rpm/python-Django
SHA256
1
0
Fork 0
forked from pool/python-Django
Code Pull Requests Activity

- update to 2.2.11

Browse Source 
* fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance
   parameter in GIS functions and aggregates on Oracle
 * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)``

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=54
This commit is contained in:
Ondřej Súkup 2020-03-18 11:01:54 +00:00 committed by Git OBS Bridge
parent 9f6f318436
commit 56c5e65c93
6 changed files with 75 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Django-2.2.10.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1226168be1b1c7efd0e66ee79b0e0b58b2caa7ed87717909cd8a57bb13a7079a
size 8865888

62
Django-2.2.10.tar.gz.asc
View File

@ -1,62 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
tarball and wheel files of Django 2.2.10, released February 3, 2020.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring; this key has
the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT
keyserver. For example, if using the open-source GNU Privacy Guard
implementation of PGP:
gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00
Once the key is imported, verify this file::
gpg --verify <<THIS FILENAME>>
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
package and compare them to the checksums listed below.
Release packages:
=================
https://www.djangoproject.com/m/releases/2.2/Django-2.2.10-py3-none-any.whl
https://www.djangoproject.com/m/releases/2.2/Django-2.2.10.tar.gz
MD5 checksums
=============
d24676ee3a4e112abc46f5363a608cd6 Django-2.2.10-py3-none-any.whl
10f192f8565ab137aea2dda4a4cb3d26 Django-2.2.10.tar.gz
SHA1 checksums
==============
084cdc5c5e2041b0d202cd9cfc2d272f978a244b Django-2.2.10-py3-none-any.whl
86b0f5160b52cc4330d17cd69090f7f240c9fb47 Django-2.2.10.tar.gz
SHA256 checksums
================
9a4635813e2d498a3c01b10c701fe4a515d76dd290aaa792ccb65ca4ccb6b038 Django-2.2.10-py3-none-any.whl
1226168be1b1c7efd0e66ee79b0e0b58b2caa7ed87717909cd8a57bb13a7079a Django-2.2.10.tar.gz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl432l4ACgkQ4X31yCtP
nQDn1BAAn6zw5gnrDYDq1l3EOu5msL93pTt4vlRQP398taGwmytUdlpiDBtzRwUC
wDRqOIwAoExhoxRbg5vn4oYkb+V5mYBr3ExWQpDvVRS3j4Pt+sldOUUF66JpfUEV
iyo982VN0x91Ddx1Q+KGiEd3i+p5w2VFMDh+FDM+ySBzv86t0g0errCxb6+9Je4P
MxtLgVzeGhAigoiQzJcGjr3uYxOZSNwNuxYiw/3vHpi8KmET3Bst+zLhYtr3LiAz
3+K1qWek/Wwbv/Ycj4S+6TaVjaUkeNN3LlU7JCS8HFh2FkqmBGkmw5lZKM8RO9BK
hIu8ZK8c5gzJ2I/Ez9bU1aAE2GFXBKMdvixmDMJ7NrMGATjrGOhI3mfGkG01QDKq
jcLK89d/faeb2qsNRaSFlroI4F4tEVPkvehKAeazByynpZZ30kSmr2PMQwJezAK8
LSjOfGSpF4cQJe4d/oyQm+JfqZA0NTby+6JjFgN1Ar0DjouXsUa96m5iQgwBbNwJ
x6NqRk9fWyC73nr+MyQ2h+WaWwsW5sT2T6V6ZVaNLu3jdt9ijfhjKTsrvEIhe+Ri
7sMz57PBaSNETZgwT86aLvDE6BMP5FjJ4MKB5MGFK3q3FHTtsogj5a3WZ1lyWyt0
WiWQzCjdIyQnrmSOLTXV6EdlThziXZor81ilDiFcMeIUr/HF8tk=
=IWbV
-----END PGP SIGNATURE-----

3
Django-2.2.11.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:65e2387e6bde531d3bb803244a2b74e0253550a9612c64a60c8c5be267b30f50
size 9010479

