diff --git a/Django-3.1.1.tar.gz b/Django-3.1.1.tar.gz new file mode 100644 index 0000000..a617cd9 --- /dev/null +++ b/Django-3.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:59c8125ca873ed3bdae9c12b146fbbd6ed8d0f743e4cf5f5817af50c51f1fc2f +size 9250616 diff --git a/Django-3.1.1.tar.gz.asc b/Django-3.1.1.tar.gz.asc new file mode 100644 index 0000000..0ffc803 --- /dev/null +++ b/Django-3.1.1.tar.gz.asc @@ -0,0 +1,62 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 3.1.1, released September 1, 2020. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring; this key has +the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT +keyserver. For example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 + +Once the key is imported, verify this file:: + + gpg --verify <> + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages: +================= + +https://www.djangoproject.com/m/releases/3.1/Django-3.1.1.tar.gz +https://www.djangoproject.com/m/releases/3.1/Django-3.1.1-py3-none-any.whl + +MD5 checksums +============= + +d5e894fb3c46064e84e9dc68a08a46d0 Django-3.1.1.tar.gz +f4eb53dd67fc64f9b62514fb21a95949 Django-3.1.1-py3-none-any.whl + +SHA1 checksums +============== + +85b27794ddeea5b127563ba6cae0f35b59d78289 Django-3.1.1.tar.gz +65c131f4e90c914a52bca1543e70678a64ffad93 Django-3.1.1-py3-none-any.whl + +SHA256 checksums +================ + +59c8125ca873ed3bdae9c12b146fbbd6ed8d0f743e4cf5f5817af50c51f1fc2f Django-3.1.1.tar.gz +b5fbb818e751f660fa2d576d9f40c34a4c615c8b48dd383f5216e609f383371f Django-3.1.1-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl9OASwACgkQ4X31yCtP +nQC97Q//V1gnXYEsqn2UOz1JJ16I3M8LSDKpma1FY4BJ9EtKjB+JgiGkjwLUAJZP +sOyDeNkTOnLk0sNn7LTpSnOhjfb5vgbeFrGiXaCL3njJjSqZl6M6HnsePuanOTAA +ufGKyFhk5TJ243oHMuKAfcqWOQegSHi3ZXgD0NJOTH6dGsKNsvcNaPlwlGAPc0EH +wokz/ikDIV8q10/uquOP+AUew3lClCuncI+YCsGVUs/wnniiqxxoY9V2uxP/8/mt +OfL5/VRAkXNk0kBxu5lLPGOLNdJfgskpQbhZFXAAtWjbQw2D0s1/HCB2XXfiiztU +j34o/CD1USOzTZA3uv8zoCiLjWON/FXwvdvJFNo3J79DGdeqJmjdCFEpnLNzLBUW +kliy9i+OVCR3eWfx6UEu4WwsSOLuyDP38J0V57FzRzZAXSyVYpvTKToHWMkDi7eU +CrCkhUkWTWIS9C73V42FUChReFkHfZ00RVR+g21rz6wEp4UFu1IRPcxLsir1Uy63 +7VSHydexXllr0/BS1Ii1V5z1Vk8eUx4qE10yiRAtxBEjaGMJkVsvJXVmA2MINrxI +mYO1Q2j7FkXLA3AHcH1FPHjYiPZDfEHX4MADNXU0YVoRWDiWXZRp2bCuM2Q6PmkW +l5WhxbfllVcy1xJMmqwsTu0Wvr27x7hyU/nA348+9I6SV3uh3cQ= +=Q2LD +-----END PGP SIGNATURE----- diff --git a/Django-3.1.tar.gz b/Django-3.1.tar.gz deleted file mode 100644 index 2eec1a9..0000000 --- a/Django-3.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2d390268a13c655c97e0e2ede9d117007996db692c1bb93eabebd4fb7ea7012b -size 9382872 diff --git a/Django-3.1.tar.gz.asc b/Django-3.1.tar.gz.asc deleted file mode 100644 index 8cea63a..0000000 --- a/Django-3.1.tar.gz.asc +++ /dev/null @@ -1,63 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -This file contains MD5, SHA1, and SHA256 checksums for the source-code -tarball and wheel files of Django 3.1, released August 4, 2020. - -To use this file, you will need a working install of PGP or other -compatible public-key encryption software. You will also need to have -the Django release manager's public key in your keyring; this key has -the ID ``2EF56372BA48CD1B`` and can be imported from the MIT -keyserver. For example, if using the open-source GNU Privacy Guard -implementation of PGP: - - gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B - -Once the key is imported, verify this file:: - - gpg --verify <> - -Once you have verified this file, you can use normal MD5, SHA1, or SHA256 -checksumming applications to generate the checksums of the Django -package and compare them to the checksums listed below. - -Release packages: -================= - -https://www.djangoproject.com/m/releases/3.1/Django-3.1-py3-none-any.whl -https://www.djangoproject.com/m/releases/3.1/Django-3.1.tar.gz - -MD5 checksums -============= - -281c2e919cb60fd09a64fd068cf152fb Django-3.1-py3-none-any.whl -2001ba40467d61a2b90570a68c657e35 Django-3.1.tar.gz - -SHA1 checksums -============== - -078f1ca04e2a85b33061b573eb60f653fe3af6ed Django-3.1-py3-none-any.whl -e337b9d012e55fef0e2ebd40df2f594973be090f Django-3.1.tar.gz - -SHA256 checksums -================ - -1a63f5bb6ff4d7c42f62a519edc2adbb37f9b78068a5a862beff858b68e3dc8b Django-3.1-py3-none-any.whl -2d390268a13c655c97e0e2ede9d117007996db692c1bb93eabebd4fb7ea7012b Django-3.1.tar.gz ------BEGIN PGP SIGNATURE----- - -iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAl8pFPIbHGZlbGlzaWFr -Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0b6vkP/32JhaDGV29bTaxKnaSH -LGtLADGlIBKueTjiWGJtRGHiYqCrTg5wnqs9VDlgnskhXJqTN3dCEmX9TXrrUOAv -Mujog0bXm1iQbD3Y/pv8RCuWUZPLbTKTbQn2OlONIHPbbTeeUFIAhu7P7t8g/Jjl -UIKM+CjgrAluHHQf+texdN0qiddd6gajf+Re+znWuT4COo1b0urcXHUGbCyJx0Ae -Kb/U9asLxB+Z8O+4gSxphb9Eo8dt5d3HpmnmAJ/Lfx47TCi4jmoHEHV/BNvQoYBF -fCqLRelGWWjkPbDoCX2JAAalvNDAk4fVe9ZQkFTD6uiur1jHn/nD3Dgt+zfdhTNb -0kQZ4WIawiH1VwQQ1GqkvDu04sToafKstdtRrgf/WbgwNivfxui531/niF30E6nd -8svHLA+a63KFx6sQPv7v4430g6uLvvEEyqIA5tjB2MjGFgmcOhnsykYmT/bidwIy -A0tEJ0/iNsS0WyYCqwoQ3op0+wnx1voCgN5Rt5MaBVAcwl3Lzp8StUJTC5o2QDUM -qDdFrr1Mp4JBj992i33vu8QqQsgbUDozZJOedH3j5E47PRx74XAUHNmaAbcAKB9y -v5XV4ueNKEyI1bP/wuUKqm6QqYRcjEnxAq08OkiBHvsqr8L0EXS+5enyaQsRNOA6 -WyWATW0ae02i6KMPWn4owW5L -=nCOU ------END PGP SIGNATURE----- diff --git a/python-Django.changes b/python-Django.changes index 173e521..4914ff8 100644 --- a/python-Django.changes +++ b/python-Django.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Wed Sep 9 14:14:08 UTC 2020 - Marketa Calabkova + +- Update to 3.1.1 + * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+ + * CVE-2020-24584: Permission escalation in intermediate-level directories of the file + system cache on Python 3.7+ + * Fixed a data loss possibility in the select_for_update(). When using related fields + pointing to a proxy model in the of argument, the corresponding model was not locked + * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data + * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite + * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator + and settings.py + ------------------------------------------------------------------- Wed Sep 9 03:55:36 UTC 2020 - John Vandenberg diff --git a/python-Django.spec b/python-Django.spec index 66fbc10..42e5f5a 100644 --- a/python-Django.spec +++ b/python-Django.spec @@ -23,7 +23,7 @@ %bcond_with memcached Name: python-Django # We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc -Version: 3.1 +Version: 3.1.1 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause