GeneratedField allows creation of database generated columns. + This field can be used on all supported database backends to create + a field that is always computed from other fields. + * More options for declaring field choices + * Few backwards-incompatible changes in the database backend API, + django.contrib.gis and django.contrib.sitemaps + * Dropped support for MySQL < 8.0.11 + * Using create_defaults__exact may now be required with QuerySet.update_or_create() + * Migrating existing UUIDField on MariaDB 10.7+ +- This release also fixes several security issues: + * bsc#1227590 (CVE-2024-38875) + * bsc#1227593 (CVE-2024-39329) + * bsc#1227594 (CVE-2024-39330) + * bsc#1227595 (CVE-2024-39614) +- Drop no-longer-needed patches: + * dirty-hack-remove-assert.patch + * sanitize_address.patch + +------------------------------------------------------------------- +Wed May 8 07:30:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.13 + + Django 4.2.13 fixes a packaging error in 4.2.12. +- Update to 4.2.12 + + Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+. + + Fixed a crash in Django 4.2 when validating email max line lengths + with content decoded using the surrogateescape error handling + scheme +- Drop fix-safemimetext-set_payload.patch, already merged upstream + +------------------------------------------------------------------- +Thu Apr 18 06:39:36 UTC 2024 - Daniel Garcia + +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) + +------------------------------------------------------------------- +Mon Mar 4 14:05:28 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +------------------------------------------------------------------- +Fri Feb 9 10:18:37 UTC 2024 - Daniel Garcia + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. + +------------------------------------------------------------------- +Thu Jan 4 09:27:51 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.9: + * Fixed a regression in Django 4.2.8 where admin fields on the same + line could overflow the page and become non-interactive + +------------------------------------------------------------------- +Mon Dec 4 10:21:00 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.8 + * Fixed a regression in Django 4.2 that caused makemigrations + --check to stop displaying pending migrations + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing other aggregates + or window functions through conditional expressions + * Fixed a regression in Django 4.2 that caused a crash when + annotating a QuerySet with a Window expressions composed of a + partition_by clause mixing field types and aggregation expressions + * Fixed a regression in Django 4.2 where the admin’s change list + page had misaligned pagination links and inputs when using + list_editable + * Fixed a regression in Django 4.2 where checkboxes in the admin + would be centered on narrower screen widths + * Fixed a regression in Django 4.2 that caused a crash of querysets + with aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode + was enabled + * Fixed a regression in Django 4.2 where the admin’s read-only + password widget and some help texts were incorrectly aligned at + tablet widths + * Fixed a regression in Django 4.2 that caused a migration crash on + SQLite when altering unsupported Meta.db_table_comment + +------------------------------------------------------------------- +Mon Nov 27 12:20:48 UTC 2023 - Dirk Müller + +- add dirty-hack-remove-assert.patch from fedora to fix + minor test failure with python 3.12 + +------------------------------------------------------------------- +Wed Nov 1 08:12:59 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.7 + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing expressions + containing subqueries + * Restored, following a regression in Django 4.2, creating + varchar/text_pattern_ops indexes on CharField and TextField with + deterministic collations on PostgreSQL + +------------------------------------------------------------------- +Mon Oct 16 08:33:05 UTC 2023 - Daniel Garcia Moreno + +- Update to 4.2.6 (bsc#1215978, CVE-2023-43665) + * CVE-2023-43665: Denial-of-service possibility in + django.utils.text.Truncator + The input processed by Truncator, when operating in HTML mode, has + been limited to the first five million characters in order to + avoid potential performance and memory issues. + * Fixed a regression in Django 4.2.5 where overriding the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests + caused the main STORAGES to mutate (#34821). + * Fixed a regression in Django 4.2 that caused unnecessary casting + of string based fields (CharField, EmailField, TextField, + CICharField, CIEmailField, and CITextField) used with the __isnull + lookup on PostgreSQL. As a consequence, indexes using an __isnull + expression or condition created before Django 4.2 wouldn’t be used + by the query planner, leading to a performance regression + (#34840). + +------------------------------------------------------------------- +Mon Sep 4 12:10:50 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.5 (CVE-2023-41164) + + Bugfixes + * Fixed a regression in Django 4.2 that caused an incorrect + validation of CheckConstraints on __isnull lookups against + JSONField + * Fixed a bug in Django 4.2 where the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings were not + synced with STORAGES + * Fixed a regression in Django 4.2.2 that caused an unnecessary + selection of a non-nullable ManyToManyField without a natural + key during serialization + * Fixed a regression in Django 4.2 that caused a crash of a + queryset when filtering against deeply nested OuterRef() + annotations + +------------------------------------------------------------------- +Wed Aug 2 07:35:04 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.4 + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing window + functions + * Fixed a regression in Django 4.2 that caused a crash when + grouping by a reference in a subquery + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping by multi-valued annotations to + group against the wrong columns + +------------------------------------------------------------------- +Tue Jul 18 12:50:29 UTC 2023 - Markéta Machová + +- Add upstream sanitize_address.patch + * fixes build with yet another CPython upstream fix (bsc#1210638) + +------------------------------------------------------------------- +Mon Jul 10 09:28:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.3 (bsc#1212742, CVE-2023-36053) + + CVE-2023-36053: Potential regular expression denial of service + vulnerability in EmailValidator/URLValidator + + Bugfixes + * Fixed a regression in Django 4.2 that caused incorrect alignment + of timezone warnings for DateField and TimeField in the admin + * Fixed a regression in Django 4.2 that caused incorrect + highlighting of rows in the admin changelist view when + ModelAdmin.list_editable contained a BooleanField + +------------------------------------------------------------------- +Fri Jun 9 11:41:19 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Tue Jun 6 06:35:28 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.2 + + Bugfixes + * Fixed a regression in Django 4.2 that caused an unnecessary + DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None + lookups for TextField()/BinaryField() on Oracle + * Restored, following a regression in Django 4.2, get_prep_value() + call in JSONField subclasses + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when passing a ManyToManyField or + GenericForeignKey reference. While doing so is a no-op, it was + allowed in older version + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.only() when passing a reverse OneToOneField reference + * Fixed a bug in Django 4.2 where makemigrations --update didn’t + respect the --name option + * Fixed a performance regression in Django 4.2 when compiling + queries without ordering + * Fixed a regression in Django 4.2 where nonexistent stylesheet + was linked on a “Congratulations!” page + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with expressions referencing other + aggregates + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing subqueries + * Fixed a regression in Django 4.2 that caused a crash of + querysets on SQLite when filtering on DecimalField against + values outside of the defined range + * Fixed a regression in Django 4.2 that caused a serialization + crash on a ManyToManyField without a natural key when its + Manager’s base QuerySet used select_related() + +------------------------------------------------------------------- +Thu May 4 07:02:58 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.1 + + CVE-2023-31047: Potential bypass of validation when uploading + multiple files using one form field (bsc#1210866) + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when deferring fields by attribute names + * Fixed a regression in Django 4.2 that caused a crash of + SearchVector function with % characters + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping to group against the wrong + columns + * Reallowed, following a regression in Django 4.2, setting the + "cursor_factory" option in OPTIONS on PostgreSQL + * Enforced UTF-8 client encoding on PostgreSQL, following a + regression in Django 4.2 + * Fixed a regression in Django 4.2 where i18n_patterns() didn’t + respect the prefix_default_language argument when a fallback + language of the default language was used + * Fixed a regression in Django 4.2 where translated URLs of the + default language from i18n_patterns() with + prefix_default_language set to False raised 404 errors for a + request with a different language + * Fixed a regression in Django 4.2 where creating copies and deep + copies of HttpRequest, HttpResponse, and their subclasses didn’t + always work correctly + * Fixed a regression in Django 4.2 where timesince and timeuntil + template filters returned incorrect results for a datetime with + a non-UTC timezone when a time difference is less than 1 day + * Fixed a regression in Django 4.2 that caused a crash of + SearchHeadline function with psycopg 3 + * Fixed a regression in Django 4.2 that caused incorrect + ClearableFileInput margins in the admin + * Fixed a regression in Django 4.2 where breadcrumbs didn’t appear + on admin site app index views + * Made squashing migrations reduce AddIndex, RemoveIndex, + RenameIndex, and CreateModel operations which allows removing a + deprecated Meta.index_together option from historical migrations + and use Meta.indexes instead + +------------------------------------------------------------------- +Thu Apr 6 06:38:13 UTC 2023 - David Anes + +- Update minimal dependency versions. + +------------------------------------------------------------------- +Tue Apr 4 07:19:56 UTC 2023 - David Anes + +- Update to 4.2: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.2/releases/4.2/ + + Psycopg 3 support + + Comments on columns and tables + + Mitigation for the BREACH attack + + In-memory file storage + + Custom file storages + + For backwards incompatible changes in 4.2 see + https://docs.djangoproject.com/en/4.2/releases/4.2/#backwards-incompatible-changes-in-4-2 + +- Update of keyring file + +------------------------------------------------------------------- +Tue Feb 14 09:59:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.7: + + CVE-2023-24580: Potential denial-of-service vulnerability in file + uploads (bsc#1208082) + + Fixed a bug in Django 4.1 that caused a crash of model validation + on ValidationError with no code + +------------------------------------------------------------------- +Wed Feb 1 12:48:49 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.6: + + CVE-2023-23969: Potential denial-of-service via Accept-Language + headers Bugfixes + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint with ordered expressions + +------------------------------------------------------------------- +Mon Jan 2 19:07:30 UTC 2023 - David Anes + +- Update to 4.1.5: + + Fixed a long standing bug in the __len lookup for ArrayField + that caused a crash of model validation on Meta.constraints. +- Update keyring file. + +------------------------------------------------------------------- +Wed Dec 21 09:39:56 UTC 2022 - Daniel Garcia + +- Recommends python-pymemcache instead of the deprecated + python-python-memcached. This is the module used in Django since 3.2 + https://docs.djangoproject.com/en/3.2/releases/3.2/#pymemcache-support + +------------------------------------------------------------------- +Tue Dec 6 13:30:53 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.4 + + Fixed a regression in Django 4.1 that caused an unnecessary table + rebuild when adding a ManyToManyField on SQLite + + Fixed a bug in Django 4.1 that caused a crash of the sitemap index + view with an empty Sitemap.items() and a callable lastmod + + Fixed a bug in Django 4.1 that caused a crash using acreate(), + aget_or_create(), and aupdate_or_create() asynchronous methods of + related managers + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() with "pk" in unique_fields + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() on fields with db_column + +------------------------------------------------------------------- +Wed Nov 2 15:50:11 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.3 + + Fixed a bug in Django 4.1 that caused non-Python files created by + startproject and startapp management commands from custom + templates to be incorrectly formatted using the black command + +------------------------------------------------------------------- +Tue Oct 4 08:22:42 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.2 (bsc#1203793, CVE-2022-41323) + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when adding a model with ExclusionConstraint + + Fixed a regression in Django 4.1 that caused aggregation over a + queryset that contained an Exists annotation to crash due to too + many selected columns + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint on NULL values + + Fixed a regression in Django 4.1 that caused a + QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg() + + Fixed a bug in Django 4.1 that caused + ModelAdmin.autocomplete_fields to be incorrectly selected after + adding/changing related instances via popups + + Fixed a regression in Django 4.1 where the app registry was not + populated when running parallel tests with the multiprocessing + start method spawn + + Fixed a regression in Django 4.1 where the --debug-mode argument + to test did not work when running parallel tests with the + multiprocessing start method spawn + + Fixed a regression in Django 4.1 that didn’t alter a sequence type + when altering type of pre-Django 4.1 serial columns on PostgreSQL + + Fixed a regression in Django 4.1 that caused a crash for View + subclasses with asynchronous handlers when handling non-allowed + HTTP methods + + Reverted caching related managers for ForeignKey, ManyToManyField, + and GenericRelation that caused the incorrect refreshing of + related objects + + Relaxed the system check added in Django 4.1 for the same name + used for multiple template tag modules to a warning + +------------------------------------------------------------------- +Mon Sep 5 11:14:19 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.1 + + Reallowed, following a regression in Django 4.1, using GeoIP2() + when GEOS is not installed + + Fixed a regression in Django 4.1 that caused a crash of admin’s + autocomplete widgets when translations are deactivated + + Fixed a regression in Django 4.1 that caused a crash of the test + management command when running in parallel and multiprocessing + start method is spawn + + Fixed a regression in Django 4.1 that caused an incorrect + redirection to the admin changelist view when using "Save and + continue editing" and "Save and add another" options + + Fixed a regression in Django 4.1 that caused a crash of Window + expressions with ArrayAgg + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite 3.35.5+ when removing an indexed field + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint() with field names in expressions + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint() with range fields on PostgreSQL + + Fixed a regression in Django 4.1 that caused an incorrect + migration when adding AutoField, BigAutoField, or SmallAutoField + on PostgreSQL + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when altering AutoField, BigAutoField, or + SmallAutoField to OneToOneField + + Fixed a migration crash on ManyToManyField fields with through + referencing models in different apps + + Fixed a regression in Django 4.1 that caused an incorrect + migration when renaming a model with ManyToManyField and db_table + + Reallowed, following a regression in Django 4.1, creating reverse + foreign key managers on unsaved instances + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite < 3.20 + + Fixed a regression in Django 4.1 that caused an admin crash when + the admindocs app was used +- Remove 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch + (already upstream) +- Verify the tarball with gpg + +------------------------------------------------------------------- +Wed Aug 3 13:20:52 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.1/releases/4.1/ + + Django 4.1 supports Python 3.8, 3.9, and 3.10 + + Asynchronous handlers for class-based views + + Asynchronous ORM interface + + Validation of Constraints + + Form rendering accessibility + + CSRF_COOKIE_MASKED setting +- Drop fix_test_custom_fields_SQLite.patch (already merged) +- Add 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch to fix + test + +------------------------------------------------------------------- +Wed Aug 3 11:48:48 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.7 (CVE-2022-36359, bsc#1201923): + + Django 4.0.7 fixes a security issue with severity “high” in 4.0.6. + +------------------------------------------------------------------- +Tue Jul 5 08:04:12 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.6 + + CVE-2022-34265: Potential SQL injection via Trunc(kind) and + Extract(lookup_name) arguments + +------------------------------------------------------------------- +Thu Jun 2 07:34:17 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.5 + + Fixed a bug in Django 4.0 where not all OPTIONS were passed to a + Redis client + + Fixed a bug in Django 4.0 that caused a crash of QuerySet.filter() + on IsNull() expressions + + Fixed a bug in Django 4.0 where a hidden quick filter toolbar in + the admin’s navigation sidebar was focusable + +------------------------------------------------------------------- +Mon Apr 11 14:21:09 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.4 + + CVE-2022-28346: Potential SQL injection in "QuerySet.annotate()", + "aggregate()", and "extra()" + + CVE-2022-28347: Potential SQL injection via + "QuerySet.explain(**options)" on PostgreSQL + +------------------------------------------------------------------- +Tue Mar 1 10:49:51 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.3 + + Prevented, following a regression in Django 4.0.1, makemigrations + from generating infinite migrations for a model with + ManyToManyField to a lowercased swappable model such as + 'auth.user' + + Fixed a regression in Django 4.0 that caused a crash when + rendering invalid inlines with readonly_fields in the admin + +------------------------------------------------------------------- +Tue Feb 1 10:15:38 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.2 (CVE-2022-22818, bsc#1195086) (CVE-2022-23833, bsc#1195088) + + CVE-2022-22818: Possible XSS via {% debug %} template tag + + CVE-2022-23833: Denial-of-service possibility in file uploads + + Fixed a bug in Django 4.0 where + TestCase.captureOnCommitCallbacks() could execute callbacks + multiple times + + Fixed a regression in Django 4.0 where help_text was HTML-escaped + in automatically-generated forms + + Fixed a regression in Django 4.0 that caused displaying an + incorrect name for class-based views on the technical 404 debug + page + + Fixed a regression in Django 4.0 that caused an incorrect repr of + ResolverMatch for class-based views + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations on models without Meta.order_with_respect_to but + with a field named _order + + Fixed a regression in Django 4.0 that caused incorrect + ModelAdmin.radio_fields layout in the admin + + Fixed a duplicate operation regression in Django 4.0 that caused a + migration crash when altering a primary key type for a concrete + parent model referenced by a foreign key + + Fixed a bug in Django 4.0 that caused a crash of + QuerySet.aggregate() after annotate() on an aggregate function + with a default + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations when renaming a field of a renamed model + +------------------------------------------------------------------- +Wed Jan 12 14:16:23 UTC 2022 - Matej Cepl + +- Add fix_test_custom_fields_SQLite.patch fixing issues with + modern SQLite (gh#django/django#15168). + +------------------------------------------------------------------- +Mon Jan 10 09:27:36 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.1 (CVE-2021-45115, CVE-2021-45452, bsc#1194117) + + CVE-2021-45115: Denial-of-service possibility in + UserAttributeSimilarityValidator + + CVE-2021-45452: Potential directory-traversal via Storage.save() + + Fixed a regression in Django 4.0 that caused a crash of + assertFormsetError() on a formset named form + + Fixed a bug in Django 4.0 that caused a crash on booleans with the + RedisCache backend + + Relaxed the check added in Django 4.0 to reallow use of a + duck-typed HttpRequest in + django.views.decorators.cache.cache_control() and never_cache() + decorators + + Fixed a regression in Django 4.0 that caused creating bogus + migrations for models that reference swappable models such as + auth.User + + Fixed a long standing bug in Geometry Collections and Polygon that + caused a crash on some platforms (reported on macOS based on the + ARM64 architecture) + +------------------------------------------------------------------- +Mon Dec 27 12:11:09 UTC 2021 - Ben Greiner + +- Fix u-a scriptlet dependency. +- Remove python36 conditional on numpy dep. + +------------------------------------------------------------------- +Fri Dec 24 02:26:37 UTC 2021 - John Vandenberg + +- Avoid dependency on backports.zoneinfo except on Python 3.8 + +------------------------------------------------------------------- +Mon Dec 20 10:37:10 UTC 2021 - Matej Cepl + +- Clean up PYTHONPATH to make test_extra_tests_build_suite pass. + +------------------------------------------------------------------- +Tue Dec 7 14:09:24 UTC 2021 - Alberto Planas Dominguez + +- Update to 4.0 + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.0/releases/4.0/. + - Django 4.0 supports Python 3.8, 3.9, and 3.10. We highly + recommend and only officially support the latest release of + each series. + The Django 3.2.x series is the last to support Python 3.6 and + 3.7. + - The Python standard library’s zoneinfo is now the default + timezone implementation in Django. This is the next step in + the migration from using pytz to using zoneinfo. Django 3.2 + allowed the use of non-pytz time zones. Django 4.0 makes + zoneinfo the default implementation. Support for pytz is now + deprecated and will be removed in Django 5.0. + - The new *expressions positional argument of + UniqueConstraint() enables creating functional unique + constraints on expressions and database functions. + - The new scrypt password hasher is more secure and recommended + over PBKDF2. However, it’s not the default as it requires + OpenSSL 1.1+ and more memory. + - Redis cache backend + - Template based form rendering. Forms, Formsets, and ErrorList + are now rendered using the template engine to enhance + customization. + +------------------------------------------------------------------- +Tue Nov 2 12:45:45 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.9 + + Fixed a bug in Django 3.2 that caused a migration crash on SQLite + when altering a field with a functional index + +------------------------------------------------------------------- +Tue Oct 5 14:25:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.8 + + Fixed a bug in Django 3.2 that caused incorrect links on read-only + fields in the admin + + Fixed a regression in Django 3.2 that caused incorrect selection + of items across all pages when actions were placed both on the top + and bottom of the admin change-list view +- Drop failing_test_subparser_invalid_option.patch, as is already in + the upstream code. + +------------------------------------------------------------------- +Thu Sep 9 15:21:45 UTC 2021 - Matej Cepl + +- Add failing_test_subparser_invalid_option.patch fixing + https://code.djangoproject.com/ticket/33082 + +------------------------------------------------------------------- +Wed Sep 1 10:13:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.7 + + Fixed a regression in Django 3.2 that caused the incorrect offset + extraction from fixed offset timezones + +------------------------------------------------------------------- +Mon Aug 16 08:27:28 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.6 + + Fixed a regression in Django 3.2 that caused a crash validating + "NaN" input with a forms.DecimalField when additional constraints, + e.g. max_value, were specified + + Fixed a bug in Django 3.2 where a system check would crash on a + model with a reverse many-to-many relation inherited from a parent + class + +------------------------------------------------------------------- +Thu Jul 1 07:50:35 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.5 (CVE-2021-35042, bsc#1187785) + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values_list(..., named=True) after prefetch_related() + + Fixed a bug in Django 3.2 that caused a migration crash on MySQL + 8.0.13+ when altering BinaryField, JSONField, or TextField to + non-nullable + + Fixed a regression in Django 3.2 that caused a migration crash on + MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or + TextField with a default value + + Fixed a bug in Django 3.2 where a system check would crash on a + model with an invalid app_label + +------------------------------------------------------------------- +Wed Jun 2 10:45:01 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571) + + CVE-2021-33203: Potential directory traversal via admindocs + + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks + since validators accepted leading zeros in IPv4 addresses + + Fixed a bug in Django 3.2 where a final catch-all view in the + admin didn’t respect the server-provided value of SCRIPT_NAME when + redirecting unauthenticated users to the login page + + Fixed a bug in Django 3.2 where a system check would crash on an + abstract model + + Prevented unnecessary initialization of unused caches following a + regression in Django 3.2 + + Fixed a crash in Django 3.2 that could occur when running mod_wsgi + with the recommended settings while the Windows colorama library + was installed + + Fixed a bug in Django 3.2 that would trigger the auto-reloader for + template changes when directory paths were specified with strings + + Fixed a regression in Django 3.2 that caused a crash of + auto-reloader with AttributeError, e.g. inside a Conda environment + + Fixed a regression in Django 3.2 that caused a loss of precision + for operations with DecimalField on MySQL + +------------------------------------------------------------------- +Mon May 17 07:37:47 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.3 + + Prepared for mysqlclient > 2.0.3 support + + Fixed a regression in Django 3.2 that caused the incorrect + filtering of querysets combined with the | operator + + Fixed a regression in Django 3.2.1 where saving FileField would + raise a SuspiciousFileOperation even when a custom upload_to + returns a valid file path + +------------------------------------------------------------------- +Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.2 (CVE-2021-32052) + + CVE-2021-32052: Header injection possibility since URLValidator + accepted newlines in input on Python 3.9.5+ + + Prevented, following a regression in Django 3.2.1, makemigrations + from generating infinite migrations for a model with Meta.ordering + contained OrderBy expressions + +------------------------------------------------------------------- +Wed May 5 17:25:18 UTC 2021 - Ben Greiner + +- Keep rpm runtime requirements in sync. Downstream packages often + read the egg-info and fail if they are not fulfilled. + +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + +------------------------------------------------------------------- +Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Automatic ~django.apps.AppConfig discovery + + Customizing type of auto-created primary keys + + Functional indexes + + pymemcache support + + New decorators for the admin site + + For a complete description of new features check: + https://github.com/django/django/blob/main/docs/releases/3.2.txt +- Update PYTHOPATH to include the local tests +- Drop i18n_test.patch, i18n_test_extraction.patch, + test_clear_site_cache-sort.patch + +------------------------------------------------------------------- +Sat Feb 13 22:41:42 UTC 2021 - Ben Greiner + +- Don't install python36-numpy for testing. It is no longer + available. (The tests or portions of tests requiring numpy + are skipped automatically in this case.) +- Let the singlespec macro do its job to set the primary provider + for python3-django and python3-South on the primary flavor only. +- Fix mtime of cache file by recompiling. + +------------------------------------------------------------------- +Wed Dec 9 12:16:46 UTC 2020 - Ondřej Súkup + +- Update to 3.1.4 + * Fixed setting the Content-Length HTTP header in AsyncRequestFactory + * Fixed passing extra HTTP headers to AsyncRequestFactory request methods + * Fixed crash of key transforms for JSONField on PostgreSQL when usingi + on a Subquery() annotation + * Fixed a regression in Django 3.1 that caused the incorrect grouping + by a Q object annotation + * Fixed a regression in Django 3.1 that caused suppressing connection errors + when JSONField is used on SQLite + * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained + key transforms for JSONField returning non-string primitive values + +------------------------------------------------------------------- +Mon Nov 2 15:03:13 UTC 2020 - Ondřej Súkup + +- Update to 3.1.3 + * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin + changelist search bar + * Fixed a regression in Django 3.1.2 that caused the incorrect width of the + admin changelist search bar on a filtered page + * Fixed displaying Unicode characters in forms.JSONField and read-only + models.JSONField values in the admin + * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg + with ordering on key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using + key transforms for JSONField in the lookup value + * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with + key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL + when adding an ExclusionConstraint with key transforms for JSONField in expressions + * Fixed a regression in Django 3.1 where ProtectedError.protected_objects + and RestrictedError.restricted_objects attributes returned iterators instead + of set of objects + * Fixed a regression in Django 3.1.2 that caused incorrect form input layout + on small screens in the admin change form view + * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens + * Added support for asgiref 3.3 + * Fixed a regression in Django 3.1 that caused incorrect textarea layout + on medium-sized screens in the admin change form view with the sidebar open + * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases + in the GROUP BY clause + * Fixed a bug in Django 3.1 where FileField instances with a callable storage were + not correctly deconstructed + * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned + incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with + Meta.ordering. A model’s Meta.ordering doesn’t affect such queries + * Fixed a regression in Django 3.1 where a queryset would crash if it contained + an aggregation and a Q object annotation + * Fixed a bug in Django 3.1 where a test database was not synced during creation + when using the MIGRATE test database setting + * Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a GenericRelation + * Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar + would not scroll for a long list of available filters + +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + +------------------------------------------------------------------- +Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg + +- Require asgiref >= 3.2.10 per upstream + +------------------------------------------------------------------- +Tue Aug 11 07:48:29 UTC 2020 - Alberto Planas Dominguez + +- Update to 3.1 + * Asynchronous views and middleware support + * JSONField for all supported database backends + * DEFAULT_HASHING_ALGORITHM settings¶ + * Read https://docs.djangoproject.com/en/3.1/releases/3.1/ +- Drop fix-selenium-test.patch. Already upstream. +- Add i18n_test_extraction.patch to support xgettext 0.21 + +------------------------------------------------------------------- +Thu Aug 6 11:36:36 UTC 2020 - Ondřej Súkup + +- update to 3.0.9 + * Allowed setting the SameSite cookie flag in HttpResponse.delete_cookie() + * Fixed crash when sending emails to addresses with display names longer than + 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+ + +------------------------------------------------------------------- +Wed Jul 8 11:52:27 UTC 2020 - Ondřej Súkup + +- update to 3.0.8 + * Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings + raised by cache key validation + * Fixed a regression in Django 3.0.7 that caused a queryset crash + when grouping by a many-to-one relationship + * Reallowed, following a regression in Django 3.0, non-expressions having + a filterable attribute to be used as the right-hand side in queryset filters + * Fixed a regression in Django 3.0.2 that caused a migration crash + on PostgreSQL when adding a foreign key to a model with a namespaced db_table + * Added compatibility for cx_Oracle 8 + +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + +------------------------------------------------------------------- +Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal + +- Add patch to fix the 32bit build: + * 32bit.patch + +------------------------------------------------------------------- +Thu Apr 23 16:58:12 UTC 2020 - Marcus Rueckert + +- Update to 3.0.5 + https://docs.djangoproject.com/en/3.0/releases/3.0.5/ + https://docs.djangoproject.com/en/3.0/releases/3.0.4/ + https://docs.djangoproject.com/en/3.0/releases/3.0.3/ + https://docs.djangoproject.com/en/3.0/releases/3.0.2/ + https://docs.djangoproject.com/en/3.0/releases/3.0.1/ + https://docs.djangoproject.com/en/3.0/releases/3.0/ +- new dependency: python-asgiref + +------------------------------------------------------------------- +Fri Apr 3 06:55:41 UTC 2020 - Tomáš Chvátal + +- Update to 2.2.12: + * Added the ability to handle .po files containing different plural + equations for the same language (#30439). + +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + +------------------------------------------------------------------- +Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup + +- update to 2.2.10 +- drop pyyaml53.patch + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` + +------------------------------------------------------------------- +Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup + +- add pyyaml53.patch - fix tests with PyYAML 5.3 + +------------------------------------------------------------------- +Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup + +- Update to 2.2.9 + * CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447) + * Fixed a data loss possibility in SplitArrayField. + +------------------------------------------------------------------- +Mon Dec 2 09:45:57 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.8 + * CVE-2019-19118: Privilege escalation in the Django admin (boo#1157705) + * Fixed a data loss possibility in the admin changelist view when a + custom formset’s prefix contains regular expression special + characters, e.g. '$' + * Fixed a regression in Django 2.2.1 that caused a crash when + migrating permissions for proxy models with a multiple database + setup if the default entry was empty + * Fixed a data loss possibility in the select_for_update(). When + using 'self' in the of argument with multi-table inheritance, a + parent model was locked instead of the queryset’s model +- Add patch fix-selenium-test.patch to fix a test when selenium is + missing + +------------------------------------------------------------------- +Fri Nov 15 10:53:24 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.7: + * Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform (#30826). + * Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan (#30870). + * Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses (#30903). + * Restored the ability to override get_FOO_display() (#30931). + +------------------------------------------------------------------- +Fri Nov 15 07:49:06 UTC 2019 - Tomáš Chvátal + +- Require full python interpreter on build and runtime + +------------------------------------------------------------------- +Mon Oct 7 13:15:57 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.6: + * Fixed migrations crash on SQLite when altering a model + containing partial indexes (#30754). + * Fixed a regression in Django 2.2.4 that caused a crash when + filtering with a Subquery() annotation of a queryset containing + JSONField or HStoreField (#30769). + +------------------------------------------------------------------- +Mon Sep 16 10:13:08 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.5: + * Relaxed the system check added in Django 2.2 for models to reallow use of the same db_table by multiple models when database routers are installed (#30673). + * Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672). + * Fixed a regression in Django 2.2 where ModelAdmin.list_filter choices to foreign objects don’t respect a model’s Meta.ordering (#30449). + * Fixed a race condition in loading URLconf module that could cause a crash of auto-reloader on Python 3.5 and below (#30500). + +------------------------------------------------------------------- +Thu Aug 1 11:13:37 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.4: + * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 + bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880 + * Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628). + * Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647). + +------------------------------------------------------------------- +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- +Mon Jun 3 11:01:44 UTC 2019 - Ondřej Súkup + +- update to 2.2.2 + * Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468) + * Fixes CVE-2019-11358: Prototype pollution + +------------------------------------------------------------------- +Tue May 7 07:13:09 UTC 2019 - Tomáš Chvátal + +- Update keyring file + +------------------------------------------------------------------- +Mon May 6 14:11:22 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.1 + * Fixed a regression in Django 2.1 that caused the incorrect quoting + of database user password when using dbshell on Oracle (#30307). + * Added compatibility for psycopg2 2.8 (#30331). + * Fixed a regression in Django 2.2 that caused a crash when loading + the template for the technical 500 debug page (#30324). + * Fixed crash of ordering argument in ArrayAgg and StringAgg when it + contains an expression with params (#30332). + * Fixed a regression in Django 2.2 that caused a single instance + fast-delete to not set the primary key to None (#30330). + * Prevented makemigrations from generating infinite migrations for + check constraints and partial indexes when condition contains a + range object (#30350). Reverted an optimization in Django 2.2 + (#29725) that caused the inconsistent behavior of count() and + exists() on a reverse many-to-many relationship with a custom + manager (#30325). + * Fixed a regression in Django 2.2 where Paginator crashes if + object_list is a queryset ordered or aggregated over a nested + JSONField key transform (#30335). + * Fixed a regression in Django 2.2 where IntegerField validation of + database limits crashes if limit_value attribute in a custom + validator is callable (#30328). + * Fixed a regression in Django 2.2 where SearchVector generates SQL + that is not indexable (#30385). + * Fixed a regression in Django 2.2 that caused an exception to be + raised when a custom error handler could not be imported (#30318). + * Relaxed the system check added in Django 2.2 for the admin app’s + dependencies to reallow use of SessionMiddleware subclasses, + rather than requiring django.contrib.sessions to be in + INSTALLED_APPS (#30312). + * Increased the default timeout when using Watchman to 5 seconds to + prevent falling back to StatReloader on larger projects and made + it customizable via the DJANGO_WATCHMAN_TIMEOUT environment + variable (#30361). + * Fixed a regression in Django 2.2 that caused a crash when + migrating permissions for proxy models if the target permissions + already existed. For example, when a permission had been created + manually or a model had been migrated from concrete to proxy + (#30351). + * Fixed a regression in Django 2.2 that caused a crash of runserver + when URLConf modules raised exceptions (#30323). + * Fixed a regression in Django 2.2 where changes were not reliably + detected by auto-reloader when using StatReloader (#30323). + * Fixed a migration crash on Oracle and PostgreSQL when adding a + check constraint with a contains, startswith, or endswith lookup + (or their case-insensitive variant) (#30408). + * Fixed a migration crash on Oracle and SQLite when adding a check + constraint with condition contains | (OR) operator (#30412). + +------------------------------------------------------------------- +Wed Apr 10 07:55:46 UTC 2019 - John Vandenberg + +- Add test_clear_site_cache-sort.patch to workaround flaky test +- Add bcond_with for selenium and memcached, as those tests are inactive, + and add missing dependencies and setup for selenium testing +- Move removal of executable bit from a JavaScript file to %prep +- Fix fdupes + +------------------------------------------------------------------- +Wed Apr 3 11:21:56 UTC 2019 - Ondřej Súkup + +- update to 2.2 +- drop pyyaml5.patch +- add i18n_test.patch + * HttpRequest.headers to allow simple access to a request’s headers. + * Database-level constraints on models. + * Watchman compatibility for runserver to improve the performance + +------------------------------------------------------------------- +Sat Mar 23 16:31:46 UTC 2019 - Tomáš Chvátal + +- Add patch to build with PyYAML >5: + * pyyaml5.patch + +------------------------------------------------------------------- +Tue Feb 12 09:24:53 UTC 2019 - Thomas Bechtold + +- update to 2.1.7 (CVE-2019-6975, bsc#1124991): + * Corrected packaging error from 2.1.6 + * Memory exhaustion in django.utils.numberformat.format() + If django.utils.numberformat.format() – used by contrib.admin as well + as the the floatformat, filesizeformat, and intcomma templates + filters – received a Decimal with a large number of digits or a + large exponent, it could lead to significant memory usage + due to a call to '{:f}'.format(). + To avoid this, decimals with more than 200 digits are now formatted + using scientific notation. + * Made the obj argument of InlineModelAdmin.has_add_permission() optional + to restore backwards compatibility with third-party code that doesn’t + provide it + +------------------------------------------------------------------- +Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold + +- update to 2.1.5 (CVE-2019-3498, bsc#1120932): + * CVE-2019-3498: Content spoofing possibility in the default 404 page + * Fixed compatibility with mysqlclient 1.3.14 (#30013). + * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop + and rebuild your SQLite database if you applied a migration while using + an older version of Django with SQLite 3.26 or later (#29182). + * Prevented SQLite schema alterations while foreign key checks are enabled + to avoid the possibility of schema corruption (#30023). + * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) + where request body data isn’t properly consumed for such + connections (#30015). + * Fixed a regression in Django 2.1.4 where + InlineModelAdmin.has_change_permission() is incorrectly called with + a non-None obj argument during an object add (#30050). + +------------------------------------------------------------------- +Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup + +- Update to version 2.1.4 + * Corrected the default password list that CommonPasswordValidator uses + by lowercasing all passwords to match the format expected by the validator + * Prevented repetitive calls to geos_version_tuple() in the WKBWriter class in + an attempt to fix a random crash involving LooseVersion + * Fixed keep-alive support in runserver after it was disabled o 2.0 + * Fixed admin view-only change form crash when using ModelAdmin.prepopulated_fields + * Fixed “Please correct the errors below” error message when editing an object + in the admin if the user only has the “view” permission on inlines + * Fixed a regression in Django 2.0 where combining Q objects with __in lookups + and lists crashed + * Fixed a regression in Django 2.0 where test databases aren’t reused + with manage.py test --keepdb on MySQL + * Fixed a regression where cached foreign keys that use to_field were + incorrectly cleared in Model.save() + * Fixed a regression in Django 2.0 where FileSystemStorage crashes + with FileExistsError if concurrent saves try to create the same directory + +------------------------------------------------------------------- +Thu Oct 4 13:13:00 UTC 2018 - Alberto Planas Dominguez + +- Update to version 2.1.2 + * CVE-2018-16984: Password hash disclosure to “view only” admin + users + * Fixed a regression where nonexistent joins in F() no longer raised + FieldError (#29727). + * Fixed a regression where files starting with a tilde or underscore + weren’t ignored by the migrations loader (#29749). + * Made migrations detect changes to Meta.default_related_name + (#29755). + * Added compatibility for cx_Oracle 7 (#29759). + * Fixed a regression in Django 2.0 where unique index names weren’t + quoted (#29778). + * Fixed a regression where sliced queries with multiple columns with + the same name crashed on Oracle 12.1 (#29630). + * Fixed a crash when a user with the view (but not change) + permission made a POST request to an admin user change form + (#29809). + +------------------------------------------------------------------- +Tue Sep 18 13:17:15 CEST 2018 - Matěj Cepl + +- Switch of BR selenium for non-Intel platforms. + +------------------------------------------------------------------- +Tue Sep 4 12:24:15 UTC 2018 - Ondřej Súkup + +- update to version 2.1.1 +- drop django-urlencode.patch + * Fixed a race condition in QuerySet.update_or_create() that could result + in data loss + * Fixed a regression where QueryDict.urlencode() crashed if the dictionary + contains a non-string value + * Fixed a regression in Django 2.0 where using manage.py test --keepdb fails + on PostgreSQL if the database exists and the user doesn’t have permission + to create databases + * Fixed a regression in Django 2.0 where combining Q objects with __in + lookups and lists crashed + * Fixed translation failure of DurationField’s “overflow” error message + * Fixed a regression where the admin change form crashed if the user doesn’t + have the ‘add’ permission to a model that uses TabularInline + * Fixed a regression where a related_query_name reverse accessor wasn’t + set up when a GenericRelation is declared on an abstract base model + * Fixed the test client’s JSON serialization of a request data dictionary + for structured content type suffixes + * Made the admin change view redirect to the changelist view after a POST + if the user has the ‘view’ permission + * Fixed admin change view crash for view-only users if the form + has an extra form field + * Fixed a regression in Django 2.0.5 where QuerySet.values() or values_list() + after combining querysets with extra() with union(), difference(), + or intersection() crashed due to mismatching columns + +------------------------------------------------------------------- +Tue Aug 14 07:46:04 UTC 2018 - tchvatal@suse.com + +- Apply patch to fix urlencode nonstring values: + * django-urlencode.patch + +------------------------------------------------------------------- +Wed Aug 8 13:33:57 UTC 2018 - tchvatal@suse.com + +- Enable testsuite + +------------------------------------------------------------------- +Wed Aug 8 09:35:51 UTC 2018 - mimi.vx@gmail.com + +- update to version 2.1 +- move bash completion to right location +- for full chanfges please see https://docs.djangoproject.com/en/2.1/releases/2.1/ + * Dropped support for MySQL 5.5 + * Dropped support for PostgreSQL 9.3 + * Support for SpatiaLite 4.0 is removed + * Support for SQLite < 3.7.15 is removed. + +------------------------------------------------------------------- +Mon Jul 2 13:15:55 UTC 2018 - aplanas@suse.com + +- update to version 2.0.7: + * Fixed admin changelist crash when using a query expression without + asc() or desc() in the page’s ordering (#29428). + * Fixed admin check crash when using a query expression in + ModelAdmin.ordering (#29428). + * Fixed __regex and __iregex lookups with MySQL 8 (#29451). + * Fixed migrations crash with namespace packages on Python 3.7 + (#28814). +- update to version 2.0.6 + * Fixed a regression that broke custom template filters that use + decorators (#29400). + * Fixed detection of custom URL converters in included patterns + (#29415). + * Fixed a regression that added an unnecessary subquery to the GROUP + BY clause on MySQL when using a RawSQL annotation (#29416). + * Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS + 3.6.1+ (#29460). + * Fixed a regression in Django 1.10 that could result in large + memory usage when making edits using ModelAdmin.list_editable + (#28462). +- update to version 2.0.5 + * Corrected the import paths that inspectdb generates for + django.contrib.postgres fields (#29307). + * Fixed a regression in Django 1.11.8 where altering a field with a + unique constraint may drop and rebuild more foreign keys than + necessary (#29193). + * Fixed crashes in django.contrib.admindocs when a view is a + callable object, such as django.contrib.syndication.views.Feed + (#29296). + * Fixed a regression in Django 1.11.12 where QuerySet.values() or + values_list() after combining an annotated and unannotated + queryset with union(), difference(), or intersection() crashed due + to mismatching columns (#29286). + +------------------------------------------------------------------- +Sat Apr 7 19:21:18 UTC 2018 - tbechtold@suse.com + +- update to version 2.0.4: + * Fixed #29265 -- Removed the suggestion to hardcode static URLs. + * Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. + * Fixed #29195 -- Fixed Exists.output_field resolution on single-valued queries. + * Fixed links to Sphinx docs. + * Fixed typo in docs/releases/2.0.4.txt. + * Clarified docs about ISO 8601 week numbering. + * Fixed #29116 -- Fixed OpenLayersWidget deserialization ignoring the widget map's SRID. + * Added CVE-2018-7536,7 to the security release archive. + * Fixed #29221 -- Corrected admin's autocomplete widget to add a space after custom classes. + * Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets. + * Added a pagination example to ListView docs. + * Fixed #28514 -- Clarifed docs about idempotence of RelatedManager.add(). + * isorted import statements in tutorial example. + * Fixed #29192 -- Corrected docs regarding overriding fields from abstract base classes. + * Refs #11278 -- Clarified RelatedManager differences between reverse one-to-many and many-to-many relations. + * Added stub release notes for 1.11.12. + * Fixed #29165 -- Clarified how to load initial data with migrations. + * Fixed #29213 -- Fixed autocomplete widget's translations for zh-hans/zh-hant. + * Reverted "Expanded docs for AbstractBaseUser.has_usable_password()." + * Fixed typo in docs/releases/2.0.4/1.11.12.txt. + * Bumped version for 2.0.4 release. + * Fixed #29250 -- Added 'django_version' context to startapp/project docs. + * Added release date for 2.0.4 and 1.11.12. + * Post-release version bump. + * Clarified a sentence in docs/topics/i18n/translation.txt. + * Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection(). + * Added stub release notes for 2.0.4. + * Fixed a couple mistakes in docs/ref/forms/widgets.txt. + * Fixed #28655 -- Added more examples for customizing widgets in a form. + +------------------------------------------------------------------- +Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com + +- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537): + * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets. + * Added CVE-2018-6188 to the security release archive. + * Post-release version bump. + * Updated translations from Transifex + * Added stub release notes for security releases. + * Fixed incorrect regex in re_path() example. + * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. + * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. + * Used a CSS positioning in tutorial 6 that doesn't differ across browsers. + * Fixed typo in bulk_create() documentation. + * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. + * Removed blank lines per isort 4.3.0. + * Added stub release notes for 2.0.3. + * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. + * Fixed #29172 -- Fixed crash with Window expression in a subquery. + * Fixed #29166 -- Fixed crash in When() expression with a list argument. + * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. + * Improved clarity of docs/topics/install.txt. + * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value. + * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. + * Bumped version for 2.0.3 release. + * Corrected doc'd type of some parameters from string to str. + * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. + * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. + * Switched test requirement to new psycopg2-binary package. + * Added backticks around obj argument in admin docs. + * Fixed typo in docs/topics/forms/media.txt. + * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. + * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). + +------------------------------------------------------------------- +Wed Feb 7 13:54:36 UTC 2018 - tbechtold@suse.com + +- update to 2.0.2 (bsc#1077714, CVE-2018-6188): + * Fixed #28883 -- Doc'd that the uuid URL path converter matches lowercase only letters. + * Fixed a GeoIP2 test failure with the latest GeoIP2 database. + * Added stub release notes for 2.0.1. + * Bumped version for 2.0.2 release. + * Fixed location of spatialite_source label. + * Fixed #28958 -- Fixed admin changelist crash when using a query expression in the page's ordering. + * Fixed #28231 -- Doc'd that QuerySet.bulk_create() casts objs to a list. + * Fixed #29032 -- Fixed an example of using expressions in QuerySet.values(). + * Disambiguated "settings" in SpatiaLite note. + * Fixed typo in docs/topics/testing/advanced.txt. + * Post-release version bump. + * Refs #25604 -- Removed docs for makemigrations --exit. + * Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled. + * Fixed typo in TemplateCommand argument help text. + * Added stub release notes for 1.11.9. + * Fixed #28915 -- Prevented SQLite from truncating trailing zeros in the fractional part of DecimalField. + * Refs #29086 -- Doc'd how to detect bytestring mistakes. + * Fixed #28886 -- Updated prefix for example django.contrib.auth.urls URLs. + * Fixed #29081 -- Clarified comments in QuerySet.select_related() example. + * Refs #27985 -- Reallowed using __exact=None as an alias for __isnull=True if a custom lookup class with lookup_name != None is registered as the exact lookup. + * Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table. + * Removed 'development' word in contributing docs + * Fixed #29055 -- Doc'd that escapejs doesn't make template literals safe. + * Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion. + * Fixed grammar in docs/releases/2.0.txt. + * Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does. + * Fixed #28944 -- Fixed crash when chaining values()/values_list() after QuerySet.select_for_update(of=()). + * Fixed #29091 -- Fixed makemigrations crash if migrations directory doesn't have __init__.py. + * Fixed #28898 -- Corrected admin check to allow a OneToOneField in ModelAdmin.autocomplete_fields. + * Fixed #28896 -- Reallowed filtering a queryset with GeometryField=None. + * Fixed #28891 -- Documented Origin's loader attribute. + * Confirmed support for PostGIS 2.4. + * Wrapped an import per isort. + * Added release date for 2.0.1 and 1.11.9. + * Fixed #28884 -- Fixed crash on SQLite when renaming a field in a model referenced by a ManyToManyField. + * Fixed "template tag" spelling in docs. + * Fixed #28947 -- Fixed crash when coercing a translatable URL pattern to str. + * Fixed typo in docs/topics/i18n/translation.txt. + * Refs #28932 -- Skipped the failing test for refs #28915 on Oracle. + * Refs #25181 -- Updated timezone.now() docs about obtaining the time in the current time zone. + * Updated documented mysqlclient requirement to 1.3.7. + * Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages. + * Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. + * Fixed #29067 -- Fixed regression in QuerySet.values_list(..., flat=True) followed by annotate(). + * Removed note in tutorial about bypassing manage.py. + * Fixed #28929 -- Corrected QUnit examples. + * Refs #28958 -- Added a test for ModelAdmin with query expressions in ordering. + * Updated various links in docs to use HTTPS. + * Expanded docs for AbstractBaseUser.has_usable_password(). + * Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073. + * Doc'd specifying the ENGINE setting as part of configuring contrib.gis. + * Added stub release notes for 1.11.10. + * Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase. + * Fixed #28784 -- Clarified how migrate --fake works. + * Fixed typo in docs/ref/models/expressions.txt. + * Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields. + * Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table. + * Bumped version for 2.0.1 release. + * Fixed #25277 -- Restored test dependency to the original python-memcached. + * Fixed #28761 -- Documented how an inline formset's prefix works. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Fixed #28966 -- Doc'd that the uuid URL path converter requires dashes + * Fixed #29054 -- Fixed a regression where a queryset that annotates with geometry objects crashes. + * Reverted "[1.11.x] Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI." + * Added "Python 3 Only" trove classifier. + * Fixed #28941 -- Fixed crash in testserver command startup. + * Fixed import in docs/ref/models/conditional-expressions.txt example. + * Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. + * Fixed #28594 -- Removed Jython docs and specific code + * Renamed the "Supported versions" label. + * Fixed #28878 -- Added python_requires in setup.py and a warning for older pips that don't recognize it. + * Fixed typo in docs/ref/contrib/admin/index.txt. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Added stub release notes for 2.0.2. + * Fixed #28938 -- Corrected Python compatibility in the tutorial. + * Fixed #28890 -- Removed newlines between MultiWidget's subwidgets. + +------------------------------------------------------------------- +Tue Dec 12 21:12:18 UTC 2017 - mimi.vx@gmail.com + +- update to 2.0 + * drop python 2 support + * Simplified URL routing syntax + * Mobile-friendly contrib.admin + * Window expressions + * Removed support for bytestrings in some places + * Dropped support for Oracle 11.2 +- Please read Release Notes - https://docs.djangoproject.com/en/2.0/releases/2.0/ + +------------------------------------------------------------------- +Tue Dec 12 05:16:57 UTC 2017 - tbechtold@suse.com + +- update to 1.11.8: + * Fixed #28488 -- Reallowed error handlers to access CSRF tokens. + * Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey + pointing to a MTI model. + * Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary + key in an Index's fields. + * Added stub release notes for 1.11.7. + * Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint" + crash on MySQL with a sequence of AlterField or RenameField operations. + * Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef. + * Added assertion helpers for PostgreSQL's server-side cursor tests. + * Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs. + * Fixed #28786 -- Doc'd middleware ordering considerations due to + CommonMiddleware setting Content-Length. + * Added release date for 1.11.8. + * Fixed #28702 -- Made query lookups for CIText fields use citext. + * Added 2017-12794 to the security release archive. + * Fixed typo in docs/topics/cache.txt. + * Bumped version for 1.11.6 release. + * Added release date for 1.11.6. + * Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt. + * Bumped version for 1.11.7 release. + * Added stub release notes for 1.11.8. + * Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered + subquery that uses nulls_first/nulls_last. + * Fixed typo in docs/topics/db/aggregation.txt. + * Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt. + * Fixed typo in docs/topics/forms/media.txt. + * Bumped version for 1.11.8 release. + * Fixed typo in docs/ref/models/querysets.txt. + * Fixed test failures due to ordering differences on PostgreSQL 10. + * Fixed #28710 -- Fixed the Basque DATE_FORMAT string + * Added stub release notes for 1.11.6. + * Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. + * Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after + values() and values_list(). + * Post-release version bump. + * Fixed #28792 -- Fixed index name truncation of namespaced tables. + * Fixed #28781 -- Added QuerySet.values()/values_list() support for union(), + difference(), and intersection(). + * Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last. + * Refs #28710 -- Simplified l10n format test + * Initialized CsrfViewMiddleware once in csrf_tests. + * Added release date for 1.11.7. + * Linked to prefetch_related_objects func in DB optimization docs. + * Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user + error when using ModelBackend. + * Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs. + * Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins. + * Fixed #28555 -- Made CharField convert whitespace-only values to the + empty_value when strip is enabled. + * Fixed #28601 -- Prevented cache.get_or_set() from caching None if default + is a callable that returns None. + +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + +------------------------------------------------------------------- +Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com + +- update to version 1.11.4: + * Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3. + * Fixed #27956 -- Fixed display of errors in an {% extends %} child. + * Updated various links in docs to avoid redirects + * Fixed typo in docs/topics/auth/default.txt. + * Double quoted HTML attributes in widget docs + * Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template. + * Added stub release notes for 1.11.3. + * Documented OSMWidget.default_lat/lon. + * Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field. + * Bumped version for 1.11.4 release. + * Bumped version for 1.11.3 release. + * Updated translations from Transifex + * Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets(). + * Fixed #28242 -- Moved ImageField file extension validation to the form field. + * Made docs/topics/migrations.txt use single quotes consistently. + * Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2. + * Updated name of topics/db/queries link on index. + * Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt. + * Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state. + * Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. + * Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test. + * Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs. + * Fixed typo in docs/topics/testing/advanced.txt. + * Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context. + * Refs #18974 -- Added stacklevel for permalink() deprecation. + * Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field. + * Fixed #28051 -- Made migrations respect Index's name argument. + * Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous. + * Added release date for 1.11.4. + * Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path. + * Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__(). + * Fixed #28148 -- Doc'd ImageField name validation concerns with the test client. + * Added stub release notes for 1.11.2. + * Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+. + * Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor. + * Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt. + * Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms. + * Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible(). + * Fixed docstring typo in django/contrib/admin/actions.py. + * Fixed #28102 -- Doc'd how to compute path to built-in widget template directories. + * Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples. + * Fixed #28181 -- Added detection for GDAL 2.1 and 2.0. + * Refs #23853 -- Updated sql.query.Query.join() docstring. + * Added a test for Model._meta._property_names. + * Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg. + * Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept. + * Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis. + * Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget. + * Added content_type filtering in Permission querying example. + * Corrected FileExtensionValidator doc regarding the value being validated. + * Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash. + * Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. + * Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices. + * Post-release version bump. + * Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False. + * Refs #28192 -- Fixed documentation of ChoiceField choices requirement + * Fixed #27966 -- Bumped required psycopg2 version to 2.5.4. + * Linked GIS QuerySet API docs to corresponding PostGIS docs. + * Fixed #27974 -- Kept resolved templates constant during one rendering cycle. + * Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations + * Fixed typo in docs/ref/request-response.txt. + * Fixed #27963 -- Removed unneeded docstring example in contributing docs. + * Added stub release notes for security releases. + * Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS. + * Fixed typo in docs/ref/forms/fields.txt. + * Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). + * Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount. + * Fixed broken links to Oracle docs. + * Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches. + * Added links and cosmetic edits to docs/ref/request-response.txt. + * Added stub release notes for 1.11.1. + * Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page. + * Removed incorrect "required" attribute in docs/ref/forms/fields.txt. + * Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context. + * Refs #24423 -- Readded inadvertently deleted i18n tests. + * Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939). + * Corrected post-release version bump. + * Made runtests.py run gis_tests only when using a GIS database backend. + * Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool. + * Fixed broken link to QUnit docs. + * Removed MySQL (unsupported) from Perimeter docs. + * Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt. + * Fixed #28139 -- Added another level of headings in the topics index. + * Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like. + * Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed. + * Updated man page for Django 1.11. + * Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt. + * Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST. + * Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. + * Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS. + * Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. + * Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering. + * Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor. + * Tested EmailMessage(attachments=[MIMEText]) + * Clarified return value of NumGeometries GIS function. + * Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL. + * Fixed #28058 -- Restored empty BoundFields evaluating to True. + * Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt. + * Added CVE-2017-7233,4 to the security release archive. + * Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII. + * Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters. + * Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet. + * Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults. + * Refs #27556, #27488 -- Updated support backends docs for isvalid lookup. + * Fixed nondeterministic ordering test failure in model_forms. + * Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__(). + * Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758. + * Made a few cosmetic updates to "Migrations that add unique fields". + * Bumped version for 1.11 release. + * Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory. + * Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input. + * Fixed #27949 -- Doc'd how OpenLayers 3 widgets work. + * Pass type to sql_alter_column_* where it was missing. + * Fixed #27866 -- Made ChoiceWidget.format_value() return a list + * Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667). + * Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed. + * Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet. + * Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date. + * Fixed #28161 -- Fixed return type of ArrayField(CITextField()). + * Corrected docs regarding MySQL support of Length GIS function. + * Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value. + * Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest. + * Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials. + * Fixed #27644 -- Doc'd FileSystemStorage.get_created_time(). + * Added test for intersection() when combining with a queryset raising EmptyResultSet. + * Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL. + * Removed extra characters in docs header underlines. + * Fixed GEOSGeometry reference in GIS tutorial. + * Refs #28066 -- Fixed Python 2 failures in sessions_tests. + * Removed obsolete Widget.format_output() in tests. + * Fixed #28059 -- Restored class attribute in
            of widgets that use multiple_input.html. + * Fixed typo in docs/ref/contrib/postgres/fields.txt. + * Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. + * Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537). + * Removed unexpected initial attribute in data migration examples. + * Renamed "Mac OS X" to "macOS" in docs. + * Sorted imports per isort 4.2.9. + * Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331. + * Back to the future. + * Fixed #27993 -- Fixed model form default fallback for SelectMultiple. + * Refs #27866 -- Adapted backport for Python 2 compatibility + * Removed unused links in docs/internals/contributing/triaging-tickets.txt. + * Clarified QuerySet.iterator()'s docs on server-side cursors. + * Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses + * Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget. + * Corrected REPL example in forms docs for Python 3. + * Refs #28181 -- Corrected detection of GDAL 2.1 on Windows. + * Fixed #28075 -- Prevented ChoiceWidget from localizing option values. + * Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model. + * Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL. + * Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model. + * Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL. + * Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs. + * Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend. + * Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options. + * Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11. + * Fixed a forms test after updated translations. + * Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt. + * Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists(). + * Fixed #28336 -- Fixed typo in docs/ref/settings.txt. + * Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet. + * Refs #28052 -- Cleaned up some indexes in schema tests. + * Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk. + * Added release date for 1.11.1. + * Fixed #28327 -- Removed contradictory description of mod_wsgi docs. + * Clarified "newly-introduced features" in the supported versions policy. + * Fixed docs build with Sphinx 1.6. + * Fixed #28239 -- Removed docs for a removed arg of template.Context. + * Bumped version for 1.11.2 release. + * Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests. + * Updated postgis.net and gaia-gis.it links to https. + * Fixed typos in docs/topic/db/search.txt. + * Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables. + * Fixed typos in docs/howto/static-files/index.txt. + * Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views. + * Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk. + * Fixed db backend discovery in admin_scripts tests. + * Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt. + * Fixed #26028 -- Added overriding templates howto. + * Updated was_published_recently() tutorial test to check boundary condition. + * Fix a typo in django/db/transaction.py + * Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings. + * Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. + * Refs #22397 -- Removed model in test cleanup + * Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False. + * Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField. + * Updated core translations from Transifex + * Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model. + * Added missing import in docs/topics/db/queries.txt. + * Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected. + * Fixed #28229 -- Fixed the value of LoginView's "next" template variable. + * Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None. + * Added release date for 1.11.2. + * Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. + * Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new. + * Removed an obsolete temporal reference in docs/faq/general.txt. + * Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg. + * Fixed #27945 -- Clarified that RegexValidator searches with the regex. + * Linked GIS functions docs to corresponding PostGIS docs. + * Refs #17453 -- Fixed broken link to #django IRC logs. + * Fixed gis_tests.geoapp test with incorrect geodetic coordinates. + * Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data. + * Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it. + * Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5. + * Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms. + * Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails + * Clarified backend support of Area GIS function. + * Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it. + * Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models. + * Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable. + * Fixed #28188 -- Fixed crash when pickling model fields. + * Fixed typo in docs/ref/models/querysets.txt. + * Pointed Dive into Python links to python3 site + * Refs #25240 -- Added ExtractWeek examples. + * Added some shell output in tutorial 2. + * Removed inappropriate highlighting in committing-code.txt. + * Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries. + * Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses. + * Fixed flake8 warning on Python 2. + * Clarified meaning of "Optional" in auth.models.User field docs. + * Clarified HStoreField model/form difference in 1.11 release notes. + * Removed self from method signatures in docs. + * Added stub release notes for 1.11.4. + * Updated tests after French translation update + * Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once. + * Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter. + * Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form. + * Refs #21415 -- Fixed contrib.humanize translations for es_AR + * Fixed #27655 -- Added some guidelines to the coding style docs. + * Updated contrib translations from Transifex + * Removed nonexistent methods from File's docs. + * Doc'd the need to remove default ordering on Subquery aggregates. + * Fixed broken link to mysqlclient docs. + * Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model. + * Removed usage of deprecated sphinx.util.compat.Directive. + * Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da. + * Fixed #28190 -- Clarifed how include/extends treat template names. + * Refs #26294 -- Fixed typo in docs/ref/django-admin.txt. + * Refs #28091 -- Fixed typo and rephrased 1.11.1 release note. + * Fixed typo in docs/ref/class-based-views/mixins-single-object.txt. + * Bumped version for 1.11.1 release. + * Added release date for 1.11.3. + * Bumped version for 1.11 release candidate 1. + * Simplified tutorial's test names and docstrings. + * Fixed typo in django/db/backends/base/schema.py comment. + * Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs. +- Require python-pytz and Recommend python-bcrypt + +------------------------------------------------------------------- +Wed Aug 9 17:58:19 UTC 2017 - toddrme2178@gmail.com + +- Fix building on older Python versions. + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. + +------------------------------------------------------------------- +Mon May 8 14:32:03 UTC 2017 - toddrme2178@gmail.com + +- django-admin.py should be the master, not django-admin. + +------------------------------------------------------------------- +Sat May 6 03:31:54 UTC 2017 - toddrme2178@gmail.com + +- Don't provide python2-django or python2-South, singlespec + packages should use correct name. + +------------------------------------------------------------------- +Thu May 4 15:33:21 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Apr 4 14:38:13 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.7 + Bugfixes + * Made admin’s RelatedFieldWidgetWrapper use the wrapped widget’s + value_omitted_from_data() method (#27905) + * Fixed model form default fallback for SelectMultiple (#27993) + +------------------------------------------------------------------- +Wed Mar 1 14:24:17 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.6 + Bugfixes + * Fixed ClearableFileInput’s “Clear” checkbox on model form fields where the + model field has a default + * Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than + generating a bad request response + * Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or + IntegerField from DateField + * Fixed query expression date subtraction accuracy on PostgreSQL for differences + large an a month + * Fixed a GDALException raised by GDALClose on GDAL >= 2.0 + +------------------------------------------------------------------- +Tue Jan 31 14:00:11 UTC 2017 - michal@cihar.com + +- Update to 1.10.5 + * See https://docs.djangoproject.com/en/1.10/releases/1.10/ + * Full text search for PostgreSQL + * New-style middleware + * Official support for Unicode usernames + +------------------------------------------------------------------- +Fri Dec 2 10:17:25 UTC 2016 - appleonkel@opensuse.org + +- Update to 1.9.12 + Bugfixes + * Quoted the Oracle test user’s password in queries to fix the “ORA-00922: missing + or invalid option” error when the password starts with a number or + special character (#27420) + * DNS rebinding vulnerability when DEBUG=True + * CSRF protection bypass on a site with Google Analytics + +------------------------------------------------------------------- +Sat Sep 24 16:42:55 UTC 2016 - sbahling@suse.com + +- Change Requires: python-Pillow to python-imaging for compatibility + with SLE-12 which provides PIL instead of Pillow. + +------------------------------------------------------------------- +Tue Aug 9 09:11:24 UTC 2016 - aplanas@suse.com + +- Update to 1.9.9 + Bugfixes + * Fixed invalid HTML in template postmortem on the debug page + (#26938). + * Fixed some GIS database function crashes on MySQL 5.7 (#26657). + +- Update to 1.9.8 + Fix XSS in admin’s add/change related popup (bsc#988420) + Unsafe usage of JavaScript’s Element.innerHTML could result in XSS + in the admin’s add/change related popup. Element.textContent is now + used to prevent execution of the data. + The debug view also used innerHTML. Although a security issue wasn’t + identified there, out of an abundance of caution it’s also updated + to use textContent. + + Bugfixes + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AddField on PostgreSQL (#26889). + * Fixed makemessages crash on Python 2 with non-ASCII file names + (#26897). + +- Update to 1.9.7 + Bugfixes + * Removed the need for the request context processor on the admin + login page to fix a regression in 1.9 (#26558). + * Fixed translation of password validators’ help_text in forms + (#26544). + * Fixed a regression causing the cached template loader to crash + when using lazy template names (#26603). + * Fixed on_commit callbacks execution order when callbacks make + transactions (#26627). + * Fixed HStoreField to raise a ValidationError instead of crashing + on non-dictionary JSON input (#26672). + * Fixed dbshell crash on PostgreSQL with an empty database name + (#26698). + * Fixed a regression in queries on a OneToOneField that has to_field + and primary_key=True (#26667). + +------------------------------------------------------------------- +Tue May 3 08:23:48 UTC 2016 - aplanas@suse.com + +- Update to 1.9.6 + Bugfixes + * Added support for relative path redirects to the test client and + to SimpleTestCase.assertRedirects() because Django 1.9 no longer + converts redirects to absolute URIs (#26428). + * Fixed TimeField microseconds round-tripping on MySQL and SQLite + (#26498). + * Prevented makemigrations from generating infinite migrations for a + model field that references a functools.partial (#26475). + * Fixed a regression where SessionBase.pop() returned None rather + than raising a KeyError for nonexistent values (#26520). + * Fixed a regression causing the cached template loader to crash + when using template names starting with a dash (#26536). + * Restored conversion of an empty string to null when saving values + of GenericIPAddressField on SQLite and MySQL (#26557). + * Fixed a makemessages regression where temporary .py extensions + were leaked in source file paths (#26341). + +------------------------------------------------------------------- +Sun May 1 12:29:52 UTC 2016 - michael@stroeder.com + +- Update to 1.9.5 + +------------------------------------------------------------------- +Tue Feb 2 09:21:43 UTC 2016 - aplanas@suse.com + +- Update to 1.9.2 + Security issue + * User with "change" but not "add" permission can create objects for + ModelAdmin's with save_as=True + Backwards incompatible change + * .py-tpl files rewritten in project/app templates + Bugfixes + * Fixed a regression in ConditionalGetMiddleware causing + If-None-Match checks to always return HTTP 200 (#26024). + * Fixed a regression that caused the "user-tools" items to display + on the admin's logout page (#26035). + * Fixed a crash in the translations system when the current language + has no translations (#26046). + * Fixed a regression that caused the incorrect day to be selected + when opening the admin calendar widget for timezones from GMT+0100 + to GMT+1200 (#24980). + * Fixed a regression in the admin's edit related model popup that + caused an escaped value to be displayed in the select dropdown of + the parent window (#25997). + * Fixed a regression in 1.8.8 causing incorrect index handling in + migrations on PostgreSQL when adding db_index=True or unique=True + to a CharField or TextField that already had the other specified, + or when removing one of them from a field that had both, or when + adding unique=True to a field already listed in unique_together + (#26034). + * Fixed a regression where defining a relation on an abstract + model's field using a string model name without an app_label no + longer resolved that reference to the abstract model's app if + using that model in another application (#25858). + * Fixed a crash when destroying an existing test database on MySQL + or PostgreSQL (#26096). + * Fixed CSRF cookie check on POST requests when + USE_X_FORWARDED_PORT=True (#26094). + * Fixed a QuerySet.order_by() crash when ordering by a relational + field of a ManyToManyField through model (#26092). + * Fixed a regression that caused an exception when making database + queries on SQLite with more than 2000 parameters when DEBUG is + True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER + compile-time limit to over 2000, such as Debian (#26063). + * Fixed a crash when using a reverse OneToOneField in + ModelAdmin.readonly_fields (#26060). + * Fixed a crash when calling the migrate command in a test case with + the available_apps attribute pointing to an application with + migrations disabled using the MIGRATION_MODULES setting (#26135). + * Restored the ability for testing and debugging tools to determine + the template from which a node came from, even during template + inheritance or inclusion. Prior to Django 1.9, debugging tools + could access the template origin from the node via + Node.token.source[0]. This was an undocumented, private API. The + origin is now available directly on each node using the + Node.origin attribute (#25848). + * Fixed a regression in Django 1.8.5 that broke copying a + SimpleLazyObject with copy.copy() (#26122). + * Always included geometry_field in the GeoJSON serializer output + regardless of the fields parameter (#26138). + * Fixed the contrib.gis map widgets when using + USE_THOUSAND_SEPARATOR=True (#20415). + * Made invalid forms display the initial of values of their disabled + fields (#26129). + +------------------------------------------------------------------- +Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com + +- Update to 1.9.1 + Bugfixes + * Fixed BaseCache.get_or_set() with the DummyCache backend (#25840). + * Fixed a regression in FormMixin causing forms to be validated + twice (#25548, #26018). + * Fixed a system check crash with nested ArrayFields (#25867). + * Fixed a state bug when migrating a SeparateDatabaseAndState + operation backwards (#25896). + * Fixed a regression in CommonMiddleware causing If-None-Match + checks to always return HTTP 200 (#25900). + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AlterField on PostgreSQL + (#25412). + * Fixed admin’s delete confirmation page’s summary counts of related + objects (#25883). + * Added from __future__ import unicode_literals to the default + apps.py created by startapp on Python 2 (#25909). Add this line to + your own apps.py files created using Django 1.9 if you want your + migrations to work on both Python 2 and Python 3. + * Prevented QuerySet.delete() from crashing on MySQL when querying + across relations. + * Fixed evaluation of zero-length slices of QuerySet.values() + (#25894). + * ... + * https://docs.djangoproject.com/en/1.9/releases/1.9.1/ + +------------------------------------------------------------------- +Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com + +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) + * https://docs.djangoproject.com/en/1.9/releases/1.9/ + * Performing actions after a transaction commit + * Password validation + * Permission mixins for class-based views + * New styling for "contrib.admin" + * Running tests in parallel + +------------------------------------------------------------------- +Tue Nov 10 10:39:22 UTC 2015 - tbechtold@suse.com + +- update to 1.8.6: + * https://docs.djangoproject.com/en/1.8/releases/1.8.5/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.6/ + +------------------------------------------------------------------- +Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com + +- add missing Requires for python-setuptools (bsc#952198) + /usr/bin/django-admin needs the pkg_resources framework from + python-setuptools to run properly. + +------------------------------------------------------------------- +Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com + +- update to 1.8.4 (CVE-2015-5963): + * https://docs.djangoproject.com/en/1.8/releases/1.8.4/ + +------------------------------------------------------------------- +Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com + +- add keyring and verify source signature + +------------------------------------------------------------------- +Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com + +- update to 1.8.3: + * https://docs.djangoproject.com/en/1.8/releases/1.8.3/ + Various bugfixes/security fixes (CVE-2015-5145, bsc#937524) + +------------------------------------------------------------------- +Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com + +- update to 1.8.2 (CVE-2015-3982): + * https://docs.djangoproject.com/en/1.8/releases/1.8.2/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.1/ + +------------------------------------------------------------------- +Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com + +- Update to Django 1.8 + * "Long-Term Support" (LTS) release + New features: + * Model._meta API + * Multiple template engines + * Security enhancements + * New PostgreSQL specific functionality + * New data types + * Query Expressions, Conditional Expressions, and Database Functions + * TestCase data setup + Backwards incompatible changes: + * Related object operations are run in a transaction + * Assigning unsaved objects to relations raises an error + * Management commands that only accept positional arguments + * Custom test management command arguments through test runner + * Model check ensures auto-generated column names are within limits + specified by database + * Query relation lookups now check object types + * select_related() now checks given fields + * Default EmailField.max_length increased to 254 + * (DROP) Support for PostgreSQL versions older than 9.0 + * (DROP) Support for MySQL versions older than 5.5 + * (DROP) Support for Oracle versions older than 11.1 + * Specific privileges used instead of roles for tests on Oracle + * ... + +------------------------------------------------------------------- +Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.7: + Security issues: + * Denial-of-service possibility with strip_tags() + * Mitigated possible XSS attack via user-supplied redirect URLs + Bugfixes: + * Fixed renaming of classes in migrations where renaming a subclass would + cause incorrect state to be recorded for objects that referenced the + superclass (#24354). + * Stopped writing migration files in dry run mode when merging migration + conflicts. When makemigrations --merge is called with verbosity=3 the + migration file is written to stdout (:ticket: 24427). + +------------------------------------------------------------------- +Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com + +- Update to Djano 1.7.6: + Bugfixes + * Mitigated an XSS attack via properties in + "ModelAdmin.readonly_fields" + * Fixed crash when coercing "ManyRelatedManager" to a string + (#24352). + * Fixed a bug that prevented migrations from adding a foreign key + constraint when converting an existing field to a foreign key + (#24447). + +------------------------------------------------------------------- +Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.5: + Bugfixes + * Reverted a fix that prevented a migration crash when unapplying + contrib.contenttypes's or contrib.auth's first migration (#24075) + due to severe impact on the test performance (#24251) and problems + in multi-database setups (#24298). + * Fixed a regression that prevented custom fields inheriting from + ManyToManyField from being recognized in migrations (#24236). + * Fixed crash in contrib.sites migrations when a default database + isn't used (#24332). + * Added the ability to set the isolation level on PostgreSQL with + psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in + Django 1.6 but it didn't work in practice. + * Formats for the Azerbaijani locale (az) have been added. + +------------------------------------------------------------------- +Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.4: + Bugfixes + * Fixed a migration crash when unapplying ``contrib.contenttypes``’s + or ``contrib.auth``’s first migration (:ticket:`24075`). + * Made the migration's ``RenameModel`` operation rename + ``ManyToManyField`` tables (:ticket:`24135`). + * Fixed a migration crash on MySQL when migrating from a + ``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`). + * Prevented the ``static.serve`` view from producing + ``ResourceWarning``\s in certain circumstances (security fix + regression, :ticket:`24193`). + * Fixed schema check for ManyToManyField to look for internal type + instead of checking class instance, so you can write custom + m2m-like fields with the same behavior. (:ticket:`24104`). + +------------------------------------------------------------------- +Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.3: + Security fixes: + * WSGI header spoofing via underscore/dash conflation. + * Mitigated possible XSS attack via user-supplied redirect URLs. + * Denial-of-service attack against django.views.static.serve. + * Database denial-of-service with ModelMultipleChoiceField. + Bug fixes: + * The default iteration count for the PBKDF2 password hasher has been + increased by 25%. This part of the normal major release process was + inadvertently omitted in 1.7. This backwards compatible change will not + affect users who have subclassed + django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default + value. + * Fixed a crash in the CSRF middleware when handling non-ASCII referer + header (#23815). + * Fixed a crash in the django.contrib.auth.redirect_to_login view when + passing a reverse_lazy() result on Python 3 (#24097). + * Added correct formats for Greek (el) (#23967). + * Fixed a migration crash when unapplying a migration where multiple + operations interact with the same model (#24110). + +------------------------------------------------------------------- +Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com + +- South has been merged in main Django; provide and obsolete it + +------------------------------------------------------------------- +Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com + +- Update to Django 1.7.2: + + * Fixed migration’s renaming of auto-created many-to-many tables + when changing Meta.db_table (#23630). + * Fixed a migration crash when adding an explicit id field to a + model on SQLite (#23702). + * Added a warning for duplicate models when a module is + reloaded. Previously a RuntimeError was raised every time two + models clashed in the app registry. (#23621). + * Prevented flush from loading initial data for migrated apps + (#23699). + * Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the + default None value (#23717). + * Added GeoDjango compatibility with mysqlclient database driver. + * Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719). + * Fixed a migration crash when removing a field that is referenced + in AlterIndexTogether or AlterUniqueTogether (#23614). + * Updated the first day of the week in the Ukrainian locale to + Monday. + * Added support for transactional spatial metadata initialization on + SpatiaLite 4.1+ (#23152). + * Fixed a migration crash that prevented changing a nullable field + with a default to non-nullable with the same default (#23738). + * Fixed a migration crash when adding GeometryFields with blank=True + on PostGIS (#23731). + * Allowed usage of DateTimeField() as Transform.output_field + (#23420). + * Fixed a migration serializing bug involving float("nan") and + float("inf") (#23770). + * Fixed a regression where custom form fields having a queryset + attribute but no limit_choices_to could not be used in a ModelForm + (#23795). + * Fixed a custom field type validation error with MySQL backend when + db_type returned None (#23761). + * Fixed a migration crash when a field is renamed that is part of an + index_together (#23859). + * Fixed squashmigrations to respect the --no-optimize parameter + (#23799). + * Made RenameModel reversible (#22248) + * Avoided unnecessary rollbacks of migrations from other apps when + migrating backwards (#23410). + * Fixed a rare query error when using deeply nested subqueries + (#23605). + * Fixed a crash in migrations when deleting a field that is part of + a index/unique_together constraint (#23794). + * Fixed django.core.files.File.__repr__() when the file’s name + contains Unicode characters (#23888). + * Added missing context to the admin’s delete_selected view that + prevented custom site header, etc. from appearing (#23898). + * Fixed a regression with dynamically generated inlines and allowed + field references in the admin (#23754). + * Fixed an infinite loop bug for certain cyclic migration + dependencies, and made the error message for cyclic dependencies + much more helpful. + * Added missing index_together handling for SQLite (#23880). + * Fixed a crash when RunSQL SQL content was collected by the schema + editor, typically when using sqlmigrate (#23909). + * Fixed a regression in contrib.admin add/change views which caused + some ModelAdmin methods to receive the incorrect obj value + (#23934). + * Fixed runserver crash when socket error message contained Unicode + characters (#23946). + * Fixed serialization of type when adding a deconstruct() method + (#23950). + * Prevented the SessionAuthenticationMiddleware from setting a + "Vary: Cookie" header on all responses (#23939). + * Fixed a crash when adding blank=True to TextField() on MySQL + (#23920). + * Fixed index creation by the migration infrastructure, particularly + when dealing with PostgreSQL specific {text|varchar}_pattern_ops + indexes (#23954). + * Fixed bug in makemigrations that created broken migration files + when dealing with multiple table inheritance and inheriting from + more than one model (#23956). + * Fixed a crash when a MultiValueField has invalid data (#23674). + * Fixed a crash in the admin when using “Save as new” and also + deleting a related inline (#23857). + * Always converted related_name to text (unicode), since that is + required on Python 3 for interpolation. Removed conversion of + related_name to text in migration deconstruction (#23455 and + #23982). + * Enlarged the sizes of tablespaces which are created by default for + testing on Oracle (the main tablespace was increased from 200M to + 300M and the temporary tablespace from 100M to 150M). This was + required to accommodate growth in Django’s own test suite + (#23969). + * Fixed timesince filter translations in Korean (#23989). + * Fixed the SQLite SchemaEditor to properly add defaults in the + absence of a user specified default. For example, a CharField with + blank=True didn’t set existing rows to an empty string which + resulted in a crash when adding the NOT NULL constraint (#23987). + * makemigrations no longer prompts for a default value when adding + TextField() or CharField() without a default (#23405). + * Fixed a migration crash when adding order_with_respect_to to a + table with existing rows (#23983). + * Restored the pre_migrate signal if all apps have migrations + (#23975). + * Made admin system checks run for custom AdminSites (#23497). + * Ensured the app registry is fully populated when unpickling + models. When an external script (like a queueing infrastructure) + reloads pickled models, it could crash with an AppRegistryNotReady + exception (#24007). + * Added quoting to field indexes in the SQL generated by migrations + to prevent a crash when the index name requires it (##24015). + * Added datetime.time support to migrations questioner (#23998). + * Fixed admindocs crash on apps installed as eggs (#23525). + * Changed migrations autodetector to generate an AlterModelOptions + operation instead of DeleteModel and CreateModel operations when + changing Meta.managed. This prevents data loss when changing + managed from False to True and vice versa (#24037). + * Enabled the sqlsequencereset command on apps with migrations + (#24054). + * Added tablespace SQL to apps with migrations (#24051). + * Corrected contrib.sites default site creation in a multiple + database setup (#24000). + * Restored support for objects that aren’t str or bytes in + mark_for_escaping() on Python 3. + * Supported strings escaped by third-party libraries with the + __html__ convention in the template engine (#23831). + * Prevented extraneous DROP DEFAULT SQL in migrations (#23581). + * Restored the ability to use more than five levels of subqueries + (#23758). + * Fixed crash when ValidationError is initialized with a + ValidationError that is initialized with a dictionary (#24008). + * Prevented a crash on apps without migrations when running migrate + --list (#23366). + +------------------------------------------------------------------- +Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7.1 + + * Allowed related many-to-many fields to be referenced in the admin + (#23604). + * Added a more helpful error message if you try to migrate an app + without first creating the contenttypes table (#22411). + * Modified migrations dependency algorithm to avoid possible + infinite recursion. + * Fixed a UnicodeDecodeError when the flush error message contained + Unicode characters (#22882). + * Reinstated missing CHECK SQL clauses which were omitted on some + backends when not using migrations (#23416). + * Fixed serialization of type objects in migrations (#22951). + * Allowed inline and hidden references to admin fields (#23431). + * The @deconstructible decorator now fails with a ValueError if the + decorated object cannot automatically be imported (#23418). + * Fixed a typo in an inlineformset_factory() error message that + caused a crash (#23451). + * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the + 'auth.User' model (#11775). As a side effect, the setting now adds + a get_absolute_url() method to any model that appears in + ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). + * Avoided masking some ImportError exceptions during application + loading (#22920). + * Empty index_together or unique_together model options no longer + results in infinite migrations (#23452). + * Fixed crash in contrib.sitemaps if lastmod returned a date rather + than a datetime (#23403). + * Allowed migrations to work with app_labels that have the same last + part (e.g. django.contrib.auth and vendor.auth) (#23483). + * Restored the ability to deepcopy F objects (#23492). + * Formats for Welsh (cy) and several Chinese locales (zh_CN, + zh_Hans, zh_Hant and zh_TW) have been added. Formats for + Macedonian have been fixed (trailing dot removed, #23532). + * Added quoting of constraint names in the SQL generated by + migrations to prevent crash with uppercase characters in the name + (#23065). + * Fixed renaming of models with a self-referential many-to-many + field (ManyToManyField('self')) (#23503). + * Added the get_extra(), get_max_num(), and get_min_num() hooks to + GenericInlineModelAdmin (#23539). + * Made migrations.RunSQL no longer require percent sign + escaping. This is now consistent with cursor.execute() (#23426). + * Made the SERIALIZE entry in the TEST dictionary usable (#23421). + * Fixed bug in migrations that prevented foreign key constraints to + unmanaged models with a custom primary key (#23415). + * Added SchemaEditor for MySQL GIS backend so that spatial indexes + will be created for apps with migrations (#23538). + * Added SchemaEditor for Oracle GIS backend so that spatial metadata + and indexes will be created for apps with migrations (#23537). + * Coerced the related_name model field option to unicode during + migration generation to generate migrations that work with both + Python 2 and 3 (#23455). + * Fixed MigrationWriter to handle builtin types without imports + (#23560). + * Fixed deepcopy on ErrorList (#23594). + * Made the admindocs view to browse view details check if the view + specified in the URL exists in the URLconf. Previously it was + possible to import arbitrary packages from the Python path. This + was not considered a security issue because admindocs is only + accessible to staff users (#23601). + * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII + characters in the request (#23593). + * Fixed missing get_or_create and update_or_create on related + managers causing IntegrityError (#23611). + * Made urlsafe_base64_decode() return the proper type (byte string) + on Python 3 (#23333). + * makemigrations can now serialize timezone-aware values (#23365). + * Added a prompt to the migrations questioner when removing the null + constraint from a field to prevent an IntegrityError on existing + NULL rows (#23609). + * Fixed generic relations in ModelAdmin.list_filter (#23616). + * Restored RFC compliance for the SMTP backend on Python 3 (#23063). + * Fixed a crash while parsing cookies containing invalid content + (#23638). + * The system check framework now raises error models.E020 when the + class method Model.check() is unreachable (#23615). + * Made the Oracle test database creation drop the test user in the + event of an unclean exit of a previous test run (#23649). + * Fixed makemigrations to detect changes to Meta.db_table (#23629). + * Fixed a regression when feeding the Django test client with an + empty data string (#21740). + * Fixed a regression in makemessages where static files were + unexpectedly ignored (#23583). + +------------------------------------------------------------------- +Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7 + + * A new built-in database migration system. Notes on upgrading from + South (a popular third*party application providing migration + functionality) are also available. + * A refactored concept of Django applications. Django applications + are no longer tied to the existence of a models files, and can now + specify both configuration data and code to be executed as Django + starts up. + * Improvements to the model Field API to support migrations and, in + the future, to enable easy addition of composite-key support to + Django's ORM. + * Improvements for custom Manager and QuerySet classes, allowing + reverse relationship traversal to specify the Manager to use, and + creation of a Manager from a custom QuerySet class. + * An extensible system check framework which can assist developers + in detecting and diagnosing errors. + + Please refer to the release notes for all details and migration + instructions: + https://docs.djangoproject.com/en/1.7/releases/1.7/ + +- Added python-setuptools as a BuildRequires. + +- Fixed Source URL from Django Project site. + +- Reordered sources. + +- Fixed deduplication to avoid wrong mtimes in pyc files. + +------------------------------------------------------------------- +Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- +Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com + +- Fix update-alternatives + +------------------------------------------------------------------- +Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com + +- Update to version 1.6.2: + + Prevented the base geometry object of a prepared geometry to be garbage + collected, which could lead to crash Django (#21662). + + Fixed a crash when executing the changepassword command when the user + object representation contained non-ASCII characters (#21627). + + The collectstatic command will raise an error rather than default to + using the current working directory if STATIC_ROOT is not set. Combined + with the --clear option, the previous behavior could wipe anything + below the current working directory (#21581). + + Fixed mail encoding on Python 3.3.3+ (#21093). + + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, + the connection wasn’t in autocommit mode but Django pretended it was. + + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + + Added missing items to django.utils.timezone.__all__ (#21880). + + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + + Fixed join promotion for negated AND conditions (#21748). + + Oracle database introspection now works with boolean and float fields (#19884). + + Fixed an issue where lazy objects weren’t actually marked as safe when + passed through mark_safe() and could end up being double-escaped (#21882). + +------------------------------------------------------------------- +Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.1: + - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 + release notes. + +------------------------------------------------------------------- +Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com + +- Update-alternatives also for bash-completion + +------------------------------------------------------------------- +Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com + +- Only ghost /etc/alternatives on 12.3 or newer + +------------------------------------------------------------------- +Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com + +- Require python-Pillow for image-related functionality +- Package was renamed from python-django +- Drop Django-1.2-completion-only-for-bash.patch: Useless + +------------------------------------------------------------------- +Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br + +- Update to version 1.6: + - Please read the release notes + https://docs.djangoproject.com/en/1.6/releases/1.6 +- Removed Patch2 as it is no needed anymore: + Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch + +------------------------------------------------------------------- +Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed directory traversal with ssi template tag + +------------------------------------------------------------------- +Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.2: + - Security release, please check release notes for details: + https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued + +------------------------------------------------------------------- +Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.1: + - Memory leak fix, please read release announcement at + https://www.djangoproject.com/weblog/2013/mar/28/django-151. + +------------------------------------------------------------------- +Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5: + - Please read the release notes + https://docs.djangoproject.com/en/1.5/releases/1.5 + +------------------------------------------------------------------- +Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.3: + - Security release: + - Host header poisoning + - Redirect poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/dec/10/security + +------------------------------------------------------------------- +Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- +Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.1: + - Security release: + - Cross-site scripting in authentication views + - Denial-of-service in image validation + - Denial-of-service via get_image_dimensions() + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued + +------------------------------------------------------------------- +Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de + +- Add patch to support CSRF_COOKIE_HTTPONLY config + +------------------------------------------------------------------- +Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4: + - Please read the release notes + https://docs.djangoproject.com/en/dev/releases/1.4 +- Removed Patch2, it was merged on upstream, + +------------------------------------------------------------------- +Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de + +- Set license to SDPX style (BSD-3-Clause) +- Package AUTHORS, LICENE and README files +- No CFLAGS for noarch package +- Drop runtime dependency on gettext-tools + +------------------------------------------------------------------- +Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3.1 to fix security issues, please read + https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. + +------------------------------------------------------------------- +Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br + +- Fix build on SLES_9. + +------------------------------------------------------------------- +Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3 final; +- Refresh patch empty-ip-2.diff. + +------------------------------------------------------------------- +Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3-rc1; +- Regenerated spec file with py2pack; +- No more need to fix wrong line endings; +- Refresh patch empty-ip-2.diff with -p0. + +------------------------------------------------------------------- +Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de + +- Spec file cleanup: + * Removed empty lines, package authors from description + * Cleanup duplicates + * Corrected wrong file endings + * Added zero-length rpmlint filter +- Added AUTHORS, LICENSE and doc files + +------------------------------------------------------------------- +Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.2.5: + - This is a security update that fix: + - Flaw in CSRF handling; + - Potential XSS in file field rendering. + +------------------------------------------------------------------- +Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.4: + - Information leakage in Django administrative interface; + - Denial-of-service attack in password-reset mechanism. +- This is a mandatory security update. + +------------------------------------------------------------------- +Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.3: + - The patch applied for the security issue covered in Django + 1.2.2 caused issues with non-ASCII responses using CSRF + tokens. This has been remedied; + - The patch also caused issues with some forms, most notably + the user-editing forms in the Django administrative interface. + This has been remedied. + - The packaging manifest did not contain the full list of + required files. This has been remedied. + +------------------------------------------------------------------- +Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.2. +- This is a ciritical security update fixing a default XSS bug! + +------------------------------------------------------------------- +Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca + +- Added patch to fix upstream bug 5622: Empty ipaddress raises an error + +------------------------------------------------------------------- +Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.1. + +------------------------------------------------------------------- +Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2. + +------------------------------------------------------------------- +Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-rc-1. + +------------------------------------------------------------------- +Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br + +- Spec file cleaned with spec-cleaner; +- Minor manual adjusts on spec file. + +------------------------------------------------------------------- +Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br + +- Moved autocomplete file path from /etc/profile.d to + /etc/bash_completion.d. Then it works with konsole too. + +------------------------------------------------------------------- +Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-beta-1; +- Using -q option on prep section of spec file; +- Using INSTALLED_FILES instead of declaring files; +- Removed dummy changelog section of spec file; +- Update completion bash patch. + +------------------------------------------------------------------- +Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org + +- Update to 1.1.1 due to security issue described at + http://www.djangoproject.com/weblog/2009/oct/09/security/ + +------------------------------------------------------------------- +Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br + +- Removed old tarball file (Django-1.1.tar.bz2). + +------------------------------------------------------------------- +Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de + +- Fix python version check. + +------------------------------------------------------------------- +Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de + +- Don't require python-sqlite2 for python >= 2.6. + +------------------------------------------------------------------- +Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de + +- Build as noarch on factory. + +------------------------------------------------------------------- +Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de + +- don't run bash completion on shells other than bash. Avoiding + error messages produced at login when using other shells. + +------------------------------------------------------------------- +Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br + +- Added bash auto-complete to openSUSE. + +------------------------------------------------------------------- +Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net + +- update to version 1.1 +- add python-django-rpmlintrc to quiet rpmlint complaints about -lang + +------------------------------------------------------------------- +Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de + +- add python-xml to the Requires (./manage.py syncdb crashes + otherwise) + +------------------------------------------------------------------- +Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 1.0 +- Fix build on SLES9 + +------------------------------------------------------------------- +Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de + +- update to version 1.0 final + +------------------------------------------------------------------- +Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 0.96.2 + +------------------------------------------------------------------- +Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca + +- The way simplejson is included in this package is not useful to other + packages. Removed from provides + +------------------------------------------------------------------- +Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de + +- verion 0.96.1 fixes D.o.S attack in the i18n module + +------------------------------------------------------------------- +Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de + +- update to version 0.96 + see http://www.djangoproject.com/documentation/release_notes_0.96 for details +- this package provides python-simplejson too. diff --git a/python-Django.keyring b/python-Django.keyring new file mode 100644 index 0000000..020ef23 --- /dev/null +++ b/python-Django.keyring @@ -0,0 +1,184 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBErcoVkRBACt1HBsLQQ9HeRHrqMbYfWEW3d0KoWzjKU9ZW59oq8ceVCYfhyT +ZKxyLobyed+NhL3SJCE5e4hs5UfyBdS4c8I97MFDKCA5TBu3pMnYGxWje3fSwP6o +RGcP8Ji4/tISclyGrkMruDNzpT93R8H/SixPGFcH7kCp4xQxPBc0esdU4wCg1azF +kUuFijNryusT+i58hVE3dMkD/iAfCh4bcLyZ8aygLZxg3bn3YauJASEjuqVXUgTB +diBdhXnldq0xs2IwQJY1paAajXf5FsjlTVQrQWMtTQ5qWKpQr0lAanufnEDNu6GW +orWBzLaSWQWEkcRALmZS6MBkmVCx/JiIvt0sUxrG4boQ6qYlQYZsaHaAMUZT997v +1ktqA/4kPUfV2gqJuVzWwbhrKhAyhSivmhhe+1lUFa7phRmoMNw7/jXi9OV1lmL2 +ty+0LkeCXUChrXarey4AnPI58aR0xshiAxGEI2jPi+vWkgGblOG3TBoZBH5jV+d2 +/5mmlCs/KkJkdsN+LXR3m5o/oFs7MgGD8pxa1jwK9xcu1xKIqrQyTmF0YWxpYSBC +aWRhcnQgKG5lc3NpdGEpIDxuYXRhbGlhYmlkYXJ0QGdtYWlsLmNvbT6IYgQTEQIA +IgUCTG1snwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQrlwdYDo57Zf7 +lQCeIHmWQQek0zboTqMuy60phrUIzowAn0ONlnzzL0oWiNUpbY8nDsernILWiGAE +ExECACAFAkrcoVkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCuXB1gOjnt +l5FdAKCSLwUJNZXs3WXqKabi2adRcdqZ8gCeLgbbqJ2Dqqaeb3tXK6zWC7ZO9CK0 +NE5hdGFsaWEgQmlkYXJ0IChuZXNzaXRhKSA8bmF0YWxpYS5iaWRhcnRAdWJ1bnR1 +LmNvbT6IZQQTEQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk8oONcC +GQEACgkQrlwdYDo57ZejrgCdFyBg4VipDYmoQ5eOpXe4Vegiwl4AoK00YytEeMvO +EFqZY+qVvqaV3It6iGIEExECACIFAkvrLFwCGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAAAoJEK5cHWA6Oe2XD+QAoK02osWaLzROXg54drLpJMNLs/DGAJ9XlSak +dQv6uX5QFT1QZCp/WwozIrQzTmF0YWxpYSBCaWRhcnQgKG5lc3NpdGEpIDxuYXRh +bGlhLmJpZGFydEBnbWFpbC5jb20+iGIEExECACIFAkvrLBMCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJEK5cHWA6Oe2XrQoAoIpzDPsuwhwuVcelVh3F8q3w +qhk2AKCj6rF6x+kzUwtT6lM8wkUj4x+CgLQ3TmF0YWxpYSBCaWRhcnQgKG5lc3Np +dGEpIDxuYXRhbGlhLmJpZGFydEBjYW5vbmljYWwuY29tPohgBBMRAgAgBQJK3gu6 +AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQrlwdYDo57ZfaNgCfXhjx28H4 +WQ8CjWsdyJU2Kmh44qoAn0zp3TeEFuSPCEBZ0jAR4dwuSrpguQINBErcoVkQCACX +mxZ+acE5irfOe09OclJ+vKxqrnaEpveyLJZzKiWz5GlZLV3gPEMs3Pu0tGtTjadG +CRck2xIYArDz1aPwvM4dHswIy3TyzoSTgW1ybz5TXzkxWDcdwukYm1gKlWMb8JQW +v76KtoiNuY/EIUAaO9M7ZyUPSWunh5CK+ttYKs+KrD8wt8Te7PdsrstUMP2uplOt +I0zKK8P+gcCNZQTZh71Z8WAhZF/tn9LpkE9p0Au3pVEVk7Z8492TO4DySFhBNVEM +IY9KVNiZoEMAaiRUFgG3gPj3MD4wDyaiWp+5b8XQylXcfWsPx3nujLJNUiaJlV4u +Wjv0ZgwMHHLgORAlOJ2rAAMFB/94QWkhOmIzzx0iCob4fILZ2lqTt1fAAbaQxyq/ +LIaI6iSHqebEVVR9OUVTzqNtc0yDifxsbDZXEHmU2qx+aARoYmonxNmNoUS/U6Io +2iPgP1Jwt13dbd284xlgDTx8QO/TjX9lFyvt7AEHIrcHaomwVS0Il7wIfzG24kqX +j17VhD2j/2V6uA7ADAh8u0WFO93i30qNSCaCRphCU4K7gLdHLIp8TsGLdx/gf2mB +5SyhNOkHwEx80kSiFt+H5fER7XQep/w51XybqAt7SsWaIjYLsyMYXyiVdQChwzBd +vusRKv9qjg9eiyHI6aOw6foOUFlpfMx1oeknFDJrjJ3PKUPyiEkEGBECAAkFAkrc +oVkCGwwACgkQrlwdYDo57ZffZACfS9pUk1P5poP86jh8K2K6jpjU0y0AoNQ4ejtn +mpJC4x7FruZyi1wVdkMxmQINBGQu6XIBEADAnmu8HNENZh7UTuu5GfTeFhpmyj5K +yz//txfrm0/b6uTW5TXPgLjuvMzGG8PtaZHRIgZ0gzA+x7T5zKMTaoKs3EvgR5D3 +Y9NjteUWpf8FjvPhN01HZfaZ7yChwHwKobW0JYinNpBh0Cz51unGdLIDtELMaEFO +D8qdcpe63qG111S4G+4hcJUkXt4ALBpSnY9GOhlYQDn+ZDRGk1M9rjeMo+QsIJns +UZRlvBroJyg0toUXclw5QXFGp1+mrjOzKqdD0DmSN7LWlU0yCJB8H5bWZTiPAPOE +SW1Kb3kEW+Qy8YkcH7SkQ7N72wsuIwKJNiddMLZnXeR0Lcvt0t7ftUfs44VEZSwm +V0I7lyZZWr+Pei8nGaLxxCI4OtASXcQ+VVKF/HoR/necD1QmqmuCeiMLmYT5jEPZ +oovOri5onkWIQfjfWeUVErxNi9Uz18mi9P7PfAWOzNCmdkuVqsPtpymyDcKYYh9u +D/CTH9w1B69CRjld6NOfal05fIrfKuVgPvmQnPeCn+KgTBwv8T+mgGVjkBlDGpYy +6Y24s13R6WoawJnjIEjA/Q5QOSDXYtpgF8D3cMW+LUlD9lu2A6OO64H33rInIaut +8IFgKcTf3pXbzh1J6Zs+fcjOryitM7t4Fo1ClJ+DSn4yoUHxP2UEZL6LL0DF6LrE +kJjKxwRp20lPwwARAQABtDFOYXRhbGlhIDwxMjQzMDQrbmVzc2l0YUB1c2Vycy5u +b3JlcGx5LmdpdGh1Yi5jb20+iQJOBBMBCAA4FiEEW1sboQ2FrHxcduOPLugqjZRw +mD4FAmQu6XICGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQLugqjZRwmD56 +rQ//UvzX9/4Eo3HPBMDEIwExjmYGyTqiQQm2KW9Z4U0zQVdeLVF8ZOdaIKn1RBUw +M02RJWI2HjovdLN3LbXpTtQtamSvvU6fv7vy5zLBJdVL9eKXXG+3MPCWDHOqwp/u +L/4lq0pUy5ejb4AnIQw1RIQiz6/pprDzgF0celWLhL3krxEqts76X1Jv9wCIYMXV +3reCBqpcfIqWQETLP/NdPVcOIRv0al1qcBw2hUOvEyx72n+17Hb30rFQp+35BaZZ +IjnL3H6pATgjk52EiDdRkyWL9CFrbJ/wkbAvEO29GcUPg1+bT6UZq8LKXyDs/WSL +UkxQ/6w8DzicBiFj/oT7GSMr8KfO4YUMzh/kAFA4v8Q+a53Dq1Icbk9LqkWpu1pA +Hopw3lpGdADuC0z/iYO/U04uUSN5YGyUUOgk5w+CkV8NuL/g2yniNf9AXrbt4ByI +V7cqBt9qdS6z6leuW1M8yrPhX1IcKKqj25sPKAgzp3A6Bt7orr1NZGOVJ4alR4ff +pYvq+wfmIPKf0AbzHGOkYjF4BMvkLRchhi28q+qX5cCuMr+aoqKUtJ2IFiXsvbFN +k0aYWUr5y5qSJoAVf0GMkByQW6+F6bXRRdCpS/JX5JA8qrYp+oV8VhveOOslHVqj +ILAlkMMXoTx6G79DdvQ87fdb4+aIQ96U4T8B6zMxazvmU1i5Ag0EZC7pcgEQAL9n +X/eaWY+v4GgeGjRIWmmrjMBYyeeyJIyL9Mk3iyH/gIOnTDmlX+njjyvyWKfMYIl1 +HmMtzlF3OgsuLeekwbDrXA8xvslp1xmiKLOamPvXwPG/XqkJrYtzVUDEFCtRpEJ0 +c38d+P8WEMjbviyIwJ9PxLllamEK61dRtj1NCMc/Ix4+b54UHxi44Jz1bqQxfgjj +u2o8sPnyZio+DRFWVE3Eocp0rdZ3rlKjUsBXKEElTuIScoKjGwKwaMfxoBgwRhzx +oESwk8CqlH7WzNookx1M1/JjKYdrwln2aNuChtlKLRmUqT7qqTNtett2vy73VM3b +zfXdor94S3q+YtMEvNbo9QCzn6La7HOx+PMm8XM2d9aC7Hz4FBK0xIQB+HLZEIhP +7KQ7GJ2Xn3LStyoO5K64uqi2X2YjsYUcPzvI3uUK+gtH3H1SSIazh7UAUbcEuo7N +K8vF9Vtqp6S2qkjoeV6Dnvy+6735b1WIBZieAmbKaz74IW1IP0lZn3pXeRFo2Wjq +Ojf8zkNacf61exysAkGU2fubsXSZxuxc8DVXKbkpK69tXDSOUmSKTBPVzzmIM79S +yYH1MMRZqQ52Y471qiEZxEPasJXIEVcWbdJxEC/eEiuptPAtojRQH6kJ/AF3Z9Xd +eBaxyuMQ249jqTYwjCehfumTbhP5VhO3QOxs31G/ABEBAAGJAjYEGAEIACAWIQRb +WxuhDYWsfFx2448u6CqNlHCYPgUCZC7pcgIbDAAKCRAu6CqNlHCYPhz3EACx3Hqf +KUMeqUTVOiDyHguBr1FrhMtU5m/nkjdbLWlBHOGHkM4RNDNQTPyQb/C8vcuHYv5l +DPFrzOawdjTyFCuo6f0TMIx38Bbjxo9C8XTnvKbUpyTEQ3dJm67ppF4n6cui+0IC +UefzPkkCbdIPzt2pYopMDB4Hv4Yv6hqeq987Iz1erh7dQe1TDTxIv9PXLYZT60Ro +K0+g+caU9LwVjYiLoeCM1Zhndy6fDV5mu3ctEzcqr/YVH9kDZAuF0O1SX9y42neJ +7hictnE0KrRymVL5d9pp2WKtPny+itSax/a///Q43m1gA9KFuKHtOuGUpYzf76FS +Ld0cC4xjDpPcVTGc8To4+CjNTIrjzbBYa3JU/3J2kwyEw/k1EucRb/RFPbklUSph +Kmd2ewcDLUvcasTwoR/0uplA8gAuV1x7wPBgAW7kmpjiQevl1KLj08HA/jTdfrdx +Yd1GGiNjBmHGu9C8YZ/7fJU50dhv4jWF4dw8OyXtAI4wk5aoJHsJ5iGIMVOVzNLe +mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe +SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv +eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA== +=ul9f +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k +cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW +qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR +vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa +bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz +mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB +a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3 +okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl +EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93 +KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+ +iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm +j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu +NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev +BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK +waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1 +CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC +1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5 +AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi +IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H +MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW +4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C +aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS +h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i +SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU +PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu +tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb +pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA +AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV +sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7 +G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk +334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf +07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj ++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK +qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL +5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8 +BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF +z+gZLcBuv/NdNg== +=B8gH +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGV2bPUBEADQ/fSfsrdv/aGrUmyQ1ZmZNSDqlH8GXQH+LQiqOc5QjSgq09kv +YC5H3+yRmj4ENYJrD48Mce54k99U6LXhIopmPnCwnQjhpkXFqaZt8KtlhL/5VhIc +BFSodLkEFENWzpuxOkshOJYU8RxLO6MPQGKkokEGhxUHnNW5kwmGa93Iscu04SZR +L2pAHfYsnxB2Z5HAl4Os6iy7CKP8T5UQhGxwxojvjPyRJTb3IUDifjafPl4kbQyN +GdpgVnjHQtOzoVcXCsU4ig105IzydIf5BTYng3+idmlhQ1u8JzGETdlBvCtxg1K2 +FmGD6IFzyvksdf44DNmxXmGnpMJK3y0+dpFzo33YBE3kFnYm57bwY55tdKmGnDyK +rR/1mARVOLQQYrDT6hgggNwRfqpTk28nU463LnXrLS89zaOxGQhfLm7w9kZ69WDd +UpI4RdZjA/klQJhPmLS7b8YmmZstvoZitsMgpPiexO+x7igMvWvuNyE8QL2EZ54K +6ojVObAdIbQe4LbiYCSut81F6e6tRsX3Jb46y5iUCZEkHvGsrZW6V1l/AIuYBecO +Xr5mmk5W4TpUlXTnyDFJr/FFtWfR1j2Z3ti+pZqAO4GUEUAjox+Dz/shKpmen7Qm +aj/Y/nuvD70B3c5XTWn62zTXVPYVX76sDnIuVsh/kORSP32OqMkesFKT9QARAQAB +tCdKYWNvYiBXYWxscyA8amFjb2J0eWxlcndhbGxzQGdtYWlsLmNvbT6JAlQEEwEI +AD4WIQRT1GlC4Aaio+7ci8gTFAP00W2NxwUCZXZs9QIbAwUJB4Ye+wULCQgHAgYV +CgkICwIEFgIDAQIeAQIXgAAKCRATFAP00W2NxwWVD/9ZTx8q3qsAXfOaWUNugaDM +oyUMa4bURfk82AXLVDju9fQQv/5wDlvQ+ejMDHE0pnvmQSa8bTol8y2IXO9Kl3ak +0NU3oOh3iJKk3q+FtxibGmIM5i095h2T97IBKJrZf6I1O0a9ZfMMDXbVpTeGIRDf +b55G6GG1jhdJa3SgtudUcGizlM0i7UrntUktmbnvWyYzbjWIKdYRq2W7vlEgKvNs +NZFVeO1KqLR92xUAIL+V7HtQ3TetyanYRH91Q8fZR9p+ScEOKJyfrpRa/IfrJKlg +k6MOqGeVaOd4nOX042S1+u0TU7HrVVVhL+Vru4utSYg9ZucM06wZOgR0A6Vay7Ap +Y43nGxRhc//auOJSh4nIQmtyup5+YiyKhynEnSF3pGuKXy64wVOO9XdW69bmyRxz +gAz4W5yTjmNBkQUYAGteJXo4fhDxWYzmeAIE7l5StTbgSZNLbndwmiWEyy8WzJtp +5xzluh+//39D+TUStZKG1MerhqnmJj3CBSTeeiKpW9QOtC4y2vuWzNp3XHS9FjeW +GOz5seJ5VDokkzP05XOfJ9SyblFAOW/Zteh2wdOb+S+/pUz+OukwPZthMwRsl0Dc +U+fx2mK+9I9TBJWgUHO1aXm6FlcyDnSlzc5oM4wXKF4sqByjjuCtYzK8UtEwlKNm +Pyboq4Y5RhYrW63LDl+SerkCDQRldmz1ARAAvkmAuvLXwZ86mubWYQFsmy3UKxdF +cewS8XikjsEZPvf0kYgi9wlMTRDvWlEmNGp9r4NWH36zm6uBjK9hxn+rNsiqkYez +MPTgwvxruSJWJPaFqK096Y8AMuk9SobMsydtlxuChQ3RwYo+j/v1csAdD88igzjW +3HKCzJ0e76ILdfbqlh8tJ+nbXvFgVVV2+vV996PTp4dQedc4/VzFGv00Mejkmhd3 +nUBqdmG9mgqR4LK5xWCHXSVqgdVeH0urOiEN57aOie/30q6IegkfrKCSq1zGJE5o +WApzrOqo0UEDDND6PXDuLvzVuot3M/YvKjUXx8FatJC5BLSH0I9AKBWqPGvjk07V +IoI0CexyKoJKIkGl/ZUyRsorqmqg1671HUYNAFEbIwxeJUQkjTwqUxGXSjei7t8a +wzuZsA81lhXpwt6DfuQQ9XkDrc4dfyEuvkV9PforZxz8dVlDiORw3hPYqBjbU0hy +6D4Ytq3f88azYvZF8GE4uSYzvN6XeRhLr1hnfAFfGQFdNwg4qufjo8QYoQsYe6RZ +uenL1z5vkGRUz03l11GiaOqEJDJTy3dGACeQqAjjno8UL9Nb7PUWfnZL41zOGL8s +DHee7hX2+hsRPMoiqCzJrCjU52G5qGEB8d44VjNM8y435jyfBAh8ugv4rsSonzy+ +ASe0msXK6bLxAy0AEQEAAYkCPAQYAQgAJhYhBFPUaULgBqKj7tyLyBMUA/TRbY3H +BQJldmz1AhsMBQkHhh77AAoJEBMUA/TRbY3HlA0QAI4DQ3MNfkpIZw/aKEetCaVB +LIVEfugoDcUQxiwc00G1aEuxpBdnfT5wFzUodUFJuIntGcYUMJwvAC3RB4ZANuoP +F2j/2JIp42GYhBjNSyy0ix/E2C/95HZDzsvDB4EZ0VMvec+MgAweTZhxZfdCsmId +lMWFfn3UM5FhtsOqLmw11T/6PdDgcyomrsp4ghHph9dJvMGiqXjysTSg3OMxzQeU +lzjX+6C4dY6AcpqAkeG+zRUYSQKsHQwSOxK7zon/hAA2+Gbvu+pzr0jHnatX8Fkd +eOBc6xZpnoQcubj/PXEBhXV4868jW/RNRG5ZXoQpnf63R0616JePkUKnXxs61JD9 +oBuERUPn+HK346QNgNDRhzAufPYsXlPOPtU6poZqinMhsbcpW5Konjp2yLVwosXn +UPGLzZZHy9csF3VcWV96bM8WUEkFNfflisi1nE7yqC/CKgUjK0HUFDhyNHuCICTC +e9tvw2epbaLkid0NxV+a0RWWiUq2kMeTBUezVC27P+LAZ8aTZxHPyERtJlBgTCfm +1hWJ3CcIc4LT54AS3allzTv0f6iHX9WpJhfr3WPIY1Xt/d466l3VSofktwmpTEr2 +DAECOit/CE1rFy1C+MHinAUX6C7ajg6msIE6uZHFrbHlSU8/WrbvZ1e4Nc7w7e/N +R182g26K1DaCZphtoq8Z +=0YqB +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python-Django.spec b/python-Django.spec new file mode 100644 index 0000000..7a5630e --- /dev/null +++ b/python-Django.spec @@ -0,0 +1,164 @@ +# +# spec file for package python-Django +# +# Copyright (c) 2025 SUSE LLC and contributors +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# Selenium and memcached are not operational +%bcond_with selenium +%bcond_with memcached +%{?sle15_python_module_pythons} +%if 0%{?suse_version} > 1500 +%bcond_without libalternatives +%else +%bcond_with libalternatives +%endif +Name: python-Django +Version: 5.2.7 +Release: 0 +Summary: A high-level Python Web framework +License: BSD-3-Clause +URL: https://www.djangoproject.com +Source: https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz +Source1: https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt +Source2: %{name}.keyring +Source99: python-Django-rpmlintrc +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. +# fixed and refined upstream, but some of our interpreters weren't updated to a new version yet and still only carry the patch, so providing the non-conditional version +Patch0: test_strip_tags.patch +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25. +Patch1: support-msgfmt-0.25.patch +BuildRequires: %{python_module Jinja2 >= 2.9.2} +BuildRequires: %{python_module Pillow >= 6.2.0} +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module argon2-cffi >= 19.1.0} +BuildRequires: %{python_module asgiref >= 3.7.0} +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module bcrypt} +BuildRequires: %{python_module docutils} +BuildRequires: %{python_module geoip2} +BuildRequires: %{python_module numpy} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytz} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module sqlparse >= 0.3.1} +BuildRequires: %{python_module tblib >= 1.5.0} +BuildRequires: %{python_module wheel} +BuildRequires: %{pythons} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: python +Requires: python-asgiref >= 3.7.0 +Requires: python-sqlparse >= 0.3.1 +Requires: python-tzdata +Recommends: python-Jinja2 >= 2.9.2 +Recommends: python-Pillow >= 6.2.0 +Recommends: python-PyYAML +Recommends: python-argon2-cffi >= 19.1.0 +Recommends: python-bcrypt +Recommends: python-geoip2 +Recommends: python-pylibmc +Recommends: python-pymemcache +Provides: python-django = %{version} +Obsoletes: python-django < %{version} +Provides: python-South = %{version} +Obsoletes: python-South < %{version} +BuildArch: noarch +%if %{with libalternatives} +BuildRequires: alts +Requires: alts +%else +Requires(post): update-alternatives +Requires(postun): update-alternatives +%endif +%if %{with memcached} +BuildRequires: %{python_module pylibmc} +BuildRequires: %{python_module pymemcache} +%endif +%if %{with selenium} +# python-selenium is supported only on the Intel architecture. +# Additionally chromedriver is only available on x86_64. +%ifarch %{ix86} x86_64 +BuildRequires: %{python_module selenium} +BuildRequires: chromedriver +BuildRequires: xvfb-run +%endif +%endif +%python_subpackages + +%description +Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. + +%prep +# The publisher doesn't sign the source tarball, but a signatures file +# containing multiple hashes. +gpg --import %{SOURCE2} +gpg --verify %{SOURCE1} +# +# Verify hashes in that file against source tarball. +echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-32` %{SOURCE0}" | md5sum -c +echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-40` %{SOURCE0}" | sha1sum -c +echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-64` %{SOURCE0}" | sha256sum -c + +%autosetup -p1 -n django-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install + +%python_clone -a %{buildroot}%{_bindir}/django-admin + +%{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%%{_datadir}/bash-completion/completions/django_bash_completion-%{$python_bin_suffix}.sh +# Fix wrong-script-interpreter +sed -i "s|^#!%{_bindir}/env python$|#!%{_bindir}/$python|" \ + %{buildroot}%{$python_sitelib}/django/conf/project_template/manage.py-tpl +} +%python_compileall +%{python_expand # +%fdupes %{buildroot}%{$python_sitelib}/django/ +%fdupes %{buildroot}%{$python_sitelib}/Django-%{version}-py*.egg-info/ +} + +%check +export LANG=en_US.UTF8 +export PYTHONDONTWRITEBYTECODE=1 +%if %{with selenium} +export PATH=%{_libdir}/chromium:$PATH +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} xvfb-run $python tests/runtests.py -v 2 --selenium=chrome +%else +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2 +%endif + +%pre +%python_libalternatives_reset_alternative django-admin + +%post +%{python_install_alternative django-admin} + +%postun +%{python_uninstall_alternative django-admin} + +%files %{python_files} +%doc AUTHORS README.rst +%license LICENSE +%python_alternative %{_bindir}/django-admin +%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh +%{python_sitelib}/django +%{python_sitelib}/[Dd]jango-%{version}*-info + +%changelog diff --git a/support-msgfmt-0.25.patch b/support-msgfmt-0.25.patch new file mode 100644 index 0000000..535692a --- /dev/null +++ b/support-msgfmt-0.25.patch @@ -0,0 +1,69 @@ +From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001 +From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com> +Date: Fri, 6 Jun 2025 04:58:29 +0800 +Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii + compatible with msgfmt 0.25. + +--- + tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py +index 4b0bb9f6bb1..3a57dbf0765 100644 +--- a/tests/i18n/test_compilation.py ++++ b/tests/i18n/test_compilation.py +@@ -1,5 +1,6 @@ + import gettext as gettext_module + import os ++import re + import stat + import unittest + from io import StringIO +@@ -8,10 +9,12 @@ + from unittest import mock + + from django.core.management import CommandError, call_command, execute_from_command_line +-from django.core.management.utils import find_command ++from django.core.management.utils import find_command, popen_wrapper + from django.test import SimpleTestCase, override_settings + from django.test.utils import captured_stderr, captured_stdout + from django.utils import translation ++from django.utils.encoding import DEFAULT_LOCALE_ENCODING ++from django.utils.functional import cached_property + from django.utils.translation import gettext + + from .utils import RunInTmpDirMixin, copytree +@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self): + + + class CompilationErrorHandling(MessageCompilationTests): ++ @cached_property ++ def msgfmt_version(self): ++ # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt ++ # version should align to gettext. ++ out, err, status = popen_wrapper( ++ ["msgfmt", "--version"], ++ stdout_encoding=DEFAULT_LOCALE_ENCODING, ++ ) ++ m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out) ++ return tuple(int(d) for d in m.groups() if d is not None) ++ + def test_error_reported_by_msgfmt(self): + # po file contains wrong po formatting. + with self.assertRaises(CommandError): +@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self): + call_command( + "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr + ) +- self.assertIn("' cannot start a field name", stderr.getvalue()) ++ if self.msgfmt_version < (0, 25): ++ error_msg = "' cannot start a field name" ++ else: ++ error_msg = ( ++ "a field name starts with a character that is not alphanumerical " ++ "or underscore" ++ ) ++ self.assertIn(error_msg, stderr.getvalue()) + + + class ProjectAndAppTests(MessageCompilationTests): diff --git a/test_strip_tags.patch b/test_strip_tags.patch new file mode 100644 index 0000000..f06403f --- /dev/null +++ b/test_strip_tags.patch @@ -0,0 +1,49 @@ +From 578ef30376fd279865d1719fcad064a00c625a6b Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Mon, 14 Jul 2025 14:45:03 -0300 +Subject: [PATCH] Fixed #36499 -- Adjusted + utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's + HTMLParser new behavior. + +--- + tests/test_utils/tests.py | 4 ++-- + tests/utils_tests/test_html.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +Index: django-5.2.6/tests/test_utils/tests.py +=================================================================== +--- django-5.2.6.orig/tests/test_utils/tests.py ++++ django-5.2.6/tests/test_utils/tests.py +@@ -945,10 +945,10 @@ class HTMLEqualTests(SimpleTestCase): + self.assertHTMLEqual("", "

            ") + error_msg = ( + "First argument is not valid HTML:\n" +- "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" ++ "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))" + ) + with self.assertRaisesMessage(AssertionError, error_msg): +- self.assertHTMLEqual("< div>", "

            ") ++ self.assertHTMLEqual("", "
            ") + with self.assertRaises(HTMLParseError): + parse_html("

            ") + +Index: django-5.2.6/tests/utils_tests/test_html.py +=================================================================== +--- django-5.2.6.orig/tests/utils_tests/test_html.py ++++ django-5.2.6/tests/utils_tests/test_html.py +@@ -162,13 +162,13 @@ class TestUtilsHtml(SimpleTestCase): + ("&h", "alert()h"), + ( + ">" if htmlparser_fixed else ">", + ), + ("X<<<
            br>br>br>X", "XX"), + ("<" * 50 + "a>" * 50, ""), + ( + ">" + "" if htmlparser_fixed else ">" + "", + ), + (" Date: Thu, 6 Nov 2025 09:57:16 +0000 Subject: [PATCH 6/6] - Update to 5.2.8 (bsc#1252926) * CVE-2025-64459: Potential SQL injection via _connector keyword argument * Added compatibility for oracledb 3.4.0 * Fixed a bug in Django 5.2 where QuerySet.first() and QuerySet.last() raised an error on querysets performing aggregation that selected all fields of a composite primary key. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=218 --- .gitattributes | 23 + .gitignore | 1 + Django-5.2.6.checksum.txt | 66 + Django-5.2.7.checksum.txt | 67 + Django-5.2.8.checksum.txt | 68 + django-5.2.6.tar.gz | 3 + django-5.2.7.tar.gz | 3 + django-5.2.8.tar.gz | 3 + python-Django-rpmlintrc | 5 + python-Django.changes | 3078 +++++++++++++++++++++++++++++++++++++ python-Django.keyring | 184 +++ python-Django.spec | 164 ++ support-msgfmt-0.25.patch | 69 + test_strip_tags.patch | 49 + 14 files changed, 3783 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Django-5.2.6.checksum.txt create mode 100644 Django-5.2.7.checksum.txt create mode 100644 Django-5.2.8.checksum.txt create mode 100644 django-5.2.6.tar.gz create mode 100644 django-5.2.7.tar.gz create mode 100644 django-5.2.8.tar.gz create mode 100644 python-Django-rpmlintrc create mode 100644 python-Django.changes create mode 100644 python-Django.keyring create mode 100644 python-Django.spec create mode 100644 support-msgfmt-0.25.patch create mode 100644 test_strip_tags.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Django-5.2.6.checksum.txt b/Django-5.2.6.checksum.txt new file mode 100644 index 0000000..e24bd5a --- /dev/null +++ b/Django-5.2.6.checksum.txt @@ -0,0 +1,66 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.6, released September 3, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``3955B19851EA96EF`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + +or via the GitHub API: + + curl https://github.com/sarahboyce.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.6.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.6/tarball/ +https://www.djangoproject.com/download/5.2.6/wheel/ + +MD5 checksums +============= + +1f0327293cc3768903ce8cd390ec3f47 django-5.2.6.tar.gz +fca0005922f8db95eb97108e3d8e0b24 django-5.2.6-py3-none-any.whl + +SHA1 checksums +============== + +ada4c057790d255039ac5fe3a31378e5fde0417a django-5.2.6.tar.gz +f92e94e9ab2e21f3d681918d67b15e7e54d348f6 django-5.2.6-py3-none-any.whl + +SHA256 checksums +================ + +da5e00372763193d73cecbf71084a3848458cecf4cee36b9a1e8d318d114a87b django-5.2.6.tar.gz +60549579b1174a304b77e24a93d8d9fafe6b6c03ac16311f3e25918ea5a20058 django-5.2.6-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmi4JLQtHDQyMjk2NTY2 +K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv +rLQL/AmvGY0A1mnf22ZarnqGyH1pRyC7ZrhX2XtoCN6rOjYHleXDqjCIRnbJPnSP +QoKVj6C0xiWsueetEWdrQd2iwgwuAir2dZ0x4TR9ejmVqUUb/R5BakqjZ7g46lsy +GOvU+MlQjzbu1sh0T2G7DC/z019v3+/3lHGpI4HkUFpIb6EOybKW61+MbZZqQMyY +EC/bYEIzfmoJN0Hyi9FoFx0aE/kMpeEYn6wXmEVUfpW7xqXy5AsA2VpU1/nbu0xS +2R+rOljxTSTvqZknDQhr3WbS6D8m/odlcF59pVNzuBwPChz78o6PtwKLitaUy1sp +LOiunKvQYU7Syt4yz+ro+5S+4bcCsIArOe4SKvkMOCi6pFxyXNz0a8PYXpCbg5ER +PQD6RhUbpz2FFMBTeGjPM4JhrIA06A4goX0Q6PHvOLDPg1WlopSKMu5BBGL7fr/O +7jfGeDf5qKIIJ9ZfZS/flS/ebxm8cG9sF7gpbganJC0TnOWmKLdPYQzLia4zFx3f +pj+RwA== +=g/HH +-----END PGP SIGNATURE----- diff --git a/Django-5.2.7.checksum.txt b/Django-5.2.7.checksum.txt new file mode 100644 index 0000000..9288589 --- /dev/null +++ b/Django-5.2.7.checksum.txt @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.7, released October 1, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``131403F4D16D8DC7`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 131403F4D16D8DC7 + +or via the GitHub API: + + curl https://github.com/jacobtylerwalls.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.7.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.7/tarball/ +https://www.djangoproject.com/download/5.2.7/wheel/ + +MD5 checksums +============= + +699a77ac347ca3484939762483dc4b08 django-5.2.7.tar.gz +30df887c6ba5244acd04a278f8481a06 django-5.2.7-py3-none-any.whl + +SHA1 checksums +============== + +bce22898e62c431f76348b8aae1f5d4cea7591dc django-5.2.7.tar.gz +42b63a5c8bb660e8235cd56ae18b39dce593c7ce django-5.2.7-py3-none-any.whl + +SHA256 checksums +================ + +e0f6f12e2551b1716a95a63a1366ca91bbcd7be059862c1b18f989b1da356cdd django-5.2.7.tar.gz +59a13a6515f787dec9d97a0438cd2efac78c8aca1c80025244b0fe507fe0754b django-5.2.7-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmjdIyIACgkQExQD9NFt +jccrNhAAxBJuzYdRSWlL0lRJO/H14bZsOqzxGzLFx7uytj6mSrIWxc5+aStdkQM3 +DxDY8h9jcBqm2d7qSe0enPmqTCJKjZGgPOGDHl/d8p/cZ3l5ClEqrXw9QHiK0jff +WBdFQBSQ1YD/ZQ/W7RSgeWE3fD2Vrp7FrGMRIoy0GIJ5Fm2MDv+xi4epj/BWYNjI +MNu4dHwquo3Dfb5tdFmfjkTP9YDKbAAlEqFoj9VbtSzuhk/waTuIOqt8oOH1m7hF +fd+7+DXtYpRCQ/cw58qozG3yfgnf9loQevRfmQQa5RthEuXmixyVPrwASM6AJ+P9 +HdDS4p85+sHqyi/idXzkzml7WnTBtBMd8o9/2sVoWSEzQ8mUZ32NeMWE+A0u7hsl +krhnu1vJiqsJjAufbKZtjiuZwLHrt2iAQW1eRiW+pUGWMfqMidcMl88X1dFL3zI2 +Lgc4tt1607JRGA4aLoS0u2JQYsTu23I6fWklGq0ZxfkiAYPZ5H8o1vzk6gu+915b +0tySfttPk7DU4Qih7OLXHNeInPFSSUaKMzuKRKozWDFscHjTfxzzabCtuOP0hUCH +7ReoUJzUosxgvds8LoL07b3yP9qvA1IGDgseBxFlW3Vqv5GTwWQsTWwfVgxgP+tN +LXzQviPgWINscDdwx2uyYWpYFCCIOMYYL5pbBdb//ahug90gweM= +=RaIt +-----END PGP SIGNATURE----- diff --git a/Django-5.2.8.checksum.txt b/Django-5.2.8.checksum.txt new file mode 100644 index 0000000..282acdf --- /dev/null +++ b/Django-5.2.8.checksum.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the +source-code tarball and wheel files of Django 5.2.8, released November 5, 2025. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``2EE82A8D9470983E`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E + +or via the GitHub API: + + curl https://github.com/nessita.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify Django-5.2.8.checksum.txt + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages +================ + +https://www.djangoproject.com/download/5.2.8/tarball/ +https://www.djangoproject.com/download/5.2.8/wheel/ + +MD5 checksums +============= + +0268c52cb99bb764490fdd90502def32 django-5.2.8.tar.gz +60ed4555e2f91cc881b2293ad78bf423 django-5.2.8-py3-none-any.whl + +SHA1 checksums +============== + +41d50f7b49e3c60ad0e3e873c1474f883640d179 django-5.2.8.tar.gz +50d9ad23cef8ebe6cc7d17004e65ae6b5dbabc37 django-5.2.8-py3-none-any.whl + +SHA256 checksums +================ + +23254866a5bb9a2cfa6004e8b809ec6246eba4b58a7589bc2772f1bcc8456c7f django-5.2.8.tar.gz +37e687f7bd73ddf043e2b6b97cfe02fcbb11f2dbb3adccc6a2b18c6daa054d7f django-5.2.8-py3-none-any.whl + +-----BEGIN PGP SIGNATURE----- + +iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmkLRQooHDEyNDMwNCtu +ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPsFxD/4h +zgUToQHe7WgIhVOHKe2ARgXDhA/4yooteYTLoFl6vFzt4r+h+7/3LH8/XucJwYWa +O9SimNT0MhtcWKM0l3jczGMhr3pH7zeBUExtzyPVyycTyQ5KgbDVEgf+w4ua+Jo3 +BzQBnUkJN9Ofc/uQqIAj0X3zjp9NE7uNZpOLzpRUwulrUQ7ieFAAhs3JrCM2mmTF +KnudQkY50zIHy9OX8mSvF8OslFQ9Z84ZPlHfqaQzN6uDNIRujMu9sSbvbiWgpQ9h +Tp/MVRppmlKXcZjM5M+vT0sqT4Ac/OepkSSVMSKAKHNPOpsG3wC/ouclkgG6Wv2Z +6r6Ea2LND8HoMHUhScir558g3pF6p9NW5vrK3Qd7cS4G6idv2eVzzHqYH8WORG9s +5HnldOGhRF6ONAwSveEbViQ6/fzWYsROrCa5+IOfELtg7Uc+ji3eQSqFvyR7rPxt +Ux+LVvgWfODNEjTlrqZQDaPDU4P7gy6So5vzXe+eciyyNxgftmlpWSHMliXcYjxo +gxUh6EPjklxFQ8fmFecCz57CJ0oXT2qB3iNDyTft3qqetgWeJ72d9rVMLLXmHLOe +oRKFS3QXXBr+sIdxWB2Fgu2g8X5ky3O9wIgN7OzQ2p4pCja+NSmxlhJxJwUomgjA +UHvOPP6hwSp1TQdcoauXD72A+t0TkYLuZ03Dfzkh1Q== +=ci0h +-----END PGP SIGNATURE----- diff --git a/django-5.2.6.tar.gz b/django-5.2.6.tar.gz new file mode 100644 index 0000000..4d5759a --- /dev/null +++ b/django-5.2.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:da5e00372763193d73cecbf71084a3848458cecf4cee36b9a1e8d318d114a87b +size 10858861 diff --git a/django-5.2.7.tar.gz b/django-5.2.7.tar.gz new file mode 100644 index 0000000..3211f25 --- /dev/null +++ b/django-5.2.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e0f6f12e2551b1716a95a63a1366ca91bbcd7be059862c1b18f989b1da356cdd +size 10865812 diff --git a/django-5.2.8.tar.gz b/django-5.2.8.tar.gz new file mode 100644 index 0000000..8150ddf --- /dev/null +++ b/django-5.2.8.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:23254866a5bb9a2cfa6004e8b809ec6246eba4b58a7589bc2772f1bcc8456c7f +size 10849032 diff --git a/python-Django-rpmlintrc b/python-Django-rpmlintrc new file mode 100644 index 0000000..0159bae --- /dev/null +++ b/python-Django-rpmlintrc @@ -0,0 +1,5 @@ +addFilter("file-not-in-%lang") +# Empty model.py files should be kept around: +addFilter("zero-length") +# Bash completion isn't config: +# addFilter("non-conffile-in-etc /etc/bash_completion.d/django_bash_completion*") diff --git a/python-Django.changes b/python-Django.changes new file mode 100644 index 0000000..3143513 --- /dev/null +++ b/python-Django.changes @@ -0,0 +1,3078 @@ +------------------------------------------------------------------- +Thu Nov 6 07:20:08 UTC 2025 - Markéta Machová + +- Update to 5.2.8 (bsc#1252926) + * CVE-2025-64459: Potential SQL injection via _connector keyword argument + * Added compatibility for oracledb 3.4.0 + * Fixed a bug in Django 5.2 where QuerySet.first() and QuerySet.last() + raised an error on querysets performing aggregation that selected all + fields of a composite primary key. + +------------------------------------------------------------------- +Thu Oct 2 09:41:30 UTC 2025 - Markéta Machová + +- Update to 5.2.7 (bsc#1250485, bsc#1250487) + * CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), + aggregate(), and extra() on MySQL and MariaDB + * CVE-2025-59682: Potential partial directory-traversal via archive.extract() + * Fixed a regression in Django 5.2 that reduced the color contrast of the + label of filter_horizontal and filter_vertical widgets within a TabularInline + +------------------------------------------------------------------- +Thu Sep 4 10:02:00 UTC 2025 - Markéta Machová + +- Update to 5.2.6 (bsc#1248810) + * CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases + * Fixed a bug where using QuerySet.values() or values_list() with a ForeignObject + composed of multiple fields returned incorrect results instead of tuples of + the referenced fields +- Rebased test_strip_tags.patch + +------------------------------------------------------------------- +Tue Aug 12 10:52:26 UTC 2025 - Markéta Machová + +- Update to 5.2.5 + * Fixed a regression in Django 5.2.1 that prevented the usage of UNNEST + PostgreSQL strategy of QuerySet.bulk_create() with foreign keys + * Fixed a crash in Django 5.2 when filtering against a composite primary key + using a tuple containing expressions + * Fixed a crash in Django 5.2 when validating a model that uses + GeneratedField or constraints composed of Q and Case lookups + * Added compatibility for docutils 0.22 + * Fixed a crash in Django 5.2 when using a ManyToManyField on a model with + a composite primary key, by extending the fields.E347 system check +- Convert to libalternatives on SLE-16-based and newer systems + +------------------------------------------------------------------- +Fri Aug 1 02:09:01 UTC 2025 - Steve Kowalik + +- Reinstate Requires on tzdata, a lot of packages use it. + +------------------------------------------------------------------- +Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik + +- Add patch support-msgfmt-0.25.patch: + * Support msgfmt 0.25 error messages changes. (bsc#1246966) +- Remove unneeded Requires on tzdata. + +------------------------------------------------------------------- +Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová + +- Add upstream test_strip_tags.patch to fix test errors with + at-this-point future python interpreters + +------------------------------------------------------------------- +Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová + +- Update to 5.2.4 + * Fixed a log injection possibility by migrating remaining response logging + to django.utils.log.log_response(), which safely escapes arguments + such as the request path to prevent unsafe log output (CVE 2025-48432). + * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to + incorrectly convert None to JSON null instead of SQL NULL for JSONField + * Fixed a regression in Django 5.2.2 where the q parameter was removed from + the internal django.http.MediaType.params property + * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type() + incorrectly preferred more specific media types with a lower quality + * Fixed a crash in Django 5.2 when performing an __in lookup involving a + composite primary key and a subquery on certain backends + +------------------------------------------------------------------- +Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová + +- Update to 5.2.2 (bsc#1244095) + * CVE-2025-48432: Potential log injection via unescaped request path + * Fixed a crash when using select_related against a ForeignObject + originating from a model with a CompositePrimaryKey + * Fixed a regression in Django 5.2 that caused a crash when no + arguments were passed into QuerySet.union(). + * Fixed a regression in Django 5.2 that caused a crash when using OuterRef + in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg. + * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not + account for media type parameters in Accept headers, reducing specificity + in content negotiation. + +------------------------------------------------------------------- +Mon May 12 08:20:40 UTC 2025 - Markéta Machová + +- Update to 5.2.1 (bsc#1242210) + * This release was built using an upgraded setuptools, producing + filenames compliant with PEP 491 and PEP 625 and thus addressing + a PyPI warning about non-compliant distribution filenames. This + change only affects the Django packaging process and does not + impact Django’s behavior. + * CVE-2025-32873: Denial-of-service possibility in strip_tags() + * Fixed a data corruption possibility in file_move_safe() when + allow_overwrite=True + * Fixed a regression introduced when fixing CVE 2025-26699, where + the wordwrap template filter did not preserve empty lines between + paragraphs after wrapping text + * Fixed many bugs and regressions in Django 5.2, see upstream changelog + +------------------------------------------------------------------- +Tue Apr 22 15:46:20 UTC 2025 - Markéta Machová + +- Add missing runtime dependency on tzdata + +------------------------------------------------------------------- +Mon Apr 7 15:02:18 UTC 2025 - Markéta Machová + +- Update to 5.2 + * Django 5.2 is designated as a long-term support release. It will receive + security updates for at least three years after its release. + * Django 5.2 supports Python 3.10, 3.11, 3.12, and 3.13. + ** What’s new in Django 5.2 ** + * Automatic models import in the shell + * Composite Primary Keys + * Simplified override of BoundField + * ... and many more smaller features + ** Backwards incompatible changes in 5.2 ** + * Database backend API changes + * Dropped support for PostgreSQL 13 + * Changed MySQL connection character set default + * ... and more, see upstream changelog + ** Features deprecated in 5.2 ** + * The all argument for the django.contrib.staticfiles.finders.find() + function is deprecated in favor of the find_all argument. + * The ordering keyword argument of the PostgreSQL specific aggregation + functions is deprecated in favor of the order_by argument. + +------------------------------------------------------------------- +Mon Apr 7 14:19:10 UTC 2025 - Markéta Machová + +- Update to 5.1.8 + * CVE-2025-27556: Potential denial-of-service vulnerability in + LoginView, LogoutView, and set_language() on Windows + * Fixed a regression in Django 5.1.7 where the removal of the single_object + parameter unintentionally altered the signature and return type of + LogEntryManager.log_actions() + +------------------------------------------------------------------- +Sun Mar 30 08:28:57 UTC 2025 - Dirk Müller + +- update filelist to be compatible with newer setuptools + +------------------------------------------------------------------- +Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová + +- Update to 5.1.7 (bsc#1239052) + * CVE-2025-26699: Potential denial-of-service vulnerability in + django.utils.text.wrap() + * Fixed a bug in Django 5.1 where the {% querystring %} template tag + returned an empty string rather than "?" + * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite + set to True, did not truncate the overwritten file content + * Fixed a regression in Django 5.1 where the count and exists methods of + ManyToManyField related managers would always return 0 and False when + the intermediary model back references used to_field + * Fixed a regression in Django 5.1 where the pre_save and post_save signals + for LogEntry were not sent when deleting a single object in the admin + +------------------------------------------------------------------- +Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová + +- Update to 5.1.6 + * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() + and validate_ipv46_address() to crash when handling non-string values + * Fixed a regression in Django 5.1 where password fields, despite being + set to required=False, were still treated as required in forms derived + from BaseUserCreationForm + +------------------------------------------------------------------- +Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová + +- Update to 5.1.5 (bsc#1235856) + * CVE-2024-56374: Potential denial-of-service vulnerability in + IPv6 validation + * Fixed a crash when applying migrations with references to the + removed Meta.index_together option + +------------------------------------------------------------------- +Mon Dec 9 09:13:02 UTC 2024 - Markéta Machová + +- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) + * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() + * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle + * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError + * Fixed a regression in Django 5.1 where relational fields were not updated + * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value + that contained a valid domain name, rather than only input values that were + a valid domain name + * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 + * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed + when rendering admin fieldsets + +------------------------------------------------------------------- +Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová + +- Update to 5.1.2 + * Fixed a regression in Django 5.1 that caused a crash when using + the PostgreSQL lookup trigram_similar on output fields from Concat + * Fixed a regression in Django 5.1 that caused a crash of JSONObject() + when using server-side binding with PostgreSQL 16+ + * Fixed a regression in Django 5.1 that made selected items in + multi-select widgets indistinguishable from non-selected items in + the admin dark theme + +------------------------------------------------------------------- +Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.1.1 (bsc#1229823, bsc#1229824) + * CVE-2024-45230: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-45231: Potential user email enumeration via response + status on password reset + * Fixed a regression in Django 5.1 that caused a crash of Window() + when passing an empty sequence to the order_by parameter, and a + crash of Prefetch() for a sliced queryset without ordering + * Fixed a regression in Django 5.1 where a new usable_password field + was included in BaseUserCreationForm (and children). A new + AdminUserCreationForm including this field was added, isolating + the feature to the admin where it was intended + * Adjusted the deprecation warning stacklevel in Model.save() and + Model.asave() to correctly point to the offending call site + * Adjusted the deprecation warning stacklevel when using + OS_OPEN_FLAGS in FileSystemStorage to correctly point to the + offending call site + * Adjusted the deprecation warning stacklevel in + FieldCacheMixin.get_cache_name() to correctly point to the + offending call site + * Restored, following a regression in Django 5.1, the ability to + override the timezone and role setting behavior used within the + init_connection_state method of the PostgreSQL backend + * Fixed a bug in Django 5.1 where variable lookup errors were logged + when rendering admin fieldsets + +------------------------------------------------------------------- +Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová + +- Update to 5.1 + * Supports Python >= 3.10. + * Easier guardrails for authentication: the new and shiny + LoginRequiredMiddleware, when added to MIDDLEWARE, enforces + authentication for all views by default. + * A more inclusive framework: Django 5.1 includes several accessibility + enhancements, such as improved screen reader support in the admin + interface, more semantic HTML elements, and better association of + help text and labels with form fieldsets. + * The second oldest ticket fixed in this release provides the long awaited + querystring template tag, which greatly simplifies the handling of query + strings when building URLs in templates. + * For a detailed list of changes see https://docs.djangoproject.com/en/5.1/releases/5.1/ +- Refreshed python-Django.keyring + +------------------------------------------------------------------- +Wed Aug 7 06:07:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 5.0.8 (bsc#1228629, bsc#1228630, bsc#1228631, bsc#1228632) + * CVE-2024-41989: Memory exhaustion in + django.utils.numberformat.floatformat() + * CVE-2024-41990: Potential denial-of-service vulnerability in + django.utils.html.urlize() + * CVE-2024-41991: Potential denial-of-service vulnerability in + django.utils.html.urlize() and AdminURLFieldWidget + * CVE-2024-42005: Potential SQL injection in QuerySet.values() and + values_list() + * Added missing validation for + UniqueConstraint(nulls_distinct=False) when using *expressions + * Fixed a regression in Django 5.0 where ModelAdmin.action_checkbox + could break the admin changelist HTML page when rendering a model + instance with a __html__ method + * Fixed a crash when creating a model with a Field.db_default and a + Meta.constraints constraint composed of __endswith, __startswith, + or __contains lookups + * Fixed a regression in Django 5.0.7 that caused a crash in + LocaleMiddleware when processing a language code over 500 + characters + * Fixed a bug in Django 5.0 that caused a system check crash when + ModelAdmin.date_hierarchy was a GeneratedField with an + output_field of DateField or DateTimeField + * Fixed a bug in Django 5.0 which caused constraint validation to + either crash or incorrectly raise validation errors for + constraints referring to fields using Field.db_default + * Fixed a crash in Django 5.0 when saving a model containing a + FileField with a db_default set + +------------------------------------------------------------------- +Tue Jul 9 14:03:46 UTC 2024 - Markéta Machová + +- Update to 5.0.7 + * Supports Python >= 3.10. + * Facet counts are now shown for applied filters in the admin changelist + when toggled on via the UI. This behavior can be changed via the new + ModelAdmin.show_facets attribute. + * Django 5.0 introduces the concept of a field group, and field group + templates. This simplifies rendering of the related elements of a + Django form field such as its label, widget, help text, and errors. + * The new Field.db_default parameter sets a database-computed default value. + * The new GeneratedField allows creation of database generated columns. + This field can be used on all supported database backends to create + a field that is always computed from other fields. + * More options for declaring field choices + * Few backwards-incompatible changes in the database backend API, + django.contrib.gis and django.contrib.sitemaps + * Dropped support for MySQL < 8.0.11 + * Using create_defaults__exact may now be required with QuerySet.update_or_create() + * Migrating existing UUIDField on MariaDB 10.7+ +- This release also fixes several security issues: + * bsc#1227590 (CVE-2024-38875) + * bsc#1227593 (CVE-2024-39329) + * bsc#1227594 (CVE-2024-39330) + * bsc#1227595 (CVE-2024-39614) +- Drop no-longer-needed patches: + * dirty-hack-remove-assert.patch + * sanitize_address.patch + +------------------------------------------------------------------- +Wed May 8 07:30:48 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.13 + + Django 4.2.13 fixes a packaging error in 4.2.12. +- Update to 4.2.12 + + Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+. + + Fixed a crash in Django 4.2 when validating email max line lengths + with content decoded using the surrogateescape error handling + scheme +- Drop fix-safemimetext-set_payload.patch, already merged upstream + +------------------------------------------------------------------- +Thu Apr 18 06:39:36 UTC 2024 - Daniel Garcia + +- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+ + (gh#django/django@b231bcd19e57, bsc#1222880) + +------------------------------------------------------------------- +Mon Mar 4 14:05:28 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.11 (CVE-2024-27351, bsc#1220358) + * CVE-2024-27351: Potential regular expression denial-of-service in + django.utils.text.Truncator.words() + * Fixed a regression in Django 4.2.10 where intcomma template filter + could return a leading comma for string representation of floats +- Remove python3122.patch, already upstream + +------------------------------------------------------------------- +Fri Feb 9 10:18:37 UTC 2024 - Daniel Garcia + +- Add python3122.patch to fix tests with python 3.12.2 + gh#django/django#17843 +- Update to 4.2.10 (bsc#1219683, CVE-2024-24680): + - Django 4.2.10 fixes a security issue with severity "moderate" in + 4.2.9. + CVE-2024-24680: Potential denial-of-service in intcomma template + filter The intcomma template filter was subject to a potential + denial-of-service attack when used with very long strings. + +------------------------------------------------------------------- +Thu Jan 4 09:27:51 UTC 2024 - Alberto Planas Dominguez + +- Update to 4.2.9: + * Fixed a regression in Django 4.2.8 where admin fields on the same + line could overflow the page and become non-interactive + +------------------------------------------------------------------- +Mon Dec 4 10:21:00 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.8 + * Fixed a regression in Django 4.2 that caused makemigrations + --check to stop displaying pending migrations + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing other aggregates + or window functions through conditional expressions + * Fixed a regression in Django 4.2 that caused a crash when + annotating a QuerySet with a Window expressions composed of a + partition_by clause mixing field types and aggregation expressions + * Fixed a regression in Django 4.2 where the admin’s change list + page had misaligned pagination links and inputs when using + list_editable + * Fixed a regression in Django 4.2 where checkboxes in the admin + would be centered on narrower screen widths + * Fixed a regression in Django 4.2 that caused a crash of querysets + with aggregations on MariaDB when the ONLY_FULL_GROUP_BY SQL mode + was enabled + * Fixed a regression in Django 4.2 where the admin’s read-only + password widget and some help texts were incorrectly aligned at + tablet widths + * Fixed a regression in Django 4.2 that caused a migration crash on + SQLite when altering unsupported Meta.db_table_comment + +------------------------------------------------------------------- +Mon Nov 27 12:20:48 UTC 2023 - Dirk Müller + +- add dirty-hack-remove-assert.patch from fedora to fix + minor test failure with python 3.12 + +------------------------------------------------------------------- +Wed Nov 1 08:12:59 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.7 + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing expressions + containing subqueries + * Restored, following a regression in Django 4.2, creating + varchar/text_pattern_ops indexes on CharField and TextField with + deterministic collations on PostgreSQL + +------------------------------------------------------------------- +Mon Oct 16 08:33:05 UTC 2023 - Daniel Garcia Moreno + +- Update to 4.2.6 (bsc#1215978, CVE-2023-43665) + * CVE-2023-43665: Denial-of-service possibility in + django.utils.text.Truncator + The input processed by Truncator, when operating in HTML mode, has + been limited to the first five million characters in order to + avoid potential performance and memory issues. + * Fixed a regression in Django 4.2.5 where overriding the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings in tests + caused the main STORAGES to mutate (#34821). + * Fixed a regression in Django 4.2 that caused unnecessary casting + of string based fields (CharField, EmailField, TextField, + CICharField, CIEmailField, and CITextField) used with the __isnull + lookup on PostgreSQL. As a consequence, indexes using an __isnull + expression or condition created before Django 4.2 wouldn’t be used + by the query planner, leading to a performance regression + (#34840). + +------------------------------------------------------------------- +Mon Sep 4 12:10:50 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.5 (CVE-2023-41164) + + Bugfixes + * Fixed a regression in Django 4.2 that caused an incorrect + validation of CheckConstraints on __isnull lookups against + JSONField + * Fixed a bug in Django 4.2 where the deprecated + DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings were not + synced with STORAGES + * Fixed a regression in Django 4.2.2 that caused an unnecessary + selection of a non-nullable ManyToManyField without a natural + key during serialization + * Fixed a regression in Django 4.2 that caused a crash of a + queryset when filtering against deeply nested OuterRef() + annotations + +------------------------------------------------------------------- +Wed Aug 2 07:35:04 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.4 + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing window + functions + * Fixed a regression in Django 4.2 that caused a crash when + grouping by a reference in a subquery + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping by multi-valued annotations to + group against the wrong columns + +------------------------------------------------------------------- +Tue Jul 18 12:50:29 UTC 2023 - Markéta Machová + +- Add upstream sanitize_address.patch + * fixes build with yet another CPython upstream fix (bsc#1210638) + +------------------------------------------------------------------- +Mon Jul 10 09:28:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.3 (bsc#1212742, CVE-2023-36053) + + CVE-2023-36053: Potential regular expression denial of service + vulnerability in EmailValidator/URLValidator + + Bugfixes + * Fixed a regression in Django 4.2 that caused incorrect alignment + of timezone warnings for DateField and TimeField in the admin + * Fixed a regression in Django 4.2 that caused incorrect + highlighting of rows in the admin changelist view when + ModelAdmin.list_editable contained a BooleanField + +------------------------------------------------------------------- +Fri Jun 9 11:41:19 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Tue Jun 6 06:35:28 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.2 + + Bugfixes + * Fixed a regression in Django 4.2 that caused an unnecessary + DBMS_LOB.SUBSTR() wrapping in the __isnull and __exact=None + lookups for TextField()/BinaryField() on Oracle + * Restored, following a regression in Django 4.2, get_prep_value() + call in JSONField subclasses + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when passing a ManyToManyField or + GenericForeignKey reference. While doing so is a no-op, it was + allowed in older version + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.only() when passing a reverse OneToOneField reference + * Fixed a bug in Django 4.2 where makemigrations --update didn’t + respect the --name option + * Fixed a performance regression in Django 4.2 when compiling + queries without ordering + * Fixed a regression in Django 4.2 where nonexistent stylesheet + was linked on a “Congratulations!” page + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with expressions referencing other + aggregates + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.aggregate() with aggregates referencing subqueries + * Fixed a regression in Django 4.2 that caused a crash of + querysets on SQLite when filtering on DecimalField against + values outside of the defined range + * Fixed a regression in Django 4.2 that caused a serialization + crash on a ManyToManyField without a natural key when its + Manager’s base QuerySet used select_related() + +------------------------------------------------------------------- +Thu May 4 07:02:58 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.2.1 + + CVE-2023-31047: Potential bypass of validation when uploading + multiple files using one form field (bsc#1210866) + + Bugfixes + * Fixed a regression in Django 4.2 that caused a crash of + QuerySet.defer() when deferring fields by attribute names + * Fixed a regression in Django 4.2 that caused a crash of + SearchVector function with % characters + * Fixed a regression in Django 4.2 that caused aggregation over + query that uses explicit grouping to group against the wrong + columns + * Reallowed, following a regression in Django 4.2, setting the + "cursor_factory" option in OPTIONS on PostgreSQL + * Enforced UTF-8 client encoding on PostgreSQL, following a + regression in Django 4.2 + * Fixed a regression in Django 4.2 where i18n_patterns() didn’t + respect the prefix_default_language argument when a fallback + language of the default language was used + * Fixed a regression in Django 4.2 where translated URLs of the + default language from i18n_patterns() with + prefix_default_language set to False raised 404 errors for a + request with a different language + * Fixed a regression in Django 4.2 where creating copies and deep + copies of HttpRequest, HttpResponse, and their subclasses didn’t + always work correctly + * Fixed a regression in Django 4.2 where timesince and timeuntil + template filters returned incorrect results for a datetime with + a non-UTC timezone when a time difference is less than 1 day + * Fixed a regression in Django 4.2 that caused a crash of + SearchHeadline function with psycopg 3 + * Fixed a regression in Django 4.2 that caused incorrect + ClearableFileInput margins in the admin + * Fixed a regression in Django 4.2 where breadcrumbs didn’t appear + on admin site app index views + * Made squashing migrations reduce AddIndex, RemoveIndex, + RenameIndex, and CreateModel operations which allows removing a + deprecated Meta.index_together option from historical migrations + and use Meta.indexes instead + +------------------------------------------------------------------- +Thu Apr 6 06:38:13 UTC 2023 - David Anes + +- Update minimal dependency versions. + +------------------------------------------------------------------- +Tue Apr 4 07:19:56 UTC 2023 - David Anes + +- Update to 4.2: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.2/releases/4.2/ + + Psycopg 3 support + + Comments on columns and tables + + Mitigation for the BREACH attack + + In-memory file storage + + Custom file storages + + For backwards incompatible changes in 4.2 see + https://docs.djangoproject.com/en/4.2/releases/4.2/#backwards-incompatible-changes-in-4-2 + +- Update of keyring file + +------------------------------------------------------------------- +Tue Feb 14 09:59:42 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.7: + + CVE-2023-24580: Potential denial-of-service vulnerability in file + uploads (bsc#1208082) + + Fixed a bug in Django 4.1 that caused a crash of model validation + on ValidationError with no code + +------------------------------------------------------------------- +Wed Feb 1 12:48:49 UTC 2023 - Alberto Planas Dominguez + +- Update to 4.1.6: + + CVE-2023-23969: Potential denial-of-service via Accept-Language + headers Bugfixes + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint with ordered expressions + +------------------------------------------------------------------- +Mon Jan 2 19:07:30 UTC 2023 - David Anes + +- Update to 4.1.5: + + Fixed a long standing bug in the __len lookup for ArrayField + that caused a crash of model validation on Meta.constraints. +- Update keyring file. + +------------------------------------------------------------------- +Wed Dec 21 09:39:56 UTC 2022 - Daniel Garcia + +- Recommends python-pymemcache instead of the deprecated + python-python-memcached. This is the module used in Django since 3.2 + https://docs.djangoproject.com/en/3.2/releases/3.2/#pymemcache-support + +------------------------------------------------------------------- +Tue Dec 6 13:30:53 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.4 + + Fixed a regression in Django 4.1 that caused an unnecessary table + rebuild when adding a ManyToManyField on SQLite + + Fixed a bug in Django 4.1 that caused a crash of the sitemap index + view with an empty Sitemap.items() and a callable lastmod + + Fixed a bug in Django 4.1 that caused a crash using acreate(), + aget_or_create(), and aupdate_or_create() asynchronous methods of + related managers + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() with "pk" in unique_fields + + Fixed a bug in Django 4.1 that caused a crash of + QuerySet.bulk_create() on fields with db_column + +------------------------------------------------------------------- +Wed Nov 2 15:50:11 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.3 + + Fixed a bug in Django 4.1 that caused non-Python files created by + startproject and startapp management commands from custom + templates to be incorrectly formatted using the black command + +------------------------------------------------------------------- +Tue Oct 4 08:22:42 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.2 (bsc#1203793, CVE-2022-41323) + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when adding a model with ExclusionConstraint + + Fixed a regression in Django 4.1 that caused aggregation over a + queryset that contained an Exists annotation to crash due to too + many selected columns + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint on NULL values + + Fixed a regression in Django 4.1 that caused a + QuerySet.values()/values_list() crash on ArrayAgg() and JSONBAgg() + + Fixed a bug in Django 4.1 that caused + ModelAdmin.autocomplete_fields to be incorrectly selected after + adding/changing related instances via popups + + Fixed a regression in Django 4.1 where the app registry was not + populated when running parallel tests with the multiprocessing + start method spawn + + Fixed a regression in Django 4.1 where the --debug-mode argument + to test did not work when running parallel tests with the + multiprocessing start method spawn + + Fixed a regression in Django 4.1 that didn’t alter a sequence type + when altering type of pre-Django 4.1 serial columns on PostgreSQL + + Fixed a regression in Django 4.1 that caused a crash for View + subclasses with asynchronous handlers when handling non-allowed + HTTP methods + + Reverted caching related managers for ForeignKey, ManyToManyField, + and GenericRelation that caused the incorrect refreshing of + related objects + + Relaxed the system check added in Django 4.1 for the same name + used for multiple template tag modules to a warning + +------------------------------------------------------------------- +Mon Sep 5 11:14:19 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1.1 + + Reallowed, following a regression in Django 4.1, using GeoIP2() + when GEOS is not installed + + Fixed a regression in Django 4.1 that caused a crash of admin’s + autocomplete widgets when translations are deactivated + + Fixed a regression in Django 4.1 that caused a crash of the test + management command when running in parallel and multiprocessing + start method is spawn + + Fixed a regression in Django 4.1 that caused an incorrect + redirection to the admin changelist view when using "Save and + continue editing" and "Save and add another" options + + Fixed a regression in Django 4.1 that caused a crash of Window + expressions with ArrayAgg + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite 3.35.5+ when removing an indexed field + + Fixed a bug in Django 4.1 that caused a crash of model validation + on UniqueConstraint() with field names in expressions + + Fixed a bug in Django 4.1 that caused an incorrect validation of + CheckConstraint() with range fields on PostgreSQL + + Fixed a regression in Django 4.1 that caused an incorrect + migration when adding AutoField, BigAutoField, or SmallAutoField + on PostgreSQL + + Fixed a regression in Django 4.1 that caused a migration crash on + PostgreSQL when altering AutoField, BigAutoField, or + SmallAutoField to OneToOneField + + Fixed a migration crash on ManyToManyField fields with through + referencing models in different apps + + Fixed a regression in Django 4.1 that caused an incorrect + migration when renaming a model with ManyToManyField and db_table + + Reallowed, following a regression in Django 4.1, creating reverse + foreign key managers on unsaved instances + + Fixed a regression in Django 4.1 that caused a migration crash on + SQLite < 3.20 + + Fixed a regression in Django 4.1 that caused an admin crash when + the admindocs app was used +- Remove 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch + (already upstream) +- Verify the tarball with gpg + +------------------------------------------------------------------- +Wed Aug 3 13:20:52 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.1: + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.1/releases/4.1/ + + Django 4.1 supports Python 3.8, 3.9, and 3.10 + + Asynchronous handlers for class-based views + + Asynchronous ORM interface + + Validation of Constraints + + Form rendering accessibility + + CSRF_COOKIE_MASKED setting +- Drop fix_test_custom_fields_SQLite.patch (already merged) +- Add 0001-Fixed-33887-Added-version-in-asserted-test-URL.patch to fix + test + +------------------------------------------------------------------- +Wed Aug 3 11:48:48 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.7 (CVE-2022-36359, bsc#1201923): + + Django 4.0.7 fixes a security issue with severity “high” in 4.0.6. + +------------------------------------------------------------------- +Tue Jul 5 08:04:12 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.6 + + CVE-2022-34265: Potential SQL injection via Trunc(kind) and + Extract(lookup_name) arguments + +------------------------------------------------------------------- +Thu Jun 2 07:34:17 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.5 + + Fixed a bug in Django 4.0 where not all OPTIONS were passed to a + Redis client + + Fixed a bug in Django 4.0 that caused a crash of QuerySet.filter() + on IsNull() expressions + + Fixed a bug in Django 4.0 where a hidden quick filter toolbar in + the admin’s navigation sidebar was focusable + +------------------------------------------------------------------- +Mon Apr 11 14:21:09 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.4 + + CVE-2022-28346: Potential SQL injection in "QuerySet.annotate()", + "aggregate()", and "extra()" + + CVE-2022-28347: Potential SQL injection via + "QuerySet.explain(**options)" on PostgreSQL + +------------------------------------------------------------------- +Tue Mar 1 10:49:51 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.3 + + Prevented, following a regression in Django 4.0.1, makemigrations + from generating infinite migrations for a model with + ManyToManyField to a lowercased swappable model such as + 'auth.user' + + Fixed a regression in Django 4.0 that caused a crash when + rendering invalid inlines with readonly_fields in the admin + +------------------------------------------------------------------- +Tue Feb 1 10:15:38 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.2 (CVE-2022-22818, bsc#1195086) (CVE-2022-23833, bsc#1195088) + + CVE-2022-22818: Possible XSS via {% debug %} template tag + + CVE-2022-23833: Denial-of-service possibility in file uploads + + Fixed a bug in Django 4.0 where + TestCase.captureOnCommitCallbacks() could execute callbacks + multiple times + + Fixed a regression in Django 4.0 where help_text was HTML-escaped + in automatically-generated forms + + Fixed a regression in Django 4.0 that caused displaying an + incorrect name for class-based views on the technical 404 debug + page + + Fixed a regression in Django 4.0 that caused an incorrect repr of + ResolverMatch for class-based views + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations on models without Meta.order_with_respect_to but + with a field named _order + + Fixed a regression in Django 4.0 that caused incorrect + ModelAdmin.radio_fields layout in the admin + + Fixed a duplicate operation regression in Django 4.0 that caused a + migration crash when altering a primary key type for a concrete + parent model referenced by a foreign key + + Fixed a bug in Django 4.0 that caused a crash of + QuerySet.aggregate() after annotate() on an aggregate function + with a default + + Fixed a regression in Django 4.0 that caused a crash of + makemigrations when renaming a field of a renamed model + +------------------------------------------------------------------- +Wed Jan 12 14:16:23 UTC 2022 - Matej Cepl + +- Add fix_test_custom_fields_SQLite.patch fixing issues with + modern SQLite (gh#django/django#15168). + +------------------------------------------------------------------- +Mon Jan 10 09:27:36 UTC 2022 - Alberto Planas Dominguez + +- Update to 4.0.1 (CVE-2021-45115, CVE-2021-45452, bsc#1194117) + + CVE-2021-45115: Denial-of-service possibility in + UserAttributeSimilarityValidator + + CVE-2021-45452: Potential directory-traversal via Storage.save() + + Fixed a regression in Django 4.0 that caused a crash of + assertFormsetError() on a formset named form + + Fixed a bug in Django 4.0 that caused a crash on booleans with the + RedisCache backend + + Relaxed the check added in Django 4.0 to reallow use of a + duck-typed HttpRequest in + django.views.decorators.cache.cache_control() and never_cache() + decorators + + Fixed a regression in Django 4.0 that caused creating bogus + migrations for models that reference swappable models such as + auth.User + + Fixed a long standing bug in Geometry Collections and Polygon that + caused a crash on some platforms (reported on macOS based on the + ARM64 architecture) + +------------------------------------------------------------------- +Mon Dec 27 12:11:09 UTC 2021 - Ben Greiner + +- Fix u-a scriptlet dependency. +- Remove python36 conditional on numpy dep. + +------------------------------------------------------------------- +Fri Dec 24 02:26:37 UTC 2021 - John Vandenberg + +- Avoid dependency on backports.zoneinfo except on Python 3.8 + +------------------------------------------------------------------- +Mon Dec 20 10:37:10 UTC 2021 - Matej Cepl + +- Clean up PYTHONPATH to make test_extra_tests_build_suite pass. + +------------------------------------------------------------------- +Tue Dec 7 14:09:24 UTC 2021 - Alberto Planas Dominguez + +- Update to 4.0 + This is just a summary. Full release notes are available at + https://docs.djangoproject.com/en/4.0/releases/4.0/. + - Django 4.0 supports Python 3.8, 3.9, and 3.10. We highly + recommend and only officially support the latest release of + each series. + The Django 3.2.x series is the last to support Python 3.6 and + 3.7. + - The Python standard library’s zoneinfo is now the default + timezone implementation in Django. This is the next step in + the migration from using pytz to using zoneinfo. Django 3.2 + allowed the use of non-pytz time zones. Django 4.0 makes + zoneinfo the default implementation. Support for pytz is now + deprecated and will be removed in Django 5.0. + - The new *expressions positional argument of + UniqueConstraint() enables creating functional unique + constraints on expressions and database functions. + - The new scrypt password hasher is more secure and recommended + over PBKDF2. However, it’s not the default as it requires + OpenSSL 1.1+ and more memory. + - Redis cache backend + - Template based form rendering. Forms, Formsets, and ErrorList + are now rendered using the template engine to enhance + customization. + +------------------------------------------------------------------- +Tue Nov 2 12:45:45 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.9 + + Fixed a bug in Django 3.2 that caused a migration crash on SQLite + when altering a field with a functional index + +------------------------------------------------------------------- +Tue Oct 5 14:25:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.8 + + Fixed a bug in Django 3.2 that caused incorrect links on read-only + fields in the admin + + Fixed a regression in Django 3.2 that caused incorrect selection + of items across all pages when actions were placed both on the top + and bottom of the admin change-list view +- Drop failing_test_subparser_invalid_option.patch, as is already in + the upstream code. + +------------------------------------------------------------------- +Thu Sep 9 15:21:45 UTC 2021 - Matej Cepl + +- Add failing_test_subparser_invalid_option.patch fixing + https://code.djangoproject.com/ticket/33082 + +------------------------------------------------------------------- +Wed Sep 1 10:13:34 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.7 + + Fixed a regression in Django 3.2 that caused the incorrect offset + extraction from fixed offset timezones + +------------------------------------------------------------------- +Mon Aug 16 08:27:28 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.6 + + Fixed a regression in Django 3.2 that caused a crash validating + "NaN" input with a forms.DecimalField when additional constraints, + e.g. max_value, were specified + + Fixed a bug in Django 3.2 where a system check would crash on a + model with a reverse many-to-many relation inherited from a parent + class + +------------------------------------------------------------------- +Thu Jul 1 07:50:35 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.5 (CVE-2021-35042, bsc#1187785) + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values_list(..., named=True) after prefetch_related() + + Fixed a bug in Django 3.2 that caused a migration crash on MySQL + 8.0.13+ when altering BinaryField, JSONField, or TextField to + non-nullable + + Fixed a regression in Django 3.2 that caused a migration crash on + MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or + TextField with a default value + + Fixed a bug in Django 3.2 where a system check would crash on a + model with an invalid app_label + +------------------------------------------------------------------- +Wed Jun 2 10:45:01 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571) + + CVE-2021-33203: Potential directory traversal via admindocs + + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks + since validators accepted leading zeros in IPv4 addresses + + Fixed a bug in Django 3.2 where a final catch-all view in the + admin didn’t respect the server-provided value of SCRIPT_NAME when + redirecting unauthenticated users to the login page + + Fixed a bug in Django 3.2 where a system check would crash on an + abstract model + + Prevented unnecessary initialization of unused caches following a + regression in Django 3.2 + + Fixed a crash in Django 3.2 that could occur when running mod_wsgi + with the recommended settings while the Windows colorama library + was installed + + Fixed a bug in Django 3.2 that would trigger the auto-reloader for + template changes when directory paths were specified with strings + + Fixed a regression in Django 3.2 that caused a crash of + auto-reloader with AttributeError, e.g. inside a Conda environment + + Fixed a regression in Django 3.2 that caused a loss of precision + for operations with DecimalField on MySQL + +------------------------------------------------------------------- +Mon May 17 07:37:47 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.3 + + Prepared for mysqlclient > 2.0.3 support + + Fixed a regression in Django 3.2 that caused the incorrect + filtering of querysets combined with the | operator + + Fixed a regression in Django 3.2.1 where saving FileField would + raise a SuspiciousFileOperation even when a custom upload_to + returns a valid file path + +------------------------------------------------------------------- +Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.2 (CVE-2021-32052) + + CVE-2021-32052: Header injection possibility since URLValidator + accepted newlines in input on Python 3.9.5+ + + Prevented, following a regression in Django 3.2.1, makemigrations + from generating infinite migrations for a model with Meta.ordering + contained OrderBy expressions + +------------------------------------------------------------------- +Wed May 5 17:25:18 UTC 2021 - Ben Greiner + +- Keep rpm runtime requirements in sync. Downstream packages often + read the egg-info and fail if they are not fulfilled. + +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + +------------------------------------------------------------------- +Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.0 + + Automatic ~django.apps.AppConfig discovery + + Customizing type of auto-created primary keys + + Functional indexes + + pymemcache support + + New decorators for the admin site + + For a complete description of new features check: + https://github.com/django/django/blob/main/docs/releases/3.2.txt +- Update PYTHOPATH to include the local tests +- Drop i18n_test.patch, i18n_test_extraction.patch, + test_clear_site_cache-sort.patch + +------------------------------------------------------------------- +Sat Feb 13 22:41:42 UTC 2021 - Ben Greiner + +- Don't install python36-numpy for testing. It is no longer + available. (The tests or portions of tests requiring numpy + are skipped automatically in this case.) +- Let the singlespec macro do its job to set the primary provider + for python3-django and python3-South on the primary flavor only. +- Fix mtime of cache file by recompiling. + +------------------------------------------------------------------- +Wed Dec 9 12:16:46 UTC 2020 - Ondřej Súkup + +- Update to 3.1.4 + * Fixed setting the Content-Length HTTP header in AsyncRequestFactory + * Fixed passing extra HTTP headers to AsyncRequestFactory request methods + * Fixed crash of key transforms for JSONField on PostgreSQL when usingi + on a Subquery() annotation + * Fixed a regression in Django 3.1 that caused the incorrect grouping + by a Q object annotation + * Fixed a regression in Django 3.1 that caused suppressing connection errors + when JSONField is used on SQLite + * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained + key transforms for JSONField returning non-string primitive values + +------------------------------------------------------------------- +Mon Nov 2 15:03:13 UTC 2020 - Ondřej Súkup + +- Update to 3.1.3 + * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin + changelist search bar + * Fixed a regression in Django 3.1.2 that caused the incorrect width of the + admin changelist search bar on a filtered page + * Fixed displaying Unicode characters in forms.JSONField and read-only + models.JSONField values in the admin + * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg + with ordering on key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using + key transforms for JSONField in the lookup value + * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with + key transforms for JSONField + * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL + when adding an ExclusionConstraint with key transforms for JSONField in expressions + * Fixed a regression in Django 3.1 where ProtectedError.protected_objects + and RestrictedError.restricted_objects attributes returned iterators instead + of set of objects + * Fixed a regression in Django 3.1.2 that caused incorrect form input layout + on small screens in the admin change form view + * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens + * Added support for asgiref 3.3 + * Fixed a regression in Django 3.1 that caused incorrect textarea layout + on medium-sized screens in the admin change form view with the sidebar open + * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases + in the GROUP BY clause + * Fixed a bug in Django 3.1 where FileField instances with a callable storage were + not correctly deconstructed + * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned + incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with + Meta.ordering. A model’s Meta.ordering doesn’t affect such queries + * Fixed a regression in Django 3.1 where a queryset would crash if it contained + an aggregation and a Q object annotation + * Fixed a bug in Django 3.1 where a test database was not synced during creation + when using the MIGRATE test database setting + * Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a GenericRelation + * Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar + would not scroll for a long list of available filters + +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + +------------------------------------------------------------------- +Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg + +- Require asgiref >= 3.2.10 per upstream + +------------------------------------------------------------------- +Tue Aug 11 07:48:29 UTC 2020 - Alberto Planas Dominguez + +- Update to 3.1 + * Asynchronous views and middleware support + * JSONField for all supported database backends + * DEFAULT_HASHING_ALGORITHM settings¶ + * Read https://docs.djangoproject.com/en/3.1/releases/3.1/ +- Drop fix-selenium-test.patch. Already upstream. +- Add i18n_test_extraction.patch to support xgettext 0.21 + +------------------------------------------------------------------- +Thu Aug 6 11:36:36 UTC 2020 - Ondřej Súkup + +- update to 3.0.9 + * Allowed setting the SameSite cookie flag in HttpResponse.delete_cookie() + * Fixed crash when sending emails to addresses with display names longer than + 75 chars on Python 3.6.11+, 3.7.8+, and 3.8.4+ + +------------------------------------------------------------------- +Wed Jul 8 11:52:27 UTC 2020 - Ondřej Súkup + +- update to 3.0.8 + * Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings + raised by cache key validation + * Fixed a regression in Django 3.0.7 that caused a queryset crash + when grouping by a many-to-one relationship + * Reallowed, following a regression in Django 3.0, non-expressions having + a filterable attribute to be used as the right-hand side in queryset filters + * Fixed a regression in Django 3.0.2 that caused a migration crash + on PostgreSQL when adding a foreign key to a model with a namespaced db_table + * Added compatibility for cx_Oracle 8 + +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + +------------------------------------------------------------------- +Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal + +- Add patch to fix the 32bit build: + * 32bit.patch + +------------------------------------------------------------------- +Thu Apr 23 16:58:12 UTC 2020 - Marcus Rueckert + +- Update to 3.0.5 + https://docs.djangoproject.com/en/3.0/releases/3.0.5/ + https://docs.djangoproject.com/en/3.0/releases/3.0.4/ + https://docs.djangoproject.com/en/3.0/releases/3.0.3/ + https://docs.djangoproject.com/en/3.0/releases/3.0.2/ + https://docs.djangoproject.com/en/3.0/releases/3.0.1/ + https://docs.djangoproject.com/en/3.0/releases/3.0/ +- new dependency: python-asgiref + +------------------------------------------------------------------- +Fri Apr 3 06:55:41 UTC 2020 - Tomáš Chvátal + +- Update to 2.2.12: + * Added the ability to handle .po files containing different plural + equations for the same language (#30439). + +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + +------------------------------------------------------------------- +Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup + +- update to 2.2.10 +- drop pyyaml53.patch + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` + +------------------------------------------------------------------- +Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup + +- add pyyaml53.patch - fix tests with PyYAML 5.3 + +------------------------------------------------------------------- +Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup + +- Update to 2.2.9 + * CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447) + * Fixed a data loss possibility in SplitArrayField. + +------------------------------------------------------------------- +Mon Dec 2 09:45:57 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.8 + * CVE-2019-19118: Privilege escalation in the Django admin (boo#1157705) + * Fixed a data loss possibility in the admin changelist view when a + custom formset’s prefix contains regular expression special + characters, e.g. '$' + * Fixed a regression in Django 2.2.1 that caused a crash when + migrating permissions for proxy models with a multiple database + setup if the default entry was empty + * Fixed a data loss possibility in the select_for_update(). When + using 'self' in the of argument with multi-table inheritance, a + parent model was locked instead of the queryset’s model +- Add patch fix-selenium-test.patch to fix a test when selenium is + missing + +------------------------------------------------------------------- +Fri Nov 15 10:53:24 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.7: + * Fixed a crash when using a contains, contained_by, has_key, has_keys, or has_any_keys lookup on JSONField, if the right or left hand side of an expression is a key transform (#30826). + * Prevented migrate --plan from showing that RunPython operations are irreversible when reverse_code callables don’t have docstrings or when showing a forward migration plan (#30870). + * Fixed migrations crash on PostgreSQL when adding an Index with fields ordering and opclasses (#30903). + * Restored the ability to override get_FOO_display() (#30931). + +------------------------------------------------------------------- +Fri Nov 15 07:49:06 UTC 2019 - Tomáš Chvátal + +- Require full python interpreter on build and runtime + +------------------------------------------------------------------- +Mon Oct 7 13:15:57 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.6: + * Fixed migrations crash on SQLite when altering a model + containing partial indexes (#30754). + * Fixed a regression in Django 2.2.4 that caused a crash when + filtering with a Subquery() annotation of a queryset containing + JSONField or HStoreField (#30769). + +------------------------------------------------------------------- +Mon Sep 16 10:13:08 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.5: + * Relaxed the system check added in Django 2.2 for models to reallow use of the same db_table by multiple models when database routers are installed (#30673). + * Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672). + * Fixed a regression in Django 2.2 where ModelAdmin.list_filter choices to foreign objects don’t respect a model’s Meta.ordering (#30449). + * Fixed a race condition in loading URLconf module that could cause a crash of auto-reloader on Python 3.5 and below (#30500). + +------------------------------------------------------------------- +Thu Aug 1 11:13:37 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.4: + * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 + bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880 + * Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628). + * Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506). + * Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647). + +------------------------------------------------------------------- +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- +Mon Jun 3 11:01:44 UTC 2019 - Ondřej Súkup + +- update to 2.2.2 + * Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468) + * Fixes CVE-2019-11358: Prototype pollution + +------------------------------------------------------------------- +Tue May 7 07:13:09 UTC 2019 - Tomáš Chvátal + +- Update keyring file + +------------------------------------------------------------------- +Mon May 6 14:11:22 UTC 2019 - Alberto Planas Dominguez + +- Update to 2.2.1 + * Fixed a regression in Django 2.1 that caused the incorrect quoting + of database user password when using dbshell on Oracle (#30307). + * Added compatibility for psycopg2 2.8 (#30331). + * Fixed a regression in Django 2.2 that caused a crash when loading + the template for the technical 500 debug page (#30324). + * Fixed crash of ordering argument in ArrayAgg and StringAgg when it + contains an expression with params (#30332). + * Fixed a regression in Django 2.2 that caused a single instance + fast-delete to not set the primary key to None (#30330). + * Prevented makemigrations from generating infinite migrations for + check constraints and partial indexes when condition contains a + range object (#30350). Reverted an optimization in Django 2.2 + (#29725) that caused the inconsistent behavior of count() and + exists() on a reverse many-to-many relationship with a custom + manager (#30325). + * Fixed a regression in Django 2.2 where Paginator crashes if + object_list is a queryset ordered or aggregated over a nested + JSONField key transform (#30335). + * Fixed a regression in Django 2.2 where IntegerField validation of + database limits crashes if limit_value attribute in a custom + validator is callable (#30328). + * Fixed a regression in Django 2.2 where SearchVector generates SQL + that is not indexable (#30385). + * Fixed a regression in Django 2.2 that caused an exception to be + raised when a custom error handler could not be imported (#30318). + * Relaxed the system check added in Django 2.2 for the admin app’s + dependencies to reallow use of SessionMiddleware subclasses, + rather than requiring django.contrib.sessions to be in + INSTALLED_APPS (#30312). + * Increased the default timeout when using Watchman to 5 seconds to + prevent falling back to StatReloader on larger projects and made + it customizable via the DJANGO_WATCHMAN_TIMEOUT environment + variable (#30361). + * Fixed a regression in Django 2.2 that caused a crash when + migrating permissions for proxy models if the target permissions + already existed. For example, when a permission had been created + manually or a model had been migrated from concrete to proxy + (#30351). + * Fixed a regression in Django 2.2 that caused a crash of runserver + when URLConf modules raised exceptions (#30323). + * Fixed a regression in Django 2.2 where changes were not reliably + detected by auto-reloader when using StatReloader (#30323). + * Fixed a migration crash on Oracle and PostgreSQL when adding a + check constraint with a contains, startswith, or endswith lookup + (or their case-insensitive variant) (#30408). + * Fixed a migration crash on Oracle and SQLite when adding a check + constraint with condition contains | (OR) operator (#30412). + +------------------------------------------------------------------- +Wed Apr 10 07:55:46 UTC 2019 - John Vandenberg + +- Add test_clear_site_cache-sort.patch to workaround flaky test +- Add bcond_with for selenium and memcached, as those tests are inactive, + and add missing dependencies and setup for selenium testing +- Move removal of executable bit from a JavaScript file to %prep +- Fix fdupes + +------------------------------------------------------------------- +Wed Apr 3 11:21:56 UTC 2019 - Ondřej Súkup + +- update to 2.2 +- drop pyyaml5.patch +- add i18n_test.patch + * HttpRequest.headers to allow simple access to a request’s headers. + * Database-level constraints on models. + * Watchman compatibility for runserver to improve the performance + +------------------------------------------------------------------- +Sat Mar 23 16:31:46 UTC 2019 - Tomáš Chvátal + +- Add patch to build with PyYAML >5: + * pyyaml5.patch + +------------------------------------------------------------------- +Tue Feb 12 09:24:53 UTC 2019 - Thomas Bechtold + +- update to 2.1.7 (CVE-2019-6975, bsc#1124991): + * Corrected packaging error from 2.1.6 + * Memory exhaustion in django.utils.numberformat.format() + If django.utils.numberformat.format() – used by contrib.admin as well + as the the floatformat, filesizeformat, and intcomma templates + filters – received a Decimal with a large number of digits or a + large exponent, it could lead to significant memory usage + due to a call to '{:f}'.format(). + To avoid this, decimals with more than 200 digits are now formatted + using scientific notation. + * Made the obj argument of InlineModelAdmin.has_add_permission() optional + to restore backwards compatibility with third-party code that doesn’t + provide it + +------------------------------------------------------------------- +Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold + +- update to 2.1.5 (CVE-2019-3498, bsc#1120932): + * CVE-2019-3498: Content spoofing possibility in the default 404 page + * Fixed compatibility with mysqlclient 1.3.14 (#30013). + * Fixed a schema corruption issue on SQLite 3.26+. You might have to drop + and rebuild your SQLite database if you applied a migration while using + an older version of Django with SQLite 3.26 or later (#29182). + * Prevented SQLite schema alterations while foreign key checks are enabled + to avoid the possibility of schema corruption (#30023). + * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections) + where request body data isn’t properly consumed for such + connections (#30015). + * Fixed a regression in Django 2.1.4 where + InlineModelAdmin.has_change_permission() is incorrectly called with + a non-None obj argument during an object add (#30050). + +------------------------------------------------------------------- +Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup + +- Update to version 2.1.4 + * Corrected the default password list that CommonPasswordValidator uses + by lowercasing all passwords to match the format expected by the validator + * Prevented repetitive calls to geos_version_tuple() in the WKBWriter class in + an attempt to fix a random crash involving LooseVersion + * Fixed keep-alive support in runserver after it was disabled o 2.0 + * Fixed admin view-only change form crash when using ModelAdmin.prepopulated_fields + * Fixed “Please correct the errors below” error message when editing an object + in the admin if the user only has the “view” permission on inlines + * Fixed a regression in Django 2.0 where combining Q objects with __in lookups + and lists crashed + * Fixed a regression in Django 2.0 where test databases aren’t reused + with manage.py test --keepdb on MySQL + * Fixed a regression where cached foreign keys that use to_field were + incorrectly cleared in Model.save() + * Fixed a regression in Django 2.0 where FileSystemStorage crashes + with FileExistsError if concurrent saves try to create the same directory + +------------------------------------------------------------------- +Thu Oct 4 13:13:00 UTC 2018 - Alberto Planas Dominguez + +- Update to version 2.1.2 + * CVE-2018-16984: Password hash disclosure to “view only” admin + users + * Fixed a regression where nonexistent joins in F() no longer raised + FieldError (#29727). + * Fixed a regression where files starting with a tilde or underscore + weren’t ignored by the migrations loader (#29749). + * Made migrations detect changes to Meta.default_related_name + (#29755). + * Added compatibility for cx_Oracle 7 (#29759). + * Fixed a regression in Django 2.0 where unique index names weren’t + quoted (#29778). + * Fixed a regression where sliced queries with multiple columns with + the same name crashed on Oracle 12.1 (#29630). + * Fixed a crash when a user with the view (but not change) + permission made a POST request to an admin user change form + (#29809). + +------------------------------------------------------------------- +Tue Sep 18 13:17:15 CEST 2018 - Matěj Cepl + +- Switch of BR selenium for non-Intel platforms. + +------------------------------------------------------------------- +Tue Sep 4 12:24:15 UTC 2018 - Ondřej Súkup + +- update to version 2.1.1 +- drop django-urlencode.patch + * Fixed a race condition in QuerySet.update_or_create() that could result + in data loss + * Fixed a regression where QueryDict.urlencode() crashed if the dictionary + contains a non-string value + * Fixed a regression in Django 2.0 where using manage.py test --keepdb fails + on PostgreSQL if the database exists and the user doesn’t have permission + to create databases + * Fixed a regression in Django 2.0 where combining Q objects with __in + lookups and lists crashed + * Fixed translation failure of DurationField’s “overflow” error message + * Fixed a regression where the admin change form crashed if the user doesn’t + have the ‘add’ permission to a model that uses TabularInline + * Fixed a regression where a related_query_name reverse accessor wasn’t + set up when a GenericRelation is declared on an abstract base model + * Fixed the test client’s JSON serialization of a request data dictionary + for structured content type suffixes + * Made the admin change view redirect to the changelist view after a POST + if the user has the ‘view’ permission + * Fixed admin change view crash for view-only users if the form + has an extra form field + * Fixed a regression in Django 2.0.5 where QuerySet.values() or values_list() + after combining querysets with extra() with union(), difference(), + or intersection() crashed due to mismatching columns + +------------------------------------------------------------------- +Tue Aug 14 07:46:04 UTC 2018 - tchvatal@suse.com + +- Apply patch to fix urlencode nonstring values: + * django-urlencode.patch + +------------------------------------------------------------------- +Wed Aug 8 13:33:57 UTC 2018 - tchvatal@suse.com + +- Enable testsuite + +------------------------------------------------------------------- +Wed Aug 8 09:35:51 UTC 2018 - mimi.vx@gmail.com + +- update to version 2.1 +- move bash completion to right location +- for full chanfges please see https://docs.djangoproject.com/en/2.1/releases/2.1/ + * Dropped support for MySQL 5.5 + * Dropped support for PostgreSQL 9.3 + * Support for SpatiaLite 4.0 is removed + * Support for SQLite < 3.7.15 is removed. + +------------------------------------------------------------------- +Mon Jul 2 13:15:55 UTC 2018 - aplanas@suse.com + +- update to version 2.0.7: + * Fixed admin changelist crash when using a query expression without + asc() or desc() in the page’s ordering (#29428). + * Fixed admin check crash when using a query expression in + ModelAdmin.ordering (#29428). + * Fixed __regex and __iregex lookups with MySQL 8 (#29451). + * Fixed migrations crash with namespace packages on Python 3.7 + (#28814). +- update to version 2.0.6 + * Fixed a regression that broke custom template filters that use + decorators (#29400). + * Fixed detection of custom URL converters in included patterns + (#29415). + * Fixed a regression that added an unnecessary subquery to the GROUP + BY clause on MySQL when using a RawSQL annotation (#29416). + * Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS + 3.6.1+ (#29460). + * Fixed a regression in Django 1.10 that could result in large + memory usage when making edits using ModelAdmin.list_editable + (#28462). +- update to version 2.0.5 + * Corrected the import paths that inspectdb generates for + django.contrib.postgres fields (#29307). + * Fixed a regression in Django 1.11.8 where altering a field with a + unique constraint may drop and rebuild more foreign keys than + necessary (#29193). + * Fixed crashes in django.contrib.admindocs when a view is a + callable object, such as django.contrib.syndication.views.Feed + (#29296). + * Fixed a regression in Django 1.11.12 where QuerySet.values() or + values_list() after combining an annotated and unannotated + queryset with union(), difference(), or intersection() crashed due + to mismatching columns (#29286). + +------------------------------------------------------------------- +Sat Apr 7 19:21:18 UTC 2018 - tbechtold@suse.com + +- update to version 2.0.4: + * Fixed #29265 -- Removed the suggestion to hardcode static URLs. + * Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. + * Fixed #29195 -- Fixed Exists.output_field resolution on single-valued queries. + * Fixed links to Sphinx docs. + * Fixed typo in docs/releases/2.0.4.txt. + * Clarified docs about ISO 8601 week numbering. + * Fixed #29116 -- Fixed OpenLayersWidget deserialization ignoring the widget map's SRID. + * Added CVE-2018-7536,7 to the security release archive. + * Fixed #29221 -- Corrected admin's autocomplete widget to add a space after custom classes. + * Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets. + * Added a pagination example to ListView docs. + * Fixed #28514 -- Clarifed docs about idempotence of RelatedManager.add(). + * isorted import statements in tutorial example. + * Fixed #29192 -- Corrected docs regarding overriding fields from abstract base classes. + * Refs #11278 -- Clarified RelatedManager differences between reverse one-to-many and many-to-many relations. + * Added stub release notes for 1.11.12. + * Fixed #29165 -- Clarified how to load initial data with migrations. + * Fixed #29213 -- Fixed autocomplete widget's translations for zh-hans/zh-hant. + * Reverted "Expanded docs for AbstractBaseUser.has_usable_password()." + * Fixed typo in docs/releases/2.0.4/1.11.12.txt. + * Bumped version for 2.0.4 release. + * Fixed #29250 -- Added 'django_version' context to startapp/project docs. + * Added release date for 2.0.4 and 1.11.12. + * Post-release version bump. + * Clarified a sentence in docs/topics/i18n/translation.txt. + * Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection(). + * Added stub release notes for 2.0.4. + * Fixed a couple mistakes in docs/ref/forms/widgets.txt. + * Fixed #28655 -- Added more examples for customizing widgets in a form. + +------------------------------------------------------------------- +Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com + +- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537): + * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets. + * Added CVE-2018-6188 to the security release archive. + * Post-release version bump. + * Updated translations from Transifex + * Added stub release notes for security releases. + * Fixed incorrect regex in re_path() example. + * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments. + * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks. + * Used a CSS positioning in tutorial 6 that doesn't differ across browsers. + * Fixed typo in bulk_create() documentation. + * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. + * Removed blank lines per isort 4.3.0. + * Added stub release notes for 2.0.3. + * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters. + * Fixed #29172 -- Fixed crash with Window expression in a subquery. + * Fixed #29166 -- Fixed crash in When() expression with a list argument. + * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution. + * Improved clarity of docs/topics/install.txt. + * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value. + * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator. + * Bumped version for 2.0.3 release. + * Corrected doc'd type of some parameters from string to str. + * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples. + * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form. + * Switched test requirement to new psycopg2-binary package. + * Added backticks around obj argument in admin docs. + * Fixed typo in docs/topics/forms/media.txt. + * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale. + * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)). + +------------------------------------------------------------------- +Wed Feb 7 13:54:36 UTC 2018 - tbechtold@suse.com + +- update to 2.0.2 (bsc#1077714, CVE-2018-6188): + * Fixed #28883 -- Doc'd that the uuid URL path converter matches lowercase only letters. + * Fixed a GeoIP2 test failure with the latest GeoIP2 database. + * Added stub release notes for 2.0.1. + * Bumped version for 2.0.2 release. + * Fixed location of spatialite_source label. + * Fixed #28958 -- Fixed admin changelist crash when using a query expression in the page's ordering. + * Fixed #28231 -- Doc'd that QuerySet.bulk_create() casts objs to a list. + * Fixed #29032 -- Fixed an example of using expressions in QuerySet.values(). + * Disambiguated "settings" in SpatiaLite note. + * Fixed typo in docs/topics/testing/advanced.txt. + * Post-release version bump. + * Refs #25604 -- Removed docs for makemigrations --exit. + * Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled. + * Fixed typo in TemplateCommand argument help text. + * Added stub release notes for 1.11.9. + * Fixed #28915 -- Prevented SQLite from truncating trailing zeros in the fractional part of DecimalField. + * Refs #29086 -- Doc'd how to detect bytestring mistakes. + * Fixed #28886 -- Updated prefix for example django.contrib.auth.urls URLs. + * Fixed #29081 -- Clarified comments in QuerySet.select_related() example. + * Refs #27985 -- Reallowed using __exact=None as an alias for __isnull=True if a custom lookup class with lookup_name != None is registered as the exact lookup. + * Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table. + * Removed 'development' word in contributing docs + * Fixed #29055 -- Doc'd that escapejs doesn't make template literals safe. + * Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion. + * Fixed grammar in docs/releases/2.0.txt. + * Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does. + * Fixed #28944 -- Fixed crash when chaining values()/values_list() after QuerySet.select_for_update(of=()). + * Fixed #29091 -- Fixed makemigrations crash if migrations directory doesn't have __init__.py. + * Fixed #28898 -- Corrected admin check to allow a OneToOneField in ModelAdmin.autocomplete_fields. + * Fixed #28896 -- Reallowed filtering a queryset with GeometryField=None. + * Fixed #28891 -- Documented Origin's loader attribute. + * Confirmed support for PostGIS 2.4. + * Wrapped an import per isort. + * Added release date for 2.0.1 and 1.11.9. + * Fixed #28884 -- Fixed crash on SQLite when renaming a field in a model referenced by a ManyToManyField. + * Fixed "template tag" spelling in docs. + * Fixed #28947 -- Fixed crash when coercing a translatable URL pattern to str. + * Fixed typo in docs/topics/i18n/translation.txt. + * Refs #28932 -- Skipped the failing test for refs #28915 on Oracle. + * Refs #25181 -- Updated timezone.now() docs about obtaining the time in the current time zone. + * Updated documented mysqlclient requirement to 1.3.7. + * Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages. + * Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. + * Fixed #29067 -- Fixed regression in QuerySet.values_list(..., flat=True) followed by annotate(). + * Removed note in tutorial about bypassing manage.py. + * Fixed #28929 -- Corrected QUnit examples. + * Refs #28958 -- Added a test for ModelAdmin with query expressions in ordering. + * Updated various links in docs to use HTTPS. + * Expanded docs for AbstractBaseUser.has_usable_password(). + * Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073. + * Doc'd specifying the ENGINE setting as part of configuring contrib.gis. + * Added stub release notes for 1.11.10. + * Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase. + * Fixed #28784 -- Clarified how migrate --fake works. + * Fixed typo in docs/ref/models/expressions.txt. + * Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields. + * Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table. + * Bumped version for 2.0.1 release. + * Fixed #25277 -- Restored test dependency to the original python-memcached. + * Fixed #28761 -- Documented how an inline formset's prefix works. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Fixed #28966 -- Doc'd that the uuid URL path converter requires dashes + * Fixed #29054 -- Fixed a regression where a queryset that annotates with geometry objects crashes. + * Reverted "[1.11.x] Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI." + * Added "Python 3 Only" trove classifier. + * Fixed #28941 -- Fixed crash in testserver command startup. + * Fixed import in docs/ref/models/conditional-expressions.txt example. + * Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. + * Fixed #28594 -- Removed Jython docs and specific code + * Renamed the "Supported versions" label. + * Fixed #28878 -- Added python_requires in setup.py and a warning for older pips that don't recognize it. + * Fixed typo in docs/ref/contrib/admin/index.txt. + * Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI. + * Added stub release notes for 2.0.2. + * Fixed #28938 -- Corrected Python compatibility in the tutorial. + * Fixed #28890 -- Removed newlines between MultiWidget's subwidgets. + +------------------------------------------------------------------- +Tue Dec 12 21:12:18 UTC 2017 - mimi.vx@gmail.com + +- update to 2.0 + * drop python 2 support + * Simplified URL routing syntax + * Mobile-friendly contrib.admin + * Window expressions + * Removed support for bytestrings in some places + * Dropped support for Oracle 11.2 +- Please read Release Notes - https://docs.djangoproject.com/en/2.0/releases/2.0/ + +------------------------------------------------------------------- +Tue Dec 12 05:16:57 UTC 2017 - tbechtold@suse.com + +- update to 1.11.8: + * Fixed #28488 -- Reallowed error handlers to access CSRF tokens. + * Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey + pointing to a MTI model. + * Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary + key in an Index's fields. + * Added stub release notes for 1.11.7. + * Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint" + crash on MySQL with a sequence of AlterField or RenameField operations. + * Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef. + * Added assertion helpers for PostgreSQL's server-side cursor tests. + * Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs. + * Fixed #28786 -- Doc'd middleware ordering considerations due to + CommonMiddleware setting Content-Length. + * Added release date for 1.11.8. + * Fixed #28702 -- Made query lookups for CIText fields use citext. + * Added 2017-12794 to the security release archive. + * Fixed typo in docs/topics/cache.txt. + * Bumped version for 1.11.6 release. + * Added release date for 1.11.6. + * Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt. + * Bumped version for 1.11.7 release. + * Added stub release notes for 1.11.8. + * Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered + subquery that uses nulls_first/nulls_last. + * Fixed typo in docs/topics/db/aggregation.txt. + * Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt. + * Fixed typo in docs/topics/forms/media.txt. + * Bumped version for 1.11.8 release. + * Fixed typo in docs/ref/models/querysets.txt. + * Fixed test failures due to ordering differences on PostgreSQL 10. + * Fixed #28710 -- Fixed the Basque DATE_FORMAT string + * Added stub release notes for 1.11.6. + * Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. + * Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after + values() and values_list(). + * Post-release version bump. + * Fixed #28792 -- Fixed index name truncation of namespaced tables. + * Fixed #28781 -- Added QuerySet.values()/values_list() support for union(), + difference(), and intersection(). + * Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last. + * Refs #28710 -- Simplified l10n format test + * Initialized CsrfViewMiddleware once in csrf_tests. + * Added release date for 1.11.7. + * Linked to prefetch_related_objects func in DB optimization docs. + * Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user + error when using ModelBackend. + * Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs. + * Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins. + * Fixed #28555 -- Made CharField convert whitespace-only values to the + empty_value when strip is enabled. + * Fixed #28601 -- Prevented cache.get_or_set() from caching None if default + is a callable that returns None. + +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + +------------------------------------------------------------------- +Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com + +- update to version 1.11.4: + * Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3. + * Fixed #27956 -- Fixed display of errors in an {% extends %} child. + * Updated various links in docs to avoid redirects + * Fixed typo in docs/topics/auth/default.txt. + * Double quoted HTML attributes in widget docs + * Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template. + * Added stub release notes for 1.11.3. + * Documented OSMWidget.default_lat/lon. + * Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field. + * Bumped version for 1.11.4 release. + * Bumped version for 1.11.3 release. + * Updated translations from Transifex + * Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets(). + * Fixed #28242 -- Moved ImageField file extension validation to the form field. + * Made docs/topics/migrations.txt use single quotes consistently. + * Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2. + * Updated name of topics/db/queries link on index. + * Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt. + * Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state. + * Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. + * Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test. + * Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs. + * Fixed typo in docs/topics/testing/advanced.txt. + * Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context. + * Refs #18974 -- Added stacklevel for permalink() deprecation. + * Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field. + * Fixed #28051 -- Made migrations respect Index's name argument. + * Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous. + * Added release date for 1.11.4. + * Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path. + * Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__(). + * Fixed #28148 -- Doc'd ImageField name validation concerns with the test client. + * Added stub release notes for 1.11.2. + * Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+. + * Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor. + * Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt. + * Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms. + * Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible(). + * Fixed docstring typo in django/contrib/admin/actions.py. + * Fixed #28102 -- Doc'd how to compute path to built-in widget template directories. + * Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples. + * Fixed #28181 -- Added detection for GDAL 2.1 and 2.0. + * Refs #23853 -- Updated sql.query.Query.join() docstring. + * Added a test for Model._meta._property_names. + * Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg. + * Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept. + * Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis. + * Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget. + * Added content_type filtering in Permission querying example. + * Corrected FileExtensionValidator doc regarding the value being validated. + * Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash. + * Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. + * Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices. + * Post-release version bump. + * Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False. + * Refs #28192 -- Fixed documentation of ChoiceField choices requirement + * Fixed #27966 -- Bumped required psycopg2 version to 2.5.4. + * Linked GIS QuerySet API docs to corresponding PostGIS docs. + * Fixed #27974 -- Kept resolved templates constant during one rendering cycle. + * Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations + * Fixed typo in docs/ref/request-response.txt. + * Fixed #27963 -- Removed unneeded docstring example in contributing docs. + * Added stub release notes for security releases. + * Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS. + * Fixed typo in docs/ref/forms/fields.txt. + * Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). + * Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount. + * Fixed broken links to Oracle docs. + * Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches. + * Added links and cosmetic edits to docs/ref/request-response.txt. + * Added stub release notes for 1.11.1. + * Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page. + * Removed incorrect "required" attribute in docs/ref/forms/fields.txt. + * Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context. + * Refs #24423 -- Readded inadvertently deleted i18n tests. + * Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939). + * Corrected post-release version bump. + * Made runtests.py run gis_tests only when using a GIS database backend. + * Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool. + * Fixed broken link to QUnit docs. + * Removed MySQL (unsupported) from Perimeter docs. + * Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt. + * Fixed #28139 -- Added another level of headings in the topics index. + * Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like. + * Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed. + * Updated man page for Django 1.11. + * Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt. + * Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST. + * Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. + * Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS. + * Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. + * Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering. + * Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor. + * Tested EmailMessage(attachments=[MIMEText]) + * Clarified return value of NumGeometries GIS function. + * Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL. + * Fixed #28058 -- Restored empty BoundFields evaluating to True. + * Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt. + * Added CVE-2017-7233,4 to the security release archive. + * Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII. + * Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters. + * Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet. + * Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults. + * Refs #27556, #27488 -- Updated support backends docs for isvalid lookup. + * Fixed nondeterministic ordering test failure in model_forms. + * Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__(). + * Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758. + * Made a few cosmetic updates to "Migrations that add unique fields". + * Bumped version for 1.11 release. + * Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory. + * Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input. + * Fixed #27949 -- Doc'd how OpenLayers 3 widgets work. + * Pass type to sql_alter_column_* where it was missing. + * Fixed #27866 -- Made ChoiceWidget.format_value() return a list + * Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667). + * Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed. + * Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet. + * Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date. + * Fixed #28161 -- Fixed return type of ArrayField(CITextField()). + * Corrected docs regarding MySQL support of Length GIS function. + * Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value. + * Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest. + * Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials. + * Fixed #27644 -- Doc'd FileSystemStorage.get_created_time(). + * Added test for intersection() when combining with a queryset raising EmptyResultSet. + * Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL. + * Removed extra characters in docs header underlines. + * Fixed GEOSGeometry reference in GIS tutorial. + * Refs #28066 -- Fixed Python 2 failures in sessions_tests. + * Removed obsolete Widget.format_output() in tests. + * Fixed #28059 -- Restored class attribute in
              of widgets that use multiple_input.html. + * Fixed typo in docs/ref/contrib/postgres/fields.txt. + * Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. + * Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537). + * Removed unexpected initial attribute in data migration examples. + * Renamed "Mac OS X" to "macOS" in docs. + * Sorted imports per isort 4.2.9. + * Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331. + * Back to the future. + * Fixed #27993 -- Fixed model form default fallback for SelectMultiple. + * Refs #27866 -- Adapted backport for Python 2 compatibility + * Removed unused links in docs/internals/contributing/triaging-tickets.txt. + * Clarified QuerySet.iterator()'s docs on server-side cursors. + * Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses + * Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget. + * Corrected REPL example in forms docs for Python 3. + * Refs #28181 -- Corrected detection of GDAL 2.1 on Windows. + * Fixed #28075 -- Prevented ChoiceWidget from localizing option values. + * Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model. + * Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL. + * Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model. + * Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL. + * Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs. + * Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend. + * Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options. + * Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11. + * Fixed a forms test after updated translations. + * Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt. + * Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists(). + * Fixed #28336 -- Fixed typo in docs/ref/settings.txt. + * Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet. + * Refs #28052 -- Cleaned up some indexes in schema tests. + * Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk. + * Added release date for 1.11.1. + * Fixed #28327 -- Removed contradictory description of mod_wsgi docs. + * Clarified "newly-introduced features" in the supported versions policy. + * Fixed docs build with Sphinx 1.6. + * Fixed #28239 -- Removed docs for a removed arg of template.Context. + * Bumped version for 1.11.2 release. + * Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests. + * Updated postgis.net and gaia-gis.it links to https. + * Fixed typos in docs/topic/db/search.txt. + * Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables. + * Fixed typos in docs/howto/static-files/index.txt. + * Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views. + * Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk. + * Fixed db backend discovery in admin_scripts tests. + * Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt. + * Fixed #26028 -- Added overriding templates howto. + * Updated was_published_recently() tutorial test to check boundary condition. + * Fix a typo in django/db/transaction.py + * Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings. + * Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs. + * Refs #22397 -- Removed model in test cleanup + * Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False. + * Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField. + * Updated core translations from Transifex + * Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model. + * Added missing import in docs/topics/db/queries.txt. + * Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected. + * Fixed #28229 -- Fixed the value of LoginView's "next" template variable. + * Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None. + * Added release date for 1.11.2. + * Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. + * Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new. + * Removed an obsolete temporal reference in docs/faq/general.txt. + * Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg. + * Fixed #27945 -- Clarified that RegexValidator searches with the regex. + * Linked GIS functions docs to corresponding PostGIS docs. + * Refs #17453 -- Fixed broken link to #django IRC logs. + * Fixed gis_tests.geoapp test with incorrect geodetic coordinates. + * Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data. + * Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it. + * Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5. + * Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms. + * Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails + * Clarified backend support of Area GIS function. + * Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it. + * Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models. + * Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable. + * Fixed #28188 -- Fixed crash when pickling model fields. + * Fixed typo in docs/ref/models/querysets.txt. + * Pointed Dive into Python links to python3 site + * Refs #25240 -- Added ExtractWeek examples. + * Added some shell output in tutorial 2. + * Removed inappropriate highlighting in committing-code.txt. + * Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries. + * Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses. + * Fixed flake8 warning on Python 2. + * Clarified meaning of "Optional" in auth.models.User field docs. + * Clarified HStoreField model/form difference in 1.11 release notes. + * Removed self from method signatures in docs. + * Added stub release notes for 1.11.4. + * Updated tests after French translation update + * Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once. + * Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter. + * Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form. + * Refs #21415 -- Fixed contrib.humanize translations for es_AR + * Fixed #27655 -- Added some guidelines to the coding style docs. + * Updated contrib translations from Transifex + * Removed nonexistent methods from File's docs. + * Doc'd the need to remove default ordering on Subquery aggregates. + * Fixed broken link to mysqlclient docs. + * Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model. + * Removed usage of deprecated sphinx.util.compat.Directive. + * Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da. + * Fixed #28190 -- Clarifed how include/extends treat template names. + * Refs #26294 -- Fixed typo in docs/ref/django-admin.txt. + * Refs #28091 -- Fixed typo and rephrased 1.11.1 release note. + * Fixed typo in docs/ref/class-based-views/mixins-single-object.txt. + * Bumped version for 1.11.1 release. + * Added release date for 1.11.3. + * Bumped version for 1.11 release candidate 1. + * Simplified tutorial's test names and docstrings. + * Fixed typo in django/db/backends/base/schema.py comment. + * Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs. +- Require python-pytz and Recommend python-bcrypt + +------------------------------------------------------------------- +Wed Aug 9 17:58:19 UTC 2017 - toddrme2178@gmail.com + +- Fix building on older Python versions. + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. + +------------------------------------------------------------------- +Mon May 8 14:32:03 UTC 2017 - toddrme2178@gmail.com + +- django-admin.py should be the master, not django-admin. + +------------------------------------------------------------------- +Sat May 6 03:31:54 UTC 2017 - toddrme2178@gmail.com + +- Don't provide python2-django or python2-South, singlespec + packages should use correct name. + +------------------------------------------------------------------- +Thu May 4 15:33:21 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Apr 4 14:38:13 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.7 + Bugfixes + * Made admin’s RelatedFieldWidgetWrapper use the wrapped widget’s + value_omitted_from_data() method (#27905) + * Fixed model form default fallback for SelectMultiple (#27993) + +------------------------------------------------------------------- +Wed Mar 1 14:24:17 UTC 2017 - appleonkel@opensuse.org + +- Update to 1.10.6 + Bugfixes + * Fixed ClearableFileInput’s “Clear” checkbox on model form fields where the + model field has a default + * Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than + generating a bad request response + * Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or + IntegerField from DateField + * Fixed query expression date subtraction accuracy on PostgreSQL for differences + large an a month + * Fixed a GDALException raised by GDALClose on GDAL >= 2.0 + +------------------------------------------------------------------- +Tue Jan 31 14:00:11 UTC 2017 - michal@cihar.com + +- Update to 1.10.5 + * See https://docs.djangoproject.com/en/1.10/releases/1.10/ + * Full text search for PostgreSQL + * New-style middleware + * Official support for Unicode usernames + +------------------------------------------------------------------- +Fri Dec 2 10:17:25 UTC 2016 - appleonkel@opensuse.org + +- Update to 1.9.12 + Bugfixes + * Quoted the Oracle test user’s password in queries to fix the “ORA-00922: missing + or invalid option” error when the password starts with a number or + special character (#27420) + * DNS rebinding vulnerability when DEBUG=True + * CSRF protection bypass on a site with Google Analytics + +------------------------------------------------------------------- +Sat Sep 24 16:42:55 UTC 2016 - sbahling@suse.com + +- Change Requires: python-Pillow to python-imaging for compatibility + with SLE-12 which provides PIL instead of Pillow. + +------------------------------------------------------------------- +Tue Aug 9 09:11:24 UTC 2016 - aplanas@suse.com + +- Update to 1.9.9 + Bugfixes + * Fixed invalid HTML in template postmortem on the debug page + (#26938). + * Fixed some GIS database function crashes on MySQL 5.7 (#26657). + +- Update to 1.9.8 + Fix XSS in admin’s add/change related popup (bsc#988420) + Unsafe usage of JavaScript’s Element.innerHTML could result in XSS + in the admin’s add/change related popup. Element.textContent is now + used to prevent execution of the data. + The debug view also used innerHTML. Although a security issue wasn’t + identified there, out of an abundance of caution it’s also updated + to use textContent. + + Bugfixes + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AddField on PostgreSQL (#26889). + * Fixed makemessages crash on Python 2 with non-ASCII file names + (#26897). + +- Update to 1.9.7 + Bugfixes + * Removed the need for the request context processor on the admin + login page to fix a regression in 1.9 (#26558). + * Fixed translation of password validators’ help_text in forms + (#26544). + * Fixed a regression causing the cached template loader to crash + when using lazy template names (#26603). + * Fixed on_commit callbacks execution order when callbacks make + transactions (#26627). + * Fixed HStoreField to raise a ValidationError instead of crashing + on non-dictionary JSON input (#26672). + * Fixed dbshell crash on PostgreSQL with an empty database name + (#26698). + * Fixed a regression in queries on a OneToOneField that has to_field + and primary_key=True (#26667). + +------------------------------------------------------------------- +Tue May 3 08:23:48 UTC 2016 - aplanas@suse.com + +- Update to 1.9.6 + Bugfixes + * Added support for relative path redirects to the test client and + to SimpleTestCase.assertRedirects() because Django 1.9 no longer + converts redirects to absolute URIs (#26428). + * Fixed TimeField microseconds round-tripping on MySQL and SQLite + (#26498). + * Prevented makemigrations from generating infinite migrations for a + model field that references a functools.partial (#26475). + * Fixed a regression where SessionBase.pop() returned None rather + than raising a KeyError for nonexistent values (#26520). + * Fixed a regression causing the cached template loader to crash + when using template names starting with a dash (#26536). + * Restored conversion of an empty string to null when saving values + of GenericIPAddressField on SQLite and MySQL (#26557). + * Fixed a makemessages regression where temporary .py extensions + were leaked in source file paths (#26341). + +------------------------------------------------------------------- +Sun May 1 12:29:52 UTC 2016 - michael@stroeder.com + +- Update to 1.9.5 + +------------------------------------------------------------------- +Tue Feb 2 09:21:43 UTC 2016 - aplanas@suse.com + +- Update to 1.9.2 + Security issue + * User with "change" but not "add" permission can create objects for + ModelAdmin's with save_as=True + Backwards incompatible change + * .py-tpl files rewritten in project/app templates + Bugfixes + * Fixed a regression in ConditionalGetMiddleware causing + If-None-Match checks to always return HTTP 200 (#26024). + * Fixed a regression that caused the "user-tools" items to display + on the admin's logout page (#26035). + * Fixed a crash in the translations system when the current language + has no translations (#26046). + * Fixed a regression that caused the incorrect day to be selected + when opening the admin calendar widget for timezones from GMT+0100 + to GMT+1200 (#24980). + * Fixed a regression in the admin's edit related model popup that + caused an escaped value to be displayed in the select dropdown of + the parent window (#25997). + * Fixed a regression in 1.8.8 causing incorrect index handling in + migrations on PostgreSQL when adding db_index=True or unique=True + to a CharField or TextField that already had the other specified, + or when removing one of them from a field that had both, or when + adding unique=True to a field already listed in unique_together + (#26034). + * Fixed a regression where defining a relation on an abstract + model's field using a string model name without an app_label no + longer resolved that reference to the abstract model's app if + using that model in another application (#25858). + * Fixed a crash when destroying an existing test database on MySQL + or PostgreSQL (#26096). + * Fixed CSRF cookie check on POST requests when + USE_X_FORWARDED_PORT=True (#26094). + * Fixed a QuerySet.order_by() crash when ordering by a relational + field of a ManyToManyField through model (#26092). + * Fixed a regression that caused an exception when making database + queries on SQLite with more than 2000 parameters when DEBUG is + True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER + compile-time limit to over 2000, such as Debian (#26063). + * Fixed a crash when using a reverse OneToOneField in + ModelAdmin.readonly_fields (#26060). + * Fixed a crash when calling the migrate command in a test case with + the available_apps attribute pointing to an application with + migrations disabled using the MIGRATION_MODULES setting (#26135). + * Restored the ability for testing and debugging tools to determine + the template from which a node came from, even during template + inheritance or inclusion. Prior to Django 1.9, debugging tools + could access the template origin from the node via + Node.token.source[0]. This was an undocumented, private API. The + origin is now available directly on each node using the + Node.origin attribute (#25848). + * Fixed a regression in Django 1.8.5 that broke copying a + SimpleLazyObject with copy.copy() (#26122). + * Always included geometry_field in the GeoJSON serializer output + regardless of the fields parameter (#26138). + * Fixed the contrib.gis map widgets when using + USE_THOUSAND_SEPARATOR=True (#20415). + * Made invalid forms display the initial of values of their disabled + fields (#26129). + +------------------------------------------------------------------- +Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com + +- Update to 1.9.1 + Bugfixes + * Fixed BaseCache.get_or_set() with the DummyCache backend (#25840). + * Fixed a regression in FormMixin causing forms to be validated + twice (#25548, #26018). + * Fixed a system check crash with nested ArrayFields (#25867). + * Fixed a state bug when migrating a SeparateDatabaseAndState + operation backwards (#25896). + * Fixed a regression in CommonMiddleware causing If-None-Match + checks to always return HTTP 200 (#25900). + * Fixed missing varchar/text_pattern_ops index on CharField and + TextField respectively when using AlterField on PostgreSQL + (#25412). + * Fixed admin’s delete confirmation page’s summary counts of related + objects (#25883). + * Added from __future__ import unicode_literals to the default + apps.py created by startapp on Python 2 (#25909). Add this line to + your own apps.py files created using Django 1.9 if you want your + migrations to work on both Python 2 and Python 3. + * Prevented QuerySet.delete() from crashing on MySQL when querying + across relations. + * Fixed evaluation of zero-length slices of QuerySet.values() + (#25894). + * ... + * https://docs.djangoproject.com/en/1.9/releases/1.9.1/ + +------------------------------------------------------------------- +Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com + +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) + * https://docs.djangoproject.com/en/1.9/releases/1.9/ + * Performing actions after a transaction commit + * Password validation + * Permission mixins for class-based views + * New styling for "contrib.admin" + * Running tests in parallel + +------------------------------------------------------------------- +Tue Nov 10 10:39:22 UTC 2015 - tbechtold@suse.com + +- update to 1.8.6: + * https://docs.djangoproject.com/en/1.8/releases/1.8.5/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.6/ + +------------------------------------------------------------------- +Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com + +- add missing Requires for python-setuptools (bsc#952198) + /usr/bin/django-admin needs the pkg_resources framework from + python-setuptools to run properly. + +------------------------------------------------------------------- +Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com + +- update to 1.8.4 (CVE-2015-5963): + * https://docs.djangoproject.com/en/1.8/releases/1.8.4/ + +------------------------------------------------------------------- +Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com + +- add keyring and verify source signature + +------------------------------------------------------------------- +Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com + +- update to 1.8.3: + * https://docs.djangoproject.com/en/1.8/releases/1.8.3/ + Various bugfixes/security fixes (CVE-2015-5145, bsc#937524) + +------------------------------------------------------------------- +Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com + +- update to 1.8.2 (CVE-2015-3982): + * https://docs.djangoproject.com/en/1.8/releases/1.8.2/ + * https://docs.djangoproject.com/en/1.8/releases/1.8.1/ + +------------------------------------------------------------------- +Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com + +- Update to Django 1.8 + * "Long-Term Support" (LTS) release + New features: + * Model._meta API + * Multiple template engines + * Security enhancements + * New PostgreSQL specific functionality + * New data types + * Query Expressions, Conditional Expressions, and Database Functions + * TestCase data setup + Backwards incompatible changes: + * Related object operations are run in a transaction + * Assigning unsaved objects to relations raises an error + * Management commands that only accept positional arguments + * Custom test management command arguments through test runner + * Model check ensures auto-generated column names are within limits + specified by database + * Query relation lookups now check object types + * select_related() now checks given fields + * Default EmailField.max_length increased to 254 + * (DROP) Support for PostgreSQL versions older than 9.0 + * (DROP) Support for MySQL versions older than 5.5 + * (DROP) Support for Oracle versions older than 11.1 + * Specific privileges used instead of roles for tests on Oracle + * ... + +------------------------------------------------------------------- +Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.7: + Security issues: + * Denial-of-service possibility with strip_tags() + * Mitigated possible XSS attack via user-supplied redirect URLs + Bugfixes: + * Fixed renaming of classes in migrations where renaming a subclass would + cause incorrect state to be recorded for objects that referenced the + superclass (#24354). + * Stopped writing migration files in dry run mode when merging migration + conflicts. When makemigrations --merge is called with verbosity=3 the + migration file is written to stdout (:ticket: 24427). + +------------------------------------------------------------------- +Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com + +- Update to Djano 1.7.6: + Bugfixes + * Mitigated an XSS attack via properties in + "ModelAdmin.readonly_fields" + * Fixed crash when coercing "ManyRelatedManager" to a string + (#24352). + * Fixed a bug that prevented migrations from adding a foreign key + constraint when converting an existing field to a foreign key + (#24447). + +------------------------------------------------------------------- +Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.5: + Bugfixes + * Reverted a fix that prevented a migration crash when unapplying + contrib.contenttypes's or contrib.auth's first migration (#24075) + due to severe impact on the test performance (#24251) and problems + in multi-database setups (#24298). + * Fixed a regression that prevented custom fields inheriting from + ManyToManyField from being recognized in migrations (#24236). + * Fixed crash in contrib.sites migrations when a default database + isn't used (#24332). + * Added the ability to set the isolation level on PostgreSQL with + psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in + Django 1.6 but it didn't work in practice. + * Formats for the Azerbaijani locale (az) have been added. + +------------------------------------------------------------------- +Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com + +- Update to Django 1.7.4: + Bugfixes + * Fixed a migration crash when unapplying ``contrib.contenttypes``’s + or ``contrib.auth``’s first migration (:ticket:`24075`). + * Made the migration's ``RenameModel`` operation rename + ``ManyToManyField`` tables (:ticket:`24135`). + * Fixed a migration crash on MySQL when migrating from a + ``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`). + * Prevented the ``static.serve`` view from producing + ``ResourceWarning``\s in certain circumstances (security fix + regression, :ticket:`24193`). + * Fixed schema check for ManyToManyField to look for internal type + instead of checking class instance, so you can write custom + m2m-like fields with the same behavior. (:ticket:`24104`). + +------------------------------------------------------------------- +Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz + +- Update to Django 1.7.3: + Security fixes: + * WSGI header spoofing via underscore/dash conflation. + * Mitigated possible XSS attack via user-supplied redirect URLs. + * Denial-of-service attack against django.views.static.serve. + * Database denial-of-service with ModelMultipleChoiceField. + Bug fixes: + * The default iteration count for the PBKDF2 password hasher has been + increased by 25%. This part of the normal major release process was + inadvertently omitted in 1.7. This backwards compatible change will not + affect users who have subclassed + django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default + value. + * Fixed a crash in the CSRF middleware when handling non-ASCII referer + header (#23815). + * Fixed a crash in the django.contrib.auth.redirect_to_login view when + passing a reverse_lazy() result on Python 3 (#24097). + * Added correct formats for Greek (el) (#23967). + * Fixed a migration crash when unapplying a migration where multiple + operations interact with the same model (#24110). + +------------------------------------------------------------------- +Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com + +- South has been merged in main Django; provide and obsolete it + +------------------------------------------------------------------- +Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com + +- Update to Django 1.7.2: + + * Fixed migration’s renaming of auto-created many-to-many tables + when changing Meta.db_table (#23630). + * Fixed a migration crash when adding an explicit id field to a + model on SQLite (#23702). + * Added a warning for duplicate models when a module is + reloaded. Previously a RuntimeError was raised every time two + models clashed in the app registry. (#23621). + * Prevented flush from loading initial data for migrated apps + (#23699). + * Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the + default None value (#23717). + * Added GeoDjango compatibility with mysqlclient database driver. + * Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719). + * Fixed a migration crash when removing a field that is referenced + in AlterIndexTogether or AlterUniqueTogether (#23614). + * Updated the first day of the week in the Ukrainian locale to + Monday. + * Added support for transactional spatial metadata initialization on + SpatiaLite 4.1+ (#23152). + * Fixed a migration crash that prevented changing a nullable field + with a default to non-nullable with the same default (#23738). + * Fixed a migration crash when adding GeometryFields with blank=True + on PostGIS (#23731). + * Allowed usage of DateTimeField() as Transform.output_field + (#23420). + * Fixed a migration serializing bug involving float("nan") and + float("inf") (#23770). + * Fixed a regression where custom form fields having a queryset + attribute but no limit_choices_to could not be used in a ModelForm + (#23795). + * Fixed a custom field type validation error with MySQL backend when + db_type returned None (#23761). + * Fixed a migration crash when a field is renamed that is part of an + index_together (#23859). + * Fixed squashmigrations to respect the --no-optimize parameter + (#23799). + * Made RenameModel reversible (#22248) + * Avoided unnecessary rollbacks of migrations from other apps when + migrating backwards (#23410). + * Fixed a rare query error when using deeply nested subqueries + (#23605). + * Fixed a crash in migrations when deleting a field that is part of + a index/unique_together constraint (#23794). + * Fixed django.core.files.File.__repr__() when the file’s name + contains Unicode characters (#23888). + * Added missing context to the admin’s delete_selected view that + prevented custom site header, etc. from appearing (#23898). + * Fixed a regression with dynamically generated inlines and allowed + field references in the admin (#23754). + * Fixed an infinite loop bug for certain cyclic migration + dependencies, and made the error message for cyclic dependencies + much more helpful. + * Added missing index_together handling for SQLite (#23880). + * Fixed a crash when RunSQL SQL content was collected by the schema + editor, typically when using sqlmigrate (#23909). + * Fixed a regression in contrib.admin add/change views which caused + some ModelAdmin methods to receive the incorrect obj value + (#23934). + * Fixed runserver crash when socket error message contained Unicode + characters (#23946). + * Fixed serialization of type when adding a deconstruct() method + (#23950). + * Prevented the SessionAuthenticationMiddleware from setting a + "Vary: Cookie" header on all responses (#23939). + * Fixed a crash when adding blank=True to TextField() on MySQL + (#23920). + * Fixed index creation by the migration infrastructure, particularly + when dealing with PostgreSQL specific {text|varchar}_pattern_ops + indexes (#23954). + * Fixed bug in makemigrations that created broken migration files + when dealing with multiple table inheritance and inheriting from + more than one model (#23956). + * Fixed a crash when a MultiValueField has invalid data (#23674). + * Fixed a crash in the admin when using “Save as new” and also + deleting a related inline (#23857). + * Always converted related_name to text (unicode), since that is + required on Python 3 for interpolation. Removed conversion of + related_name to text in migration deconstruction (#23455 and + #23982). + * Enlarged the sizes of tablespaces which are created by default for + testing on Oracle (the main tablespace was increased from 200M to + 300M and the temporary tablespace from 100M to 150M). This was + required to accommodate growth in Django’s own test suite + (#23969). + * Fixed timesince filter translations in Korean (#23989). + * Fixed the SQLite SchemaEditor to properly add defaults in the + absence of a user specified default. For example, a CharField with + blank=True didn’t set existing rows to an empty string which + resulted in a crash when adding the NOT NULL constraint (#23987). + * makemigrations no longer prompts for a default value when adding + TextField() or CharField() without a default (#23405). + * Fixed a migration crash when adding order_with_respect_to to a + table with existing rows (#23983). + * Restored the pre_migrate signal if all apps have migrations + (#23975). + * Made admin system checks run for custom AdminSites (#23497). + * Ensured the app registry is fully populated when unpickling + models. When an external script (like a queueing infrastructure) + reloads pickled models, it could crash with an AppRegistryNotReady + exception (#24007). + * Added quoting to field indexes in the SQL generated by migrations + to prevent a crash when the index name requires it (##24015). + * Added datetime.time support to migrations questioner (#23998). + * Fixed admindocs crash on apps installed as eggs (#23525). + * Changed migrations autodetector to generate an AlterModelOptions + operation instead of DeleteModel and CreateModel operations when + changing Meta.managed. This prevents data loss when changing + managed from False to True and vice versa (#24037). + * Enabled the sqlsequencereset command on apps with migrations + (#24054). + * Added tablespace SQL to apps with migrations (#24051). + * Corrected contrib.sites default site creation in a multiple + database setup (#24000). + * Restored support for objects that aren’t str or bytes in + mark_for_escaping() on Python 3. + * Supported strings escaped by third-party libraries with the + __html__ convention in the template engine (#23831). + * Prevented extraneous DROP DEFAULT SQL in migrations (#23581). + * Restored the ability to use more than five levels of subqueries + (#23758). + * Fixed crash when ValidationError is initialized with a + ValidationError that is initialized with a dictionary (#24008). + * Prevented a crash on apps without migrations when running migrate + --list (#23366). + +------------------------------------------------------------------- +Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7.1 + + * Allowed related many-to-many fields to be referenced in the admin + (#23604). + * Added a more helpful error message if you try to migrate an app + without first creating the contenttypes table (#22411). + * Modified migrations dependency algorithm to avoid possible + infinite recursion. + * Fixed a UnicodeDecodeError when the flush error message contained + Unicode characters (#22882). + * Reinstated missing CHECK SQL clauses which were omitted on some + backends when not using migrations (#23416). + * Fixed serialization of type objects in migrations (#22951). + * Allowed inline and hidden references to admin fields (#23431). + * The @deconstructible decorator now fails with a ValueError if the + decorated object cannot automatically be imported (#23418). + * Fixed a typo in an inlineformset_factory() error message that + caused a crash (#23451). + * Restored the ability to use ABSOLUTE_URL_OVERRIDES with the + 'auth.User' model (#11775). As a side effect, the setting now adds + a get_absolute_url() method to any model that appears in + ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url(). + * Avoided masking some ImportError exceptions during application + loading (#22920). + * Empty index_together or unique_together model options no longer + results in infinite migrations (#23452). + * Fixed crash in contrib.sitemaps if lastmod returned a date rather + than a datetime (#23403). + * Allowed migrations to work with app_labels that have the same last + part (e.g. django.contrib.auth and vendor.auth) (#23483). + * Restored the ability to deepcopy F objects (#23492). + * Formats for Welsh (cy) and several Chinese locales (zh_CN, + zh_Hans, zh_Hant and zh_TW) have been added. Formats for + Macedonian have been fixed (trailing dot removed, #23532). + * Added quoting of constraint names in the SQL generated by + migrations to prevent crash with uppercase characters in the name + (#23065). + * Fixed renaming of models with a self-referential many-to-many + field (ManyToManyField('self')) (#23503). + * Added the get_extra(), get_max_num(), and get_min_num() hooks to + GenericInlineModelAdmin (#23539). + * Made migrations.RunSQL no longer require percent sign + escaping. This is now consistent with cursor.execute() (#23426). + * Made the SERIALIZE entry in the TEST dictionary usable (#23421). + * Fixed bug in migrations that prevented foreign key constraints to + unmanaged models with a custom primary key (#23415). + * Added SchemaEditor for MySQL GIS backend so that spatial indexes + will be created for apps with migrations (#23538). + * Added SchemaEditor for Oracle GIS backend so that spatial metadata + and indexes will be created for apps with migrations (#23537). + * Coerced the related_name model field option to unicode during + migration generation to generate migrations that work with both + Python 2 and 3 (#23455). + * Fixed MigrationWriter to handle builtin types without imports + (#23560). + * Fixed deepcopy on ErrorList (#23594). + * Made the admindocs view to browse view details check if the view + specified in the URL exists in the URLconf. Previously it was + possible to import arbitrary packages from the Python path. This + was not considered a security issue because admindocs is only + accessible to staff users (#23601). + * Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII + characters in the request (#23593). + * Fixed missing get_or_create and update_or_create on related + managers causing IntegrityError (#23611). + * Made urlsafe_base64_decode() return the proper type (byte string) + on Python 3 (#23333). + * makemigrations can now serialize timezone-aware values (#23365). + * Added a prompt to the migrations questioner when removing the null + constraint from a field to prevent an IntegrityError on existing + NULL rows (#23609). + * Fixed generic relations in ModelAdmin.list_filter (#23616). + * Restored RFC compliance for the SMTP backend on Python 3 (#23063). + * Fixed a crash while parsing cookies containing invalid content + (#23638). + * The system check framework now raises error models.E020 when the + class method Model.check() is unreachable (#23615). + * Made the Oracle test database creation drop the test user in the + event of an unclean exit of a previous test run (#23649). + * Fixed makemigrations to detect changes to Meta.db_table (#23629). + * Fixed a regression when feeding the Django test client with an + empty data string (#21740). + * Fixed a regression in makemessages where static files were + unexpectedly ignored (#23583). + +------------------------------------------------------------------- +Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com + +- Update to Django 1.7 + + * A new built-in database migration system. Notes on upgrading from + South (a popular third*party application providing migration + functionality) are also available. + * A refactored concept of Django applications. Django applications + are no longer tied to the existence of a models files, and can now + specify both configuration data and code to be executed as Django + starts up. + * Improvements to the model Field API to support migrations and, in + the future, to enable easy addition of composite-key support to + Django's ORM. + * Improvements for custom Manager and QuerySet classes, allowing + reverse relationship traversal to specify the Manager to use, and + creation of a Manager from a custom QuerySet class. + * An extensible system check framework which can assist developers + in detecting and diagnosing errors. + + Please refer to the release notes for all details and migration + instructions: + https://docs.djangoproject.com/en/1.7/releases/1.7/ + +- Added python-setuptools as a BuildRequires. + +- Fixed Source URL from Django Project site. + +- Reordered sources. + +- Fixed deduplication to avoid wrong mtimes in pyc files. + +------------------------------------------------------------------- +Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org + +- Rename rpmlintrc to %{name}-rpmlintrc. + Follow the packaging guidelines. + +------------------------------------------------------------------- +Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- +Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com + +- Fix update-alternatives + +------------------------------------------------------------------- +Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com + +- Update to version 1.6.2: + + Prevented the base geometry object of a prepared geometry to be garbage + collected, which could lead to crash Django (#21662). + + Fixed a crash when executing the changepassword command when the user + object representation contained non-ASCII characters (#21627). + + The collectstatic command will raise an error rather than default to + using the current working directory if STATIC_ROOT is not set. Combined + with the --clear option, the previous behavior could wipe anything + below the current working directory (#21581). + + Fixed mail encoding on Python 3.3.3+ (#21093). + + Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False, + the connection wasn’t in autocommit mode but Django pretended it was. + + Fixed a regression in multiple-table inheritance exclude() queries (#21787). + + Added missing items to django.utils.timezone.__all__ (#21880). + + Fixed a field misalignment issue with select_related() and model inheritance (#21413). + + Fixed join promotion for negated AND conditions (#21748). + + Oracle database introspection now works with boolean and float fields (#19884). + + Fixed an issue where lazy objects weren’t actually marked as safe when + passed through mark_safe() and could end up being double-escaped (#21882). + +------------------------------------------------------------------- +Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz + +- Update to version 1.6.1: + - Most bug fixes are minor; you can find a complete list in the Django 1.6.1 + release notes. + +------------------------------------------------------------------- +Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com + +- Update-alternatives also for bash-completion + +------------------------------------------------------------------- +Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com + +- Only ghost /etc/alternatives on 12.3 or newer + +------------------------------------------------------------------- +Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com + +- Require python-Pillow for image-related functionality +- Package was renamed from python-django +- Drop Django-1.2-completion-only-for-bash.patch: Useless + +------------------------------------------------------------------- +Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br + +- Update to version 1.6: + - Please read the release notes + https://docs.djangoproject.com/en/1.6/releases/1.6 +- Removed Patch2 as it is no needed anymore: + Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch + +------------------------------------------------------------------- +Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com + +- Update to version 1.5.4: + + Fixed denial-of-service via large passwords +- Changes from version 1.5.3: + + Fixed directory traversal with ssi template tag + +------------------------------------------------------------------- +Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.2: + - Security release, please check release notes for details: + https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued + +------------------------------------------------------------------- +Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5.1: + - Memory leak fix, please read release announcement at + https://www.djangoproject.com/weblog/2013/mar/28/django-151. + +------------------------------------------------------------------- +Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br + +- Update to 1.5: + - Please read the release notes + https://docs.djangoproject.com/en/1.5/releases/1.5 + +------------------------------------------------------------------- +Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.3: + - Security release: + - Host header poisoning + - Redirect poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/dec/10/security + +------------------------------------------------------------------- +Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- +Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4.1: + - Security release: + - Cross-site scripting in authentication views + - Denial-of-service in image validation + - Denial-of-service via get_image_dimensions() + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued + +------------------------------------------------------------------- +Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de + +- Add patch to support CSRF_COOKIE_HTTPONLY config + +------------------------------------------------------------------- +Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br + +- Update to 1.4: + - Please read the release notes + https://docs.djangoproject.com/en/dev/releases/1.4 +- Removed Patch2, it was merged on upstream, + +------------------------------------------------------------------- +Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de + +- Set license to SDPX style (BSD-3-Clause) +- Package AUTHORS, LICENE and README files +- No CFLAGS for noarch package +- Drop runtime dependency on gettext-tools + +------------------------------------------------------------------- +Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3.1 to fix security issues, please read + https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued. + +------------------------------------------------------------------- +Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br + +- Fix build on SLES_9. + +------------------------------------------------------------------- +Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3 final; +- Refresh patch empty-ip-2.diff. + +------------------------------------------------------------------- +Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.3-rc1; +- Regenerated spec file with py2pack; +- No more need to fix wrong line endings; +- Refresh patch empty-ip-2.diff with -p0. + +------------------------------------------------------------------- +Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de + +- Spec file cleanup: + * Removed empty lines, package authors from description + * Cleanup duplicates + * Corrected wrong file endings + * Added zero-length rpmlint filter +- Added AUTHORS, LICENSE and doc files + +------------------------------------------------------------------- +Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br + +- Update to 1.2.5: + - This is a security update that fix: + - Flaw in CSRF handling; + - Potential XSS in file field rendering. + +------------------------------------------------------------------- +Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.4: + - Information leakage in Django administrative interface; + - Denial-of-service attack in password-reset mechanism. +- This is a mandatory security update. + +------------------------------------------------------------------- +Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.3: + - The patch applied for the security issue covered in Django + 1.2.2 caused issues with non-ASCII responses using CSRF + tokens. This has been remedied; + - The patch also caused issues with some forms, most notably + the user-editing forms in the Django administrative interface. + This has been remedied. + - The packaging manifest did not contain the full list of + required files. This has been remedied. + +------------------------------------------------------------------- +Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.2. +- This is a ciritical security update fixing a default XSS bug! + +------------------------------------------------------------------- +Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca + +- Added patch to fix upstream bug 5622: Empty ipaddress raises an error + +------------------------------------------------------------------- +Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2.1. + +------------------------------------------------------------------- +Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2. + +------------------------------------------------------------------- +Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-rc-1. + +------------------------------------------------------------------- +Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br + +- Spec file cleaned with spec-cleaner; +- Minor manual adjusts on spec file. + +------------------------------------------------------------------- +Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br + +- Moved autocomplete file path from /etc/profile.d to + /etc/bash_completion.d. Then it works with konsole too. + +------------------------------------------------------------------- +Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br + +- Update to 1.2-beta-1; +- Using -q option on prep section of spec file; +- Using INSTALLED_FILES instead of declaring files; +- Removed dummy changelog section of spec file; +- Update completion bash patch. + +------------------------------------------------------------------- +Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org + +- Update to 1.1.1 due to security issue described at + http://www.djangoproject.com/weblog/2009/oct/09/security/ + +------------------------------------------------------------------- +Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br + +- Removed old tarball file (Django-1.1.tar.bz2). + +------------------------------------------------------------------- +Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de + +- Fix python version check. + +------------------------------------------------------------------- +Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de + +- Don't require python-sqlite2 for python >= 2.6. + +------------------------------------------------------------------- +Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de + +- Build as noarch on factory. + +------------------------------------------------------------------- +Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de + +- don't run bash completion on shells other than bash. Avoiding + error messages produced at login when using other shells. + +------------------------------------------------------------------- +Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br + +- Added bash auto-complete to openSUSE. + +------------------------------------------------------------------- +Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net + +- update to version 1.1 +- add python-django-rpmlintrc to quiet rpmlint complaints about -lang + +------------------------------------------------------------------- +Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de + +- add python-xml to the Requires (./manage.py syncdb crashes + otherwise) + +------------------------------------------------------------------- +Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 1.0 +- Fix build on SLES9 + +------------------------------------------------------------------- +Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de + +- update to version 1.0 final + +------------------------------------------------------------------- +Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net + +- update to version 0.96.2 + +------------------------------------------------------------------- +Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca + +- The way simplejson is included in this package is not useful to other + packages. Removed from provides + +------------------------------------------------------------------- +Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de + +- verion 0.96.1 fixes D.o.S attack in the i18n module + +------------------------------------------------------------------- +Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de + +- update to version 0.96 + see http://www.djangoproject.com/documentation/release_notes_0.96 for details +- this package provides python-simplejson too. diff --git a/python-Django.keyring b/python-Django.keyring new file mode 100644 index 0000000..020ef23 --- /dev/null +++ b/python-Django.keyring @@ -0,0 +1,184 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBErcoVkRBACt1HBsLQQ9HeRHrqMbYfWEW3d0KoWzjKU9ZW59oq8ceVCYfhyT +ZKxyLobyed+NhL3SJCE5e4hs5UfyBdS4c8I97MFDKCA5TBu3pMnYGxWje3fSwP6o +RGcP8Ji4/tISclyGrkMruDNzpT93R8H/SixPGFcH7kCp4xQxPBc0esdU4wCg1azF +kUuFijNryusT+i58hVE3dMkD/iAfCh4bcLyZ8aygLZxg3bn3YauJASEjuqVXUgTB +diBdhXnldq0xs2IwQJY1paAajXf5FsjlTVQrQWMtTQ5qWKpQr0lAanufnEDNu6GW +orWBzLaSWQWEkcRALmZS6MBkmVCx/JiIvt0sUxrG4boQ6qYlQYZsaHaAMUZT997v +1ktqA/4kPUfV2gqJuVzWwbhrKhAyhSivmhhe+1lUFa7phRmoMNw7/jXi9OV1lmL2 +ty+0LkeCXUChrXarey4AnPI58aR0xshiAxGEI2jPi+vWkgGblOG3TBoZBH5jV+d2 +/5mmlCs/KkJkdsN+LXR3m5o/oFs7MgGD8pxa1jwK9xcu1xKIqrQyTmF0YWxpYSBC +aWRhcnQgKG5lc3NpdGEpIDxuYXRhbGlhYmlkYXJ0QGdtYWlsLmNvbT6IYgQTEQIA +IgUCTG1snwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQrlwdYDo57Zf7 +lQCeIHmWQQek0zboTqMuy60phrUIzowAn0ONlnzzL0oWiNUpbY8nDsernILWiGAE +ExECACAFAkrcoVkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCuXB1gOjnt +l5FdAKCSLwUJNZXs3WXqKabi2adRcdqZ8gCeLgbbqJ2Dqqaeb3tXK6zWC7ZO9CK0 +NE5hdGFsaWEgQmlkYXJ0IChuZXNzaXRhKSA8bmF0YWxpYS5iaWRhcnRAdWJ1bnR1 +LmNvbT6IZQQTEQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk8oONcC +GQEACgkQrlwdYDo57ZejrgCdFyBg4VipDYmoQ5eOpXe4Vegiwl4AoK00YytEeMvO +EFqZY+qVvqaV3It6iGIEExECACIFAkvrLFwCGwMGCwkIBwMCBhUIAgkKCwQWAgMB +Ah4BAheAAAoJEK5cHWA6Oe2XD+QAoK02osWaLzROXg54drLpJMNLs/DGAJ9XlSak +dQv6uX5QFT1QZCp/WwozIrQzTmF0YWxpYSBCaWRhcnQgKG5lc3NpdGEpIDxuYXRh +bGlhLmJpZGFydEBnbWFpbC5jb20+iGIEExECACIFAkvrLBMCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJEK5cHWA6Oe2XrQoAoIpzDPsuwhwuVcelVh3F8q3w +qhk2AKCj6rF6x+kzUwtT6lM8wkUj4x+CgLQ3TmF0YWxpYSBCaWRhcnQgKG5lc3Np +dGEpIDxuYXRhbGlhLmJpZGFydEBjYW5vbmljYWwuY29tPohgBBMRAgAgBQJK3gu6 +AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQrlwdYDo57ZfaNgCfXhjx28H4 +WQ8CjWsdyJU2Kmh44qoAn0zp3TeEFuSPCEBZ0jAR4dwuSrpguQINBErcoVkQCACX +mxZ+acE5irfOe09OclJ+vKxqrnaEpveyLJZzKiWz5GlZLV3gPEMs3Pu0tGtTjadG +CRck2xIYArDz1aPwvM4dHswIy3TyzoSTgW1ybz5TXzkxWDcdwukYm1gKlWMb8JQW +v76KtoiNuY/EIUAaO9M7ZyUPSWunh5CK+ttYKs+KrD8wt8Te7PdsrstUMP2uplOt +I0zKK8P+gcCNZQTZh71Z8WAhZF/tn9LpkE9p0Au3pVEVk7Z8492TO4DySFhBNVEM +IY9KVNiZoEMAaiRUFgG3gPj3MD4wDyaiWp+5b8XQylXcfWsPx3nujLJNUiaJlV4u +Wjv0ZgwMHHLgORAlOJ2rAAMFB/94QWkhOmIzzx0iCob4fILZ2lqTt1fAAbaQxyq/ +LIaI6iSHqebEVVR9OUVTzqNtc0yDifxsbDZXEHmU2qx+aARoYmonxNmNoUS/U6Io +2iPgP1Jwt13dbd284xlgDTx8QO/TjX9lFyvt7AEHIrcHaomwVS0Il7wIfzG24kqX +j17VhD2j/2V6uA7ADAh8u0WFO93i30qNSCaCRphCU4K7gLdHLIp8TsGLdx/gf2mB +5SyhNOkHwEx80kSiFt+H5fER7XQep/w51XybqAt7SsWaIjYLsyMYXyiVdQChwzBd +vusRKv9qjg9eiyHI6aOw6foOUFlpfMx1oeknFDJrjJ3PKUPyiEkEGBECAAkFAkrc +oVkCGwwACgkQrlwdYDo57ZffZACfS9pUk1P5poP86jh8K2K6jpjU0y0AoNQ4ejtn +mpJC4x7FruZyi1wVdkMxmQINBGQu6XIBEADAnmu8HNENZh7UTuu5GfTeFhpmyj5K +yz//txfrm0/b6uTW5TXPgLjuvMzGG8PtaZHRIgZ0gzA+x7T5zKMTaoKs3EvgR5D3 +Y9NjteUWpf8FjvPhN01HZfaZ7yChwHwKobW0JYinNpBh0Cz51unGdLIDtELMaEFO +D8qdcpe63qG111S4G+4hcJUkXt4ALBpSnY9GOhlYQDn+ZDRGk1M9rjeMo+QsIJns +UZRlvBroJyg0toUXclw5QXFGp1+mrjOzKqdD0DmSN7LWlU0yCJB8H5bWZTiPAPOE +SW1Kb3kEW+Qy8YkcH7SkQ7N72wsuIwKJNiddMLZnXeR0Lcvt0t7ftUfs44VEZSwm +V0I7lyZZWr+Pei8nGaLxxCI4OtASXcQ+VVKF/HoR/necD1QmqmuCeiMLmYT5jEPZ +oovOri5onkWIQfjfWeUVErxNi9Uz18mi9P7PfAWOzNCmdkuVqsPtpymyDcKYYh9u +D/CTH9w1B69CRjld6NOfal05fIrfKuVgPvmQnPeCn+KgTBwv8T+mgGVjkBlDGpYy +6Y24s13R6WoawJnjIEjA/Q5QOSDXYtpgF8D3cMW+LUlD9lu2A6OO64H33rInIaut +8IFgKcTf3pXbzh1J6Zs+fcjOryitM7t4Fo1ClJ+DSn4yoUHxP2UEZL6LL0DF6LrE +kJjKxwRp20lPwwARAQABtDFOYXRhbGlhIDwxMjQzMDQrbmVzc2l0YUB1c2Vycy5u +b3JlcGx5LmdpdGh1Yi5jb20+iQJOBBMBCAA4FiEEW1sboQ2FrHxcduOPLugqjZRw +mD4FAmQu6XICGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQLugqjZRwmD56 +rQ//UvzX9/4Eo3HPBMDEIwExjmYGyTqiQQm2KW9Z4U0zQVdeLVF8ZOdaIKn1RBUw +M02RJWI2HjovdLN3LbXpTtQtamSvvU6fv7vy5zLBJdVL9eKXXG+3MPCWDHOqwp/u +L/4lq0pUy5ejb4AnIQw1RIQiz6/pprDzgF0celWLhL3krxEqts76X1Jv9wCIYMXV +3reCBqpcfIqWQETLP/NdPVcOIRv0al1qcBw2hUOvEyx72n+17Hb30rFQp+35BaZZ +IjnL3H6pATgjk52EiDdRkyWL9CFrbJ/wkbAvEO29GcUPg1+bT6UZq8LKXyDs/WSL +UkxQ/6w8DzicBiFj/oT7GSMr8KfO4YUMzh/kAFA4v8Q+a53Dq1Icbk9LqkWpu1pA +Hopw3lpGdADuC0z/iYO/U04uUSN5YGyUUOgk5w+CkV8NuL/g2yniNf9AXrbt4ByI +V7cqBt9qdS6z6leuW1M8yrPhX1IcKKqj25sPKAgzp3A6Bt7orr1NZGOVJ4alR4ff +pYvq+wfmIPKf0AbzHGOkYjF4BMvkLRchhi28q+qX5cCuMr+aoqKUtJ2IFiXsvbFN +k0aYWUr5y5qSJoAVf0GMkByQW6+F6bXRRdCpS/JX5JA8qrYp+oV8VhveOOslHVqj +ILAlkMMXoTx6G79DdvQ87fdb4+aIQ96U4T8B6zMxazvmU1i5Ag0EZC7pcgEQAL9n +X/eaWY+v4GgeGjRIWmmrjMBYyeeyJIyL9Mk3iyH/gIOnTDmlX+njjyvyWKfMYIl1 +HmMtzlF3OgsuLeekwbDrXA8xvslp1xmiKLOamPvXwPG/XqkJrYtzVUDEFCtRpEJ0 +c38d+P8WEMjbviyIwJ9PxLllamEK61dRtj1NCMc/Ix4+b54UHxi44Jz1bqQxfgjj +u2o8sPnyZio+DRFWVE3Eocp0rdZ3rlKjUsBXKEElTuIScoKjGwKwaMfxoBgwRhzx +oESwk8CqlH7WzNookx1M1/JjKYdrwln2aNuChtlKLRmUqT7qqTNtett2vy73VM3b +zfXdor94S3q+YtMEvNbo9QCzn6La7HOx+PMm8XM2d9aC7Hz4FBK0xIQB+HLZEIhP +7KQ7GJ2Xn3LStyoO5K64uqi2X2YjsYUcPzvI3uUK+gtH3H1SSIazh7UAUbcEuo7N +K8vF9Vtqp6S2qkjoeV6Dnvy+6735b1WIBZieAmbKaz74IW1IP0lZn3pXeRFo2Wjq +Ojf8zkNacf61exysAkGU2fubsXSZxuxc8DVXKbkpK69tXDSOUmSKTBPVzzmIM79S +yYH1MMRZqQ52Y471qiEZxEPasJXIEVcWbdJxEC/eEiuptPAtojRQH6kJ/AF3Z9Xd +eBaxyuMQ249jqTYwjCehfumTbhP5VhO3QOxs31G/ABEBAAGJAjYEGAEIACAWIQRb +WxuhDYWsfFx2448u6CqNlHCYPgUCZC7pcgIbDAAKCRAu6CqNlHCYPhz3EACx3Hqf +KUMeqUTVOiDyHguBr1FrhMtU5m/nkjdbLWlBHOGHkM4RNDNQTPyQb/C8vcuHYv5l +DPFrzOawdjTyFCuo6f0TMIx38Bbjxo9C8XTnvKbUpyTEQ3dJm67ppF4n6cui+0IC +UefzPkkCbdIPzt2pYopMDB4Hv4Yv6hqeq987Iz1erh7dQe1TDTxIv9PXLYZT60Ro +K0+g+caU9LwVjYiLoeCM1Zhndy6fDV5mu3ctEzcqr/YVH9kDZAuF0O1SX9y42neJ +7hictnE0KrRymVL5d9pp2WKtPny+itSax/a///Q43m1gA9KFuKHtOuGUpYzf76FS +Ld0cC4xjDpPcVTGc8To4+CjNTIrjzbBYa3JU/3J2kwyEw/k1EucRb/RFPbklUSph +Kmd2ewcDLUvcasTwoR/0uplA8gAuV1x7wPBgAW7kmpjiQevl1KLj08HA/jTdfrdx +Yd1GGiNjBmHGu9C8YZ/7fJU50dhv4jWF4dw8OyXtAI4wk5aoJHsJ5iGIMVOVzNLe +mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe +SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv +eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA== +=ul9f +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k +cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW +qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR +vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa +bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz +mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB +a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3 +okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl +EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93 +KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+ +iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG +FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm +j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu +NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev +BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK +waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1 +CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC +1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5 +AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi +IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H +MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW +4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C +aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS +h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i +SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU +PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu +tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb +pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA +AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV +sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7 +G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk +334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf +07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj ++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK +qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL +5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8 +BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF +z+gZLcBuv/NdNg== +=B8gH +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGV2bPUBEADQ/fSfsrdv/aGrUmyQ1ZmZNSDqlH8GXQH+LQiqOc5QjSgq09kv +YC5H3+yRmj4ENYJrD48Mce54k99U6LXhIopmPnCwnQjhpkXFqaZt8KtlhL/5VhIc +BFSodLkEFENWzpuxOkshOJYU8RxLO6MPQGKkokEGhxUHnNW5kwmGa93Iscu04SZR +L2pAHfYsnxB2Z5HAl4Os6iy7CKP8T5UQhGxwxojvjPyRJTb3IUDifjafPl4kbQyN +GdpgVnjHQtOzoVcXCsU4ig105IzydIf5BTYng3+idmlhQ1u8JzGETdlBvCtxg1K2 +FmGD6IFzyvksdf44DNmxXmGnpMJK3y0+dpFzo33YBE3kFnYm57bwY55tdKmGnDyK +rR/1mARVOLQQYrDT6hgggNwRfqpTk28nU463LnXrLS89zaOxGQhfLm7w9kZ69WDd +UpI4RdZjA/klQJhPmLS7b8YmmZstvoZitsMgpPiexO+x7igMvWvuNyE8QL2EZ54K +6ojVObAdIbQe4LbiYCSut81F6e6tRsX3Jb46y5iUCZEkHvGsrZW6V1l/AIuYBecO +Xr5mmk5W4TpUlXTnyDFJr/FFtWfR1j2Z3ti+pZqAO4GUEUAjox+Dz/shKpmen7Qm +aj/Y/nuvD70B3c5XTWn62zTXVPYVX76sDnIuVsh/kORSP32OqMkesFKT9QARAQAB +tCdKYWNvYiBXYWxscyA8amFjb2J0eWxlcndhbGxzQGdtYWlsLmNvbT6JAlQEEwEI +AD4WIQRT1GlC4Aaio+7ci8gTFAP00W2NxwUCZXZs9QIbAwUJB4Ye+wULCQgHAgYV +CgkICwIEFgIDAQIeAQIXgAAKCRATFAP00W2NxwWVD/9ZTx8q3qsAXfOaWUNugaDM +oyUMa4bURfk82AXLVDju9fQQv/5wDlvQ+ejMDHE0pnvmQSa8bTol8y2IXO9Kl3ak +0NU3oOh3iJKk3q+FtxibGmIM5i095h2T97IBKJrZf6I1O0a9ZfMMDXbVpTeGIRDf +b55G6GG1jhdJa3SgtudUcGizlM0i7UrntUktmbnvWyYzbjWIKdYRq2W7vlEgKvNs +NZFVeO1KqLR92xUAIL+V7HtQ3TetyanYRH91Q8fZR9p+ScEOKJyfrpRa/IfrJKlg +k6MOqGeVaOd4nOX042S1+u0TU7HrVVVhL+Vru4utSYg9ZucM06wZOgR0A6Vay7Ap +Y43nGxRhc//auOJSh4nIQmtyup5+YiyKhynEnSF3pGuKXy64wVOO9XdW69bmyRxz +gAz4W5yTjmNBkQUYAGteJXo4fhDxWYzmeAIE7l5StTbgSZNLbndwmiWEyy8WzJtp +5xzluh+//39D+TUStZKG1MerhqnmJj3CBSTeeiKpW9QOtC4y2vuWzNp3XHS9FjeW +GOz5seJ5VDokkzP05XOfJ9SyblFAOW/Zteh2wdOb+S+/pUz+OukwPZthMwRsl0Dc +U+fx2mK+9I9TBJWgUHO1aXm6FlcyDnSlzc5oM4wXKF4sqByjjuCtYzK8UtEwlKNm +Pyboq4Y5RhYrW63LDl+SerkCDQRldmz1ARAAvkmAuvLXwZ86mubWYQFsmy3UKxdF +cewS8XikjsEZPvf0kYgi9wlMTRDvWlEmNGp9r4NWH36zm6uBjK9hxn+rNsiqkYez +MPTgwvxruSJWJPaFqK096Y8AMuk9SobMsydtlxuChQ3RwYo+j/v1csAdD88igzjW +3HKCzJ0e76ILdfbqlh8tJ+nbXvFgVVV2+vV996PTp4dQedc4/VzFGv00Mejkmhd3 +nUBqdmG9mgqR4LK5xWCHXSVqgdVeH0urOiEN57aOie/30q6IegkfrKCSq1zGJE5o +WApzrOqo0UEDDND6PXDuLvzVuot3M/YvKjUXx8FatJC5BLSH0I9AKBWqPGvjk07V +IoI0CexyKoJKIkGl/ZUyRsorqmqg1671HUYNAFEbIwxeJUQkjTwqUxGXSjei7t8a +wzuZsA81lhXpwt6DfuQQ9XkDrc4dfyEuvkV9PforZxz8dVlDiORw3hPYqBjbU0hy +6D4Ytq3f88azYvZF8GE4uSYzvN6XeRhLr1hnfAFfGQFdNwg4qufjo8QYoQsYe6RZ +uenL1z5vkGRUz03l11GiaOqEJDJTy3dGACeQqAjjno8UL9Nb7PUWfnZL41zOGL8s +DHee7hX2+hsRPMoiqCzJrCjU52G5qGEB8d44VjNM8y435jyfBAh8ugv4rsSonzy+ +ASe0msXK6bLxAy0AEQEAAYkCPAQYAQgAJhYhBFPUaULgBqKj7tyLyBMUA/TRbY3H +BQJldmz1AhsMBQkHhh77AAoJEBMUA/TRbY3HlA0QAI4DQ3MNfkpIZw/aKEetCaVB +LIVEfugoDcUQxiwc00G1aEuxpBdnfT5wFzUodUFJuIntGcYUMJwvAC3RB4ZANuoP +F2j/2JIp42GYhBjNSyy0ix/E2C/95HZDzsvDB4EZ0VMvec+MgAweTZhxZfdCsmId +lMWFfn3UM5FhtsOqLmw11T/6PdDgcyomrsp4ghHph9dJvMGiqXjysTSg3OMxzQeU +lzjX+6C4dY6AcpqAkeG+zRUYSQKsHQwSOxK7zon/hAA2+Gbvu+pzr0jHnatX8Fkd +eOBc6xZpnoQcubj/PXEBhXV4868jW/RNRG5ZXoQpnf63R0616JePkUKnXxs61JD9 +oBuERUPn+HK346QNgNDRhzAufPYsXlPOPtU6poZqinMhsbcpW5Konjp2yLVwosXn +UPGLzZZHy9csF3VcWV96bM8WUEkFNfflisi1nE7yqC/CKgUjK0HUFDhyNHuCICTC +e9tvw2epbaLkid0NxV+a0RWWiUq2kMeTBUezVC27P+LAZ8aTZxHPyERtJlBgTCfm +1hWJ3CcIc4LT54AS3allzTv0f6iHX9WpJhfr3WPIY1Xt/d466l3VSofktwmpTEr2 +DAECOit/CE1rFy1C+MHinAUX6C7ajg6msIE6uZHFrbHlSU8/WrbvZ1e4Nc7w7e/N +R182g26K1DaCZphtoq8Z +=0YqB +-----END PGP PUBLIC KEY BLOCK----- diff --git a/python-Django.spec b/python-Django.spec new file mode 100644 index 0000000..0101152 --- /dev/null +++ b/python-Django.spec @@ -0,0 +1,164 @@ +# +# spec file for package python-Django +# +# Copyright (c) 2025 SUSE LLC and contributors +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# Selenium and memcached are not operational +%bcond_with selenium +%bcond_with memcached +%{?sle15_python_module_pythons} +%if 0%{?suse_version} > 1500 +%bcond_without libalternatives +%else +%bcond_with libalternatives +%endif +Name: python-Django +Version: 5.2.8 +Release: 0 +Summary: A high-level Python Web framework +License: BSD-3-Clause +URL: https://www.djangoproject.com +Source: https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz +Source1: https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt +Source2: %{name}.keyring +Source99: python-Django-rpmlintrc +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior. +# fixed and refined upstream, but some of our interpreters weren't updated to a new version yet and still only carry the patch, so providing the non-conditional version +Patch0: test_strip_tags.patch +# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25. +Patch1: support-msgfmt-0.25.patch +BuildRequires: %{python_module Jinja2 >= 2.9.2} +BuildRequires: %{python_module Pillow >= 6.2.0} +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module argon2-cffi >= 19.1.0} +BuildRequires: %{python_module asgiref >= 3.7.0} +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module bcrypt} +BuildRequires: %{python_module docutils} +BuildRequires: %{python_module geoip2} +BuildRequires: %{python_module numpy} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytz} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module sqlparse >= 0.3.1} +BuildRequires: %{python_module tblib >= 1.5.0} +BuildRequires: %{python_module wheel} +BuildRequires: %{pythons} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: python +Requires: python-asgiref >= 3.7.0 +Requires: python-sqlparse >= 0.3.1 +Requires: python-tzdata +Recommends: python-Jinja2 >= 2.9.2 +Recommends: python-Pillow >= 6.2.0 +Recommends: python-PyYAML +Recommends: python-argon2-cffi >= 19.1.0 +Recommends: python-bcrypt +Recommends: python-geoip2 +Recommends: python-pylibmc +Recommends: python-pymemcache +Provides: python-django = %{version} +Obsoletes: python-django < %{version} +Provides: python-South = %{version} +Obsoletes: python-South < %{version} +BuildArch: noarch +%if %{with libalternatives} +BuildRequires: alts +Requires: alts +%else +Requires(post): update-alternatives +Requires(postun): update-alternatives +%endif +%if %{with memcached} +BuildRequires: %{python_module pylibmc} +BuildRequires: %{python_module pymemcache} +%endif +%if %{with selenium} +# python-selenium is supported only on the Intel architecture. +# Additionally chromedriver is only available on x86_64. +%ifarch %{ix86} x86_64 +BuildRequires: %{python_module selenium} +BuildRequires: chromedriver +BuildRequires: xvfb-run +%endif +%endif +%python_subpackages + +%description +Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. + +%prep +# The publisher doesn't sign the source tarball, but a signatures file +# containing multiple hashes. +gpg --import %{SOURCE2} +gpg --verify %{SOURCE1} +# +# Verify hashes in that file against source tarball. +echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-32` %{SOURCE0}" | md5sum -c +echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-40` %{SOURCE0}" | sha1sum -c +echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut -c1-64` %{SOURCE0}" | sha256sum -c + +%autosetup -p1 -n django-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install + +%python_clone -a %{buildroot}%{_bindir}/django-admin + +%{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%%{_datadir}/bash-completion/completions/django_bash_completion-%{$python_bin_suffix}.sh +# Fix wrong-script-interpreter +sed -i "s|^#!%{_bindir}/env python$|#!%{_bindir}/$python|" \ + %{buildroot}%{$python_sitelib}/django/conf/project_template/manage.py-tpl +} +%python_compileall +%{python_expand # +%fdupes %{buildroot}%{$python_sitelib}/django/ +%fdupes %{buildroot}%{$python_sitelib}/Django-%{version}-py*.egg-info/ +} + +%check +export LANG=en_US.UTF8 +export PYTHONDONTWRITEBYTECODE=1 +%if %{with selenium} +export PATH=%{_libdir}/chromium:$PATH +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} xvfb-run $python tests/runtests.py -v 2 --selenium=chrome +%else +%python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2 +%endif + +%pre +%python_libalternatives_reset_alternative django-admin + +%post +%{python_install_alternative django-admin} + +%postun +%{python_uninstall_alternative django-admin} + +%files %{python_files} +%doc AUTHORS README.rst +%license LICENSE +%python_alternative %{_bindir}/django-admin +%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh +%{python_sitelib}/django +%{python_sitelib}/[Dd]jango-%{version}*-info + +%changelog diff --git a/support-msgfmt-0.25.patch b/support-msgfmt-0.25.patch new file mode 100644 index 0000000..535692a --- /dev/null +++ b/support-msgfmt-0.25.patch @@ -0,0 +1,69 @@ +From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001 +From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com> +Date: Fri, 6 Jun 2025 04:58:29 +0800 +Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii + compatible with msgfmt 0.25. + +--- + tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py +index 4b0bb9f6bb1..3a57dbf0765 100644 +--- a/tests/i18n/test_compilation.py ++++ b/tests/i18n/test_compilation.py +@@ -1,5 +1,6 @@ + import gettext as gettext_module + import os ++import re + import stat + import unittest + from io import StringIO +@@ -8,10 +9,12 @@ + from unittest import mock + + from django.core.management import CommandError, call_command, execute_from_command_line +-from django.core.management.utils import find_command ++from django.core.management.utils import find_command, popen_wrapper + from django.test import SimpleTestCase, override_settings + from django.test.utils import captured_stderr, captured_stdout + from django.utils import translation ++from django.utils.encoding import DEFAULT_LOCALE_ENCODING ++from django.utils.functional import cached_property + from django.utils.translation import gettext + + from .utils import RunInTmpDirMixin, copytree +@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self): + + + class CompilationErrorHandling(MessageCompilationTests): ++ @cached_property ++ def msgfmt_version(self): ++ # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt ++ # version should align to gettext. ++ out, err, status = popen_wrapper( ++ ["msgfmt", "--version"], ++ stdout_encoding=DEFAULT_LOCALE_ENCODING, ++ ) ++ m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out) ++ return tuple(int(d) for d in m.groups() if d is not None) ++ + def test_error_reported_by_msgfmt(self): + # po file contains wrong po formatting. + with self.assertRaises(CommandError): +@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self): + call_command( + "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr + ) +- self.assertIn("' cannot start a field name", stderr.getvalue()) ++ if self.msgfmt_version < (0, 25): ++ error_msg = "' cannot start a field name" ++ else: ++ error_msg = ( ++ "a field name starts with a character that is not alphanumerical " ++ "or underscore" ++ ) ++ self.assertIn(error_msg, stderr.getvalue()) + + + class ProjectAndAppTests(MessageCompilationTests): diff --git a/test_strip_tags.patch b/test_strip_tags.patch new file mode 100644 index 0000000..f06403f --- /dev/null +++ b/test_strip_tags.patch @@ -0,0 +1,49 @@ +From 578ef30376fd279865d1719fcad064a00c625a6b Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Mon, 14 Jul 2025 14:45:03 -0300 +Subject: [PATCH] Fixed #36499 -- Adjusted + utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's + HTMLParser new behavior. + +--- + tests/test_utils/tests.py | 4 ++-- + tests/utils_tests/test_html.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +Index: django-5.2.6/tests/test_utils/tests.py +=================================================================== +--- django-5.2.6.orig/tests/test_utils/tests.py ++++ django-5.2.6/tests/test_utils/tests.py +@@ -945,10 +945,10 @@ class HTMLEqualTests(SimpleTestCase): + self.assertHTMLEqual("", "

              ") + error_msg = ( + "First argument is not valid HTML:\n" +- "('Unexpected end tag `div` (Line 1, Column 6)', (1, 6))" ++ "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))" + ) + with self.assertRaisesMessage(AssertionError, error_msg): +- self.assertHTMLEqual("< div>", "

              ") ++ self.assertHTMLEqual("", "
              ") + with self.assertRaises(HTMLParseError): + parse_html("

              ") + +Index: django-5.2.6/tests/utils_tests/test_html.py +=================================================================== +--- django-5.2.6.orig/tests/utils_tests/test_html.py ++++ django-5.2.6/tests/utils_tests/test_html.py +@@ -162,13 +162,13 @@ class TestUtilsHtml(SimpleTestCase): + ("&h", "alert()h"), + ( + ">" if htmlparser_fixed else ">", + ), + ("X<<<
              br>br>br>X", "XX"), + ("<" * 50 + "a>" * 50, ""), + ( + ">" + "" if htmlparser_fixed else ">" + "", + ), + ("