63
Django-2.2.11.tar.gz.asc Normal file
View File

@ -0,0 +1,63 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
tarball and wheel files of Django 2.2.11, released March 4, 2020.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring; this key has
the ID ``2EF56372BA48CD1B`` and can be imported from the MIT
keyserver. For example, if using the open-source GNU Privacy Guard
implementation of PGP:
gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B
Once the key is imported, verify this file::
gpg --verify <<THIS FILENAME>>
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
package and compare them to the checksums listed below.
Release packages:
=================
https://www.djangoproject.com/m/releases/2.2/Django-2.2.11.tar.gz
https://www.djangoproject.com/m/releases/2.2/Django-2.2.11-py3-none-any.whl
MD5 checksums
=============
3d8cc4ec1329c742d848c418932e488a Django-2.2.11.tar.gz
c56b564c33b2803c00bb3087d1e316c2 Django-2.2.11-py3-none-any.whl
SHA1 checksums
==============
fcb4c862f6f769465dc1d2bbb71e7a733db8e134 Django-2.2.11.tar.gz
2a311f39a41ce4ee8f271235652fe9ed79cd851d Django-2.2.11-py3-none-any.whl
SHA256 checksums
================
65e2387e6bde531d3bb803244a2b74e0253550a9612c64a60c8c5be267b30f50 Django-2.2.11.tar.gz
b51c9c548d5c3b3ccbb133d0bebc992e8ec3f14899bce8936e6fdda6b23a1881 Django-2.2.11-py3-none-any.whl
-----BEGIN PGP SIGNATURE-----
iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAl5faK4bHGZlbGlzaWFr
Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0bGNkP/25Kn3E7Mxc+CvjEck44
mYy+DvQ2pXuLFGbPd8Lm+sXknwbCiOCRSCgzcslnrjLk0+0S0s0I76fR4fsPPKNe
gs44ppAdWvC7ipwp3zl8qkvEMP1a2QNTF2rq3nKXH9wSgC3jr55r7fTDdLA69nQg
wiaqcIEpIHpj/50Raac11Q6v01T6kiDQlIzR9kgoa+zt+oOcZgA5IWJSz3R2nbB5
XtjA1kLCAHPdSKK+byu78pKX58e6eFQDmNLejjDy3j9q1CyBTEo9ZACagk23lx6N
8L9vjRPETHM0GmM0N1zblLyxDJ1plsJ2s/LwJg5DuvYCIhE++XUHLJierTyBpfa2
dtYevLUVkkbxTcdTleTw5NxLiJahrlkOyAhyUy15YtYKwJHcf6GXjz/rTgyg5mEm
mPwIQsb+oBMJT4D0jqzHFix9wxqLeecz+PCpE8t9kaBpTFTbIBlSGTDv8i/b6C5T
M8nRGJht1aieKFjR5HPl3zB35bhHtem79RG3ZO4pZx+xmSF/LsiKBUwkBnvtB1Cc
ucLRydHIoPygOG8R361d+COvVMHcQ+Xu6dIY9ozxpAYM2Udh29thJ2T4kGsyt3dZ
c2i0tQQPHXLKitO2WVTgQfgCCL5NHuM/egOajM4lUGr6lYS6XXmMQ8DoLGbVhH1i
Tij0okR6OQAjm3BSL5jRXI5B
=1eu2
-----END PGP SIGNATURE-----

10
python-Django.changes
View File

@ -1,10 +1,16 @@
-------------------------------------------------------------------
Wed Mar 18 10:59:36 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>
- update to 2.2.11
* fix boo#1165022 (CVE-2020-9402) Potential SQL injection via tolerance
parameter in GIS functions and aggregates on Oracle
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com> Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>
- update to 2.2.10 - update to 2.2.10
- drop pyyaml53.patch - drop pyyaml53.patch
* fix boo#1161919 (CVE-2020 7471) Potential SQL injection via ``StringAgg(delimiter)`` * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via ``StringAgg(delimiter)``
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com> Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>

2
python-Django.spec
View File

@ -23,7 +23,7 @@
%bcond_with memcached %bcond_with memcached
Name: python-Django Name: python-Django
# We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc # We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc
Version: 2.2.10 Version: 2.2.11
Release: 0 Release: 0
Summary: A high-level Python Web framework Summary: A high-level Python Web framework
License: BSD-3-Clause License: BSD-3-Clause