Accepting request 1229315 from devel:languages:python:django

OBS-URL: https://build.opensuse.org/request/show/1229315
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=124

Django-5.1.2.checksum.txt

@@ -1,67 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA256
-
-This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 5.1.2, released October 8, 2024.
-
-To use this file, you will need a working install of PGP or other
-compatible public-key encryption software. You will also need to have
-the Django release manager's public key in your keyring. This key has
-the ID ``2EE82A8D9470983E`` and can be imported from the MIT
-keyserver, for example, if using the open-source GNU Privacy Guard
-implementation of PGP:
-
-    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
-
-or via the GitHub API:
-
-    curl https://github.com/nessita.gpg | gpg --import -
-
-Once the key is imported, verify this file:
-
-    gpg --verify Django-5.1.2.checksum.txt
-
-Once you have verified this file, you can use normal MD5, SHA1, or SHA256
-checksumming applications to generate the checksums of the Django
-package and compare them to the checksums listed below.
-
-Release packages
-================
-
-https://www.djangoproject.com/m/releases/5.1/Django-5.1.2.tar.gz
-https://www.djangoproject.com/m/releases/5.1/Django-5.1.2-py3-none-any.whl
-
-MD5 checksums
-=============
-
-bdd601132b94080200e71137a20d0d6a  Django-5.1.2.tar.gz
-39bf6f252e055aa54b48c9ae96a57bf8  Django-5.1.2-py3-none-any.whl
-
-SHA1 checksums
-==============
-
-d974a07780b80a79203631e6f4ce9bfd8d1fd119  Django-5.1.2.tar.gz
-0bb112f3f251c81f0d6aef367cf73c5b03de5334  Django-5.1.2-py3-none-any.whl
-
-SHA256 checksums
-================
-
-bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0  Django-5.1.2.tar.gz
-f11aa87ad8d5617171e3f77e1d5d16f004b79a2cf5d2e1d2b97a6a1f8e9ba5ed  Django-5.1.2-py3-none-any.whl
------BEGIN PGP SIGNATURE-----
-
-iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmcFRjcoHDEyNDMwNCtu
-ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPklRD/9N
-Sx+4arBpIcKm9w4ou7Y0dxBUW7HJBAc9o5rAIGjgCIjmM99nEclUznZqTbjtO3JS
-MjkZxSO/Q9r1Ty3aWAWjfvjICIxps2vcSIxJbETiYWfyGDp/z8uMTGKTut5fn7ZN
-8yCDMZBeQMsYbU0z/H5R7iSD3gr9w2UmQR3LjtV6NLdyMIvwystFGcFCo7a934nX
-b8UmIyyMj+787pxciTWeFRTOJY5pSWfYPqtrI3KzTO4MLDhQzIH9anIY8G4BA9kN
-0oL13ezUTWEARmeje11vLDui5SJEJ9EIUaic8MLMqMN3hPNmrClL1x3ggOMj+iP9
-XyAF7jGOaxhEy10LR4GlgJXifuqHgM3Q1CwT4+FH7nJ6ifHQTLOpZsIhTR1OHnsS
-s7L1yv8L4eW+D8ZjCfJvQ+46sV4vwsR9iw5IxWfhjeB2RT6ujODJ3uPjWzm3S3ZH
-mUJJ22M4qQEA1gA13VCxc1j4XC20mKvZ6yHl66QE2CiL7GhmEUp0iwaoealneUGg
-88JXXJjPmdmS+AxQE5NquDmUnxlQnB7pDrQpadsbs4JLxh7Q6vAcC0vX7VMJ8qcT
-gLxgtx2LeVieu8Lk0iTEmcBwa0u7nNTwRxXeUwQK0+mqPxPVaiTw8RZLSsfFY0ZM
-ngxOEOrna3c+KTtbef+dBexdX5ooIUL7r9cCVQr3+A==
-=YZlq
------END PGP SIGNATURE-----

Django-5.1.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bd7376f90c99f96b643722eee676498706c9fd7dc759f55ebfaf2c08ebcdf4f0
-size 10711674

