diff --git a/Django-3.2.1.tar.gz b/Django-3.2.1.tar.gz new file mode 100644 index 0000000..dc407f2 --- /dev/null +++ b/Django-3.2.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:95c13c750f1f214abadec92b82c2768a5e795e6c2ebd0b4126f895ce9efffcdd +size 9820723 diff --git a/Django-3.2.1.tar.gz.asc b/Django-3.2.1.tar.gz.asc new file mode 100644 index 0000000..1fc8c3e --- /dev/null +++ b/Django-3.2.1.tar.gz.asc @@ -0,0 +1,67 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 3.2.1, released May 4, 2021. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring. This key has +the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT +keyserver, for example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 + +or via the GitHub API: + + curl https://github.com/carltongibson.gpg | gpg --import - + +Once the key is imported, verify this file: + + gpg --verify <> + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages: +================= + +https://www.djangoproject.com/m/releases/3.2/Django-3.2.1-py3-none-any.whl +https://www.djangoproject.com/m/releases/3.2/Django-3.2.1.tar.gz + +MD5 checksums +============= + +dd5ba0f289ab783e2359a078b569e054 Django-3.2.1-py3-none-any.whl +0ded0d3408c38f4a5cff2128f5a9c4ba Django-3.2.1.tar.gz + +SHA1 checksums +============== + +6ed6e36a7e5ebf37f0ff0efe2b03d81730fd4c1b Django-3.2.1-py3-none-any.whl +cd6f18967e13a6e67dbee4713116aab9cb348865 Django-3.2.1.tar.gz + +SHA256 checksums +================ + +e2f73790c60188d3f94f08f644de249d956b3789161e7604509d128a13fb2fcc Django-3.2.1-py3-none-any.whl +95c13c750f1f214abadec92b82c2768a5e795e6c2ebd0b4126f895ce9efffcdd Django-3.2.1.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQJPBAEBCAA5FiEE/l+2OHah1xioxnVW4X31yCtPnQAFAmCRCGkbHGNhcmx0b24u +Z2lic29uQG5vdW1lbmFsLmVzAAoJEOF99cgrT50AEOAQALLp01Bu+1LOKrpd3kql +UhgZgD4buu3olr/qPnj6j9wCNyOV3zk/G7CmImY6WAIZdhI8Y8PoxJ3WeirzBsWt +yCdMItlDpjcjvW8BJUHAo80hjeBTETXzkaylJfCkjMdFP/EPmunxWdFr7cWoB32F +uGsPegBjZ3KWUIPsKxUMO81PBtGq0ir5Ht0hs/z/ni+DOUSZixSBNZo/cmECelwR +4ssPd+ixNc1qxUeBGGLzmmrZQF72iINiA4bmyQzVUIBZ/0H72ZyNvkITTH4x7Qab +UwYHJOXNhW+pQGjN7V4RPKUwfVfoauXbRYr/FvcqKfob3iSy4UH59GRZ3xxbt//1 +Ox2U+IOiv0Ikck2UZcfQZdwpsTe0V36NONyrYsvnEcCdAy2BZ2zZu51N9vedIIxb +e+3OJNNvMsn+Rt1BhZZNVHPfVeqaYBqeV+ZrDUnfb9gChaxKCwCc/hoet/xP5FKw +2UgkXejevYvVNsaWXY8AN09rD26qruhadN2vx2O0nyiEoot3cC3ufGquBvjphs/I +L/1ftY1pRTR3KKLkKLPcfcQpeeuQjmZewhaGALJ/aeFwPC1Fzp/wJ73omfJpb+2y +PUr9GZBi5vGdgin+x2HjwP1ho00ZpoyIePVWxxC4GrPApmHW/M/GBmt6ns4kVJhL +uOfA7SNMCou79sy7Jy/dZwhs +=5lpt +-----END PGP SIGNATURE----- diff --git a/Django-3.2.tar.gz b/Django-3.2.tar.gz deleted file mode 100644 index 10ea8f7..0000000 --- a/Django-3.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:21f0f9643722675976004eb683c55d33c05486f94506672df3d6a141546f389d -size 9819119 diff --git a/Django-3.2.tar.gz.asc b/Django-3.2.tar.gz.asc deleted file mode 100644 index 63dd6be..0000000 --- a/Django-3.2.tar.gz.asc +++ /dev/null @@ -1,67 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -This file contains MD5, SHA1, and SHA256 checksums for the source-code -tarball and wheel files of Django 3.2, released April 6, 2021. - -To use this file, you will need a working install of PGP or other -compatible public-key encryption software. You will also need to have -the Django release manager's public key in your keyring. This key has -the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT -keyserver, for example, if using the open-source GNU Privacy Guard -implementation of PGP: - - gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 - -or via the GitHub API: - - curl https://github.com/carltongibson.gpg | gpg --import - - -Once the key is imported, verify this file: - - gpg --verify <> - -Once you have verified this file, you can use normal MD5, SHA1, or SHA256 -checksumming applications to generate the checksums of the Django -package and compare them to the checksums listed below. - -Release packages: -================= - -https://www.djangoproject.com/m/releases/3.2/Django-3.2.tar.gz -https://www.djangoproject.com/m/releases/3.2/Django-3.2-py3-none-any.whl - -MD5 checksums -============= - -0db580470a6a1dc20ccb805f94479ffa Django-3.2.tar.gz -e2cfd14ad74a389429bec15cd8b7391b Django-3.2-py3-none-any.whl - -SHA1 checksums -============== - -00abafe8e50230aa41892b28456c35ae18c16b8b Django-3.2.tar.gz -07015dcabc200f09266991978f611bdca56ce93f Django-3.2-py3-none-any.whl - -SHA256 checksums -================ - -21f0f9643722675976004eb683c55d33c05486f94506672df3d6a141546f389d Django-3.2.tar.gz -0604e84c4fb698a5e53e5857b5aea945b2f19a18f25f10b8748dbdf935788927 Django-3.2-py3-none-any.whl ------BEGIN PGP SIGNATURE----- - -iQJPBAEBCAA5FiEE/l+2OHah1xioxnVW4X31yCtPnQAFAmBsKcQbHGNhcmx0b24u -Z2lic29uQG5vdW1lbmFsLmVzAAoJEOF99cgrT50APIkP/1pmxTi40TM+EKi/PuGv -rv7ft9gXDbCkgnS0BMr5qnqi3allE7x7JJ0qEXN7mvo2ZEevVntR3gLRV8y6h9H6 -zYprz4iEs/+tfnEzcuZhCbkqDidY4SaoClNh9rqXBcMCWR2/CkR9GLNYDvMAYK9S -g/bRQBH3iy1Naw6TCum9fLcTqhpQgkbgN1qdxfDE12QsHTcxfIrkB54Jd1TSswWt -QzYwhhIdLkot785UBRsFk7rcNTsPCSXUDIlNUHxqMx6ubJXKPLLiDoaxZqXFyYAi -Pqhak9Itj7Q34emm+BkMpFj2fKAcdS8ufDtrTjiS3gmjNJ1Pw+A6+eamanVNFfYb -4eTbr2+X7Ttp9rUrJdMmBUNN+hEM8HwdShcjp94w+8ExDk2j80ZDGfjdxSwEh1Dj -drIFAyewXQ1umsK333gtI+xJS7bXak+6XjRg44PtfNH3WbSnKNuJ1u2wHYNFmARA -undAOhBiEsCz/TOKo3Rd2jb14j84J0x/ksiEQRfNWhjRAUvuFJohMtlV3/ig53Vw -icGvRwp0X3zst4I4p/SK+e/XAuOU+Cwc6GTP5yKBJZhtZIFAG8BZ2Z8CWYjNViQT -o43K7QtZlit6mmGXDEvONJhSXl3W7CQ0Wrwd3xI0ySE9fFRq1RQLOhjSpiidIXfE -oP/d3xyNLl4s58C0irBMrg9j -=Aeit ------END PGP SIGNATURE----- diff --git a/python-Django.changes b/python-Django.changes index 5d92f75..f497679 100644 --- a/python-Django.changes +++ b/python-Django.changes @@ -1,3 +1,51 @@ +------------------------------------------------------------------- +Wed May 5 08:44:30 UTC 2021 - Alberto Planas Dominguez + +- Update to 3.2.1 (CVE-2021-31542) + + CVE-2021-31542: Potential directory-traversal via uploaded files + + Corrected detection of GDAL 3.2 on Windows + + Fixed a bug in Django 3.2 where subclasses of BigAutoField and + SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.values()/values_list() after QuerySet.union(), + intersection(), and difference() when it was ordered by an + unannotated field + + Restored, following a regression in Django 3.2, displaying an + exception message on the technical 404 debug page + + Fixed a bug in Django 3.2 where a system check would crash on a + reverse one-to-one relationships in CheckConstraint.check or + UniqueConstraint.condition + + Fixed a regression in Django 3.2 that caused a crash of + ModelAdmin.search_fields when searching against phrases with + unbalanced quotes + + Fixed a bug in Django 3.2 where variable lookup errors were logged + rendering the sitemap template if alternates were not defined + + Fixed a regression in Django 3.2 that caused a crash when + combining Q() objects which contains boolean expressions + + Fixed a regression in Django 3.2 that caused a crash of + QuerySet.update() on a queryset ordered by inherited or joined + fields on MySQL and MariaDB + + Fixed a regression in Django 3.2 that caused a crash when decoding + a cookie value, used by + django.contrib.messages.storage.cookie.CookieStorage, in the + pre-Django 3.2 format + + Fixed a regression in Django 3.2 that stopped the shift-key + modifier selecting multiple rows in the admin changelist + + Fixed a bug in Django 3.2 where a system check would crash on the + STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path) + + Fixed a long standing bug involving queryset bitwise combination + when used with subqueries that began manifesting in Django 3.2, + due to a separate fix using Exists to exclude() multi-valued + relationships + + Fixed a bug in Django 3.2 where variable lookup errors were logged + when rendering some admin templates + + Fixed a bug in Django 3.2 where an admin changelist would crash + when deleting objects filtered against multi-valued relationships + + Fixed a regression in Django 3.2 where the calling process + environment would not be passed to the dbshell command on PostgreSQL + + Fixed a performance regression in Django 3.2 when building complex + filters with subqueries + ------------------------------------------------------------------- Tue Apr 6 09:27:50 UTC 2021 - Alberto Planas Dominguez diff --git a/python-Django.spec b/python-Django.spec index 21e1442..ec8da5a 100644 --- a/python-Django.spec +++ b/python-Django.spec @@ -23,7 +23,7 @@ %bcond_with memcached Name: python-Django # We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc -Version: 3.2 +Version: 3.2.1 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause