mcalabkova/python-Django
SHA256
1
0
Fork 0
forked from pool/python-Django
Code Pull Requests Activity

- update to 2.1.5 (CVE-2019-3498, bsc#1120932):

Browse Source 
* CVE-2019-3498: Content spoofing possibility in the default 404 page
  *  Fixed compatibility with mysqlclient 1.3.14 (#30013).
  *  Fixed a schema corruption issue on SQLite 3.26+. You might have to drop
    and rebuild your SQLite database if you applied a migration while using
    an older version of Django with SQLite 3.26 or later (#29182).
  * Prevented SQLite schema alterations while foreign key checks are enabled
    to avoid the possibility of schema corruption (#30023).
  * Fixed a regression in Django 2.1.4 (which enabled keep-alive connections)
    where request body data isn’t properly consumed for such
    connections (#30015).
  * Fixed a regression in Django 2.1.4 where
    InlineModelAdmin.has_change_permission() is incorrectly called with
    a non-None obj argument during an object add (#30050).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=18
This commit is contained in:
Thomas Bechtold
2019-01-10 12:17:53 +00:00
committed by Git OBS Bridge
parent e0ffb7bfb9
commit 64adc52e6e
6 changed files with 85 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
python-Django.changes
View File

@@ -1,3 +1,21 @@
-------------------------------------------------------------------
Thu Jan 10 12:09:43 UTC 2019 - Thomas Bechtold <tbechtold@suse.com>
- update to 2.1.5 (CVE-2019-3498, bsc#1120932):
* CVE-2019-3498: Content spoofing possibility in the default 404 page
* Fixed compatibility with mysqlclient 1.3.14 (#30013).
* Fixed a schema corruption issue on SQLite 3.26+. You might have to drop
and rebuild your SQLite database if you applied a migration while using
an older version of Django with SQLite 3.26 or later (#29182).
* Prevented SQLite schema alterations while foreign key checks are enabled
to avoid the possibility of schema corruption (#30023).
* Fixed a regression in Django 2.1.4 (which enabled keep-alive connections)
where request body data isnt properly consumed for such
connections (#30015).
* Fixed a regression in Django 2.1.4 where
InlineModelAdmin.has_change_permission() is incorrectly called with
a non-None obj argument during an object add (#30050).
-------------------------------------------------------------------
Mon Dec 10 11:52:42 UTC 2018 - Ondřej Súkup <mimi.vx@gmail.com>