Django-5.1.4.checksum.txt

@@ -0,0 +1,65 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+This file contains MD5, SHA1, and SHA256 checksums for the source-code
+tarball and wheel files of Django 5.1.4, released December 4, 2024.
+
+To use this file, you will need a working install of PGP or other
+compatible public-key encryption software. You will also need to have
+the Django release manager's public key in your keyring. This key has
+the ID ``3955B19851EA96EF`` and can be imported from the MIT
+keyserver, for example, if using the open-source GNU Privacy Guard
+implementation of PGP:
+
+    gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF
+
+or via the GitHub API:
+
+    curl https://github.com/sarahboyce.gpg | gpg --import -
+
+Once the key is imported, verify this file:
+
+    gpg --verify Django-5.1.4.checksum.txt
+
+Once you have verified this file, you can use normal MD5, SHA1, or SHA256
+checksumming applications to generate the checksums of the Django
+package and compare them to the checksums listed below.
+
+Release packages
+================
+
+https://www.djangoproject.com/m/releases/5.1/Django-5.1.4-py3-none-any.whl
+https://www.djangoproject.com/m/releases/5.1/Django-5.1.4.tar.gz
+
+MD5 checksums
+=============
+
+3ab67eb0e297ab798f572d38159a4301  Django-5.1.4-py3-none-any.whl
+03ec3e0f2d6cbcb9eb11c629ca1c538b  Django-5.1.4.tar.gz
+
+SHA1 checksums
+==============
+
+0e61a94ba38a41b967ebbaaddde2b1e0edf1c583  Django-5.1.4-py3-none-any.whl
+6e47f95d8b22cfd314c8b2676b2f854016f498b5  Django-5.1.4.tar.gz
+
+SHA256 checksums
+================
+
+236e023f021f5ce7dee5779de7b286565fdea5f4ab86bae5338e3f7b69896cf0  Django-5.1.4-py3-none-any.whl
+de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a  Django-5.1.4.tar.gz
+-----BEGIN PGP SIGNATURE-----
+
+iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmdQV2ktHDQyMjk2NTY2
+K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv
+lJAL/3EBWgN3FlChHJ4zGNbYh8ZDhOlfujm6JSSyibTV5xStVdOY4Q+/enbZ+NTh
+nHXOmbmM6own9x4+0Es/KLsw4CBB1gYCoMJ3CwOVqj845cxQY6BrWy2cFQyDcuZ5
+Ae5UBDQxPxLDWUZyLfAHeArR1+I2elFO2L778HFduzrqWm+Ht+WFRiSnEtBZbkql
+4fNSWCTxs1EIMdZNzt4m8SclrRRwJMZ87Zgn8RTmG8X5DAJMUzMnTN3+w6VohsX9
+/ThSSFQEMckGbFh+eOzj1MiIKHzgULoGLOLsOCDATvfz+4iUDM8BqS5KJpOHKbMZ
+XYWHOefWdEfB3vGKigiYAKcykbT97BX6/UitVqrB+WhQpdmJZ1u1Kzc6zYr4ZH1b
+s3v31rgK+wp9PTx3A9CKjgFpap/NYTkbksIJD/rhR/JblqCrOPV3hvd6D+GwJc+G
+DPSj1WvTvda5Vl7MqdcHuKPnp9sM1IvW/DIXalvhWN0v75yr2YkBluEhbdg6fMEu
+OxXc+Q==
+=/WMm
+-----END PGP SIGNATURE-----

Django-5.1.4.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a
+size 10716397

python-Django.changes

@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Mon Dec  9 09:13:02 UTC 2024 - Markéta Machová <mmachova@suse.com>
+
+- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907)
+  * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags()
+  * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle
+  * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError
+  * Fixed a regression in Django 5.1 where relational fields were not updated
+  * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value 
+    that contained a valid domain name, rather than only input values that were 
+    a valid domain name
+  * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2
+  * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed 
+    when rendering admin fieldsets
+
 -------------------------------------------------------------------
 Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová <mmachova@suse.com>
 

python-Django.keyring

@@ -87,4 +87,46 @@ mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe
 SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv
 eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA==
 =ul9f
------END PGP PUBLIC KEY BLOCK-----
+-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k
+cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW
+qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR
+vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa
+bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz
+mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB
+a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3
+okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl
+EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93
+KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+
+iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG
+FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm
+j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu
+NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev
+BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK
+waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1
+CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC
+1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5
+AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi
+IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H
+MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW
+4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C
+aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS
+h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i
+SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU
+PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu
+tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb
+pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA
+AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV
+sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7
+G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk
+334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf
+07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj
++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK
+qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL
+5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8
+BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF
+z+gZLcBuv/NdNg==
+=B8gH
+-----END PGP PUBLIC KEY BLOCK-----

python-Django.spec

@@ -21,7 +21,7 @@
 %bcond_with memcached
 %{?sle15_python_module_pythons}
 Name:           python-Django
-Version:        5.1.2
+Version:        5.1.4
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause