From 789323fdc2c33463fee22fb0ca52525e2c8209c2a1843a11a69853b77eeecddb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mark=C3=A9ta=20Machov=C3=A1?= Date: Wed, 4 Sep 2024 12:09:20 +0000 Subject: [PATCH] - Update to 5.1.1 (bsc#1229823, bsc#1229824) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=179 --- python-Django.changes | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/python-Django.changes b/python-Django.changes index de7b0dc..f4dc35e 100644 --- a/python-Django.changes +++ b/python-Django.changes @@ -1,7 +1,7 @@ ------------------------------------------------------------------- Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez -- Update to 5.1.1 +- Update to 5.1.1 (bsc#1229823, bsc#1229824) * CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() * CVE-2024-45231: Potential user email enumeration via response @@ -27,27 +27,6 @@ Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez * Fixed a bug in Django 5.1 where variable lookup errors were logged when rendering admin fieldsets -------------------------------------------------------------------- -Tue Sep 3 14:04:33 UTC 2024 - Markéta Machová - -- Update to 5.1.1 (CVE-2024-45230, bsc#1229823, CVE-2024-45231, bsc#1229824) - * Fixed a regression in Django 5.1 that caused a crash of Window() when - passing an empty sequence to the order_by parameter, and a crash of - Prefetch() for a sliced queryset without ordering - * Fixed a regression in Django 5.1 where a new usable_password field was - included in BaseUserCreationForm (and children). - * Adjusted the deprecation warning stacklevel in Model.save() and - Model.asave() to correctly point to the offending call site - * Adjusted the deprecation warning stacklevel when using OS_OPEN_FLAGS - in FileSystemStorage to correctly point to the offending call site - * Adjusted the deprecation warning stacklevel in FieldCacheMixin.get_cache_name() - to correctly point to the offending call site - * Restored, following a regression in Django 5.1, the ability to - override the timezone and role setting behavior used within the - init_connection_state method of the PostgreSQL backend - * Fixed a bug in Django 5.1 where variable lookup errors were logged - when rendering admin fieldsets - ------------------------------------------------------------------- Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová