diff --git a/Django-2.2.10.tar.gz b/Django-2.2.10.tar.gz deleted file mode 100644 index fe41108..0000000 --- a/Django-2.2.10.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1226168be1b1c7efd0e66ee79b0e0b58b2caa7ed87717909cd8a57bb13a7079a -size 8865888 diff --git a/Django-2.2.10.tar.gz.asc b/Django-2.2.10.tar.gz.asc deleted file mode 100644 index 2004f4e..0000000 --- a/Django-2.2.10.tar.gz.asc +++ /dev/null @@ -1,62 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -This file contains MD5, SHA1, and SHA256 checksums for the source-code -tarball and wheel files of Django 2.2.10, released February 3, 2020. - -To use this file, you will need a working install of PGP or other -compatible public-key encryption software. You will also need to have -the Django release manager's public key in your keyring; this key has -the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT -keyserver. For example, if using the open-source GNU Privacy Guard -implementation of PGP: - - gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 - -Once the key is imported, verify this file:: - - gpg --verify <> - -Once you have verified this file, you can use normal MD5, SHA1, or SHA256 -checksumming applications to generate the checksums of the Django -package and compare them to the checksums listed below. - -Release packages: -================= - -https://www.djangoproject.com/m/releases/2.2/Django-2.2.10-py3-none-any.whl -https://www.djangoproject.com/m/releases/2.2/Django-2.2.10.tar.gz - -MD5 checksums -============= - -d24676ee3a4e112abc46f5363a608cd6 Django-2.2.10-py3-none-any.whl -10f192f8565ab137aea2dda4a4cb3d26 Django-2.2.10.tar.gz - -SHA1 checksums -============== - -084cdc5c5e2041b0d202cd9cfc2d272f978a244b Django-2.2.10-py3-none-any.whl -86b0f5160b52cc4330d17cd69090f7f240c9fb47 Django-2.2.10.tar.gz - -SHA256 checksums -================ - -9a4635813e2d498a3c01b10c701fe4a515d76dd290aaa792ccb65ca4ccb6b038 Django-2.2.10-py3-none-any.whl -1226168be1b1c7efd0e66ee79b0e0b58b2caa7ed87717909cd8a57bb13a7079a Django-2.2.10.tar.gz ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl432l4ACgkQ4X31yCtP -nQDn1BAAn6zw5gnrDYDq1l3EOu5msL93pTt4vlRQP398taGwmytUdlpiDBtzRwUC -wDRqOIwAoExhoxRbg5vn4oYkb+V5mYBr3ExWQpDvVRS3j4Pt+sldOUUF66JpfUEV -iyo982VN0x91Ddx1Q+KGiEd3i+p5w2VFMDh+FDM+ySBzv86t0g0errCxb6+9Je4P -MxtLgVzeGhAigoiQzJcGjr3uYxOZSNwNuxYiw/3vHpi8KmET3Bst+zLhYtr3LiAz -3+K1qWek/Wwbv/Ycj4S+6TaVjaUkeNN3LlU7JCS8HFh2FkqmBGkmw5lZKM8RO9BK -hIu8ZK8c5gzJ2I/Ez9bU1aAE2GFXBKMdvixmDMJ7NrMGATjrGOhI3mfGkG01QDKq -jcLK89d/faeb2qsNRaSFlroI4F4tEVPkvehKAeazByynpZZ30kSmr2PMQwJezAK8 -LSjOfGSpF4cQJe4d/oyQm+JfqZA0NTby+6JjFgN1Ar0DjouXsUa96m5iQgwBbNwJ -x6NqRk9fWyC73nr+MyQ2h+WaWwsW5sT2T6V6ZVaNLu3jdt9ijfhjKTsrvEIhe+Ri -7sMz57PBaSNETZgwT86aLvDE6BMP5FjJ4MKB5MGFK3q3FHTtsogj5a3WZ1lyWyt0 -WiWQzCjdIyQnrmSOLTXV6EdlThziXZor81ilDiFcMeIUr/HF8tk= -=IWbV ------END PGP SIGNATURE----- diff --git a/Django-2.2.11.tar.gz b/Django-2.2.11.tar.gz new file mode 100644 index 0000000..11ff46d --- /dev/null +++ b/Django-2.2.11.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:65e2387e6bde531d3bb803244a2b74e0253550a9612c64a60c8c5be267b30f50 +size 9010479 diff --git a/Django-2.2.11.tar.gz.asc b/Django-2.2.11.tar.gz.asc new file mode 100644 index 0000000..983171e --- /dev/null +++ b/Django-2.2.11.tar.gz.asc @@ -0,0 +1,63 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 2.2.11, released March 4, 2020. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring; this key has +the ID ``2EF56372BA48CD1B`` and can be imported from the MIT +keyserver. For example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B + +Once the key is imported, verify this file:: + + gpg --verify <> + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages: +================= + +https://www.djangoproject.com/m/releases/2.2/Django-2.2.11.tar.gz +https://www.djangoproject.com/m/releases/2.2/Django-2.2.11-py3-none-any.whl + +MD5 checksums +============= + +3d8cc4ec1329c742d848c418932e488a Django-2.2.11.tar.gz +c56b564c33b2803c00bb3087d1e316c2 Django-2.2.11-py3-none-any.whl + +SHA1 checksums +============== + +fcb4c862f6f769465dc1d2bbb71e7a733db8e134 Django-2.2.11.tar.gz +2a311f39a41ce4ee8f271235652fe9ed79cd851d Django-2.2.11-py3-none-any.whl + +SHA256 checksums +================ + +65e2387e6bde531d3bb803244a2b74e0253550a9612c64a60c8c5be267b30f50 Django-2.2.11.tar.gz +b51c9c548d5c3b3ccbb133d0bebc992e8ec3f14899bce8936e6fdda6b23a1881 Django-2.2.11-py3-none-any.whl +-----BEGIN PGP SIGNATURE----- + +iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAl5faK4bHGZlbGlzaWFr +Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0bGNkP/25Kn3E7Mxc+CvjEck44 +mYy+DvQ2pXuLFGbPd8Lm+sXknwbCiOCRSCgzcslnrjLk0+0S0s0I76fR4fsPPKNe +gs44ppAdWvC7ipwp3zl8qkvEMP1a2QNTF2rq3nKXH9wSgC3jr55r7fTDdLA69nQg +wiaqcIEpIHpj/50Raac11Q6v01T6kiDQlIzR9kgoa+zt+oOcZgA5IWJSz3R2nbB5 +XtjA1kLCAHPdSKK+byu78pKX58e6eFQDmNLejjDy3j9q1CyBTEo9ZACagk23lx6N +8L9vjRPETHM0GmM0N1zblLyxDJ1plsJ2s/LwJg5DuvYCIhE++XUHLJierTyBpfa2 +dtYevLUVkkbxTcdTleTw5NxLiJahrlkOyAhyUy15YtYKwJHcf6GXjz/rTgyg5mEm +mPwIQsb+oBMJT4D0jqzHFix9wxqLeecz+PCpE8t9kaBpTFTbIBlSGTDv8i/b6C5T +M8nRGJht1aieKFjR5HPl3zB35bhHtem79RG3ZO4pZx+xmSF/LsiKBUwkBnvtB1Cc +ucLRydHIoPygOG8R361d+COvVMHcQ+Xu6dIY9ozxpAYM2Udh29thJ2T4kGsyt3dZ +c2i0tQQPHXLKitO2WVTgQfgCCL5NHuM/egOajM4lUGr6lYS6XXmMQ8DoLGbVhH1i +Tij0okR6OQAjm3BSL5jRXI5B +=1eu2 +-----END PGP SIGNATURE----- diff --git a/python-Django.changes b/python-Django.changes index 31431be..b328502 100644 --- a/python-Django.changes +++ b/python-Django.changes @@ -1,10 +1,16 @@ +------------------------------------------------------------------- +Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup + +- update to 2.2.11 + * fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance + parameter in GIS functions and aggregates on Oracle + ------------------------------------------------------------------- Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup - update to 2.2.10 - drop pyyaml53.patch - * fix boo#1161919 (CVE-2020 7471) Potential SQL injection via ``StringAgg(delimiter)`` - + * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)`` ------------------------------------------------------------------- Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup diff --git a/python-Django.spec b/python-Django.spec index 8f801cc..c7d2b7f 100644 --- a/python-Django.spec +++ b/python-Django.spec @@ -23,7 +23,7 @@ %bcond_with memcached Name: python-Django # We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc -Version: 2.2.10 +Version: 2.2.11 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause