Accepting request 281083 from devel:languages:python

1

OBS-URL: https://build.opensuse.org/request/show/281083
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=11

python-Django.changes

@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz
+
+- Update to Django 1.7.3:
+  Security fixes:
+  * WSGI header spoofing via underscore/dash conflation.
+  * Mitigated possible XSS attack via user-supplied redirect URLs.
+  * Denial-of-service attack against django.views.static.serve.
+  * Database denial-of-service with ModelMultipleChoiceField.
+  Bug fixes:
+  * The default iteration count for the PBKDF2 password hasher has been
+    increased by 25%. This part of the normal major release process was
+    inadvertently omitted in 1.7. This backwards compatible change will not
+    affect users who have subclassed
+    django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default
+    value.
+  * Fixed a crash in the CSRF middleware when handling non-ASCII referer 
+    header (#23815).
+  * Fixed a crash in the django.contrib.auth.redirect_to_login view when 
+    passing a reverse_lazy() result on Python 3 (#24097).
+  * Added correct formats for Greek (el) (#23967).
+  * Fixed a migration crash when unapplying a migration where multiple 
+    operations interact with the same model (#24110).
+
 -------------------------------------------------------------------
 Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com