rpm/python-Django
SHA256
1
0
Fork 0
forked from pool/python-Django
Code Pull Requests Activity

- Update to 5.1.1 (bsc#1229823, bsc#1229824)

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=179
This commit is contained in:
Markéta Machová 2024-09-04 12:09:20 +00:00 committed by Git OBS Bridge
parent 8d6af13dc7
commit 789323fdc2
1 changed files with 1 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
python-Django.changes
View File

@ -1,7 +1,7 @@
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com> Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
- Update to 5.1.1 - Update to 5.1.1 (bsc#1229823, bsc#1229824)
* CVE-2024-45230: Potential denial-of-service vulnerability in * CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize() django.utils.html.urlize()
* CVE-2024-45231: Potential user email enumeration via response * CVE-2024-45231: Potential user email enumeration via response
@ -27,27 +27,6 @@ Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
* Fixed a bug in Django 5.1 where variable lookup errors were logged * Fixed a bug in Django 5.1 where variable lookup errors were logged
when rendering admin fieldsets when rendering admin fieldsets
-------------------------------------------------------------------
Tue Sep 3 14:04:33 UTC 2024 - Markéta Machová <mmachova@suse.com>
- Update to 5.1.1 (CVE-2024-45230, bsc#1229823, CVE-2024-45231, bsc#1229824)
* Fixed a regression in Django 5.1 that caused a crash of Window() when
passing an empty sequence to the order_by parameter, and a crash of
Prefetch() for a sliced queryset without ordering
* Fixed a regression in Django 5.1 where a new usable_password field was
included in BaseUserCreationForm (and children).
* Adjusted the deprecation warning stacklevel in Model.save() and
Model.asave() to correctly point to the offending call site
* Adjusted the deprecation warning stacklevel when using OS_OPEN_FLAGS
in FileSystemStorage to correctly point to the offending call site
* Adjusted the deprecation warning stacklevel in FieldCacheMixin.get_cache_name()
to correctly point to the offending call site
* Restored, following a regression in Django 5.1, the ability to
override the timezone and role setting behavior used within the
init_connection_state method of the PostgreSQL backend
* Fixed a bug in Django 5.1 where variable lookup errors were logged
when rendering admin fieldsets
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová <mmachova@suse.com> Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová <mmachova@suse.com>