forked from pool/python-Django
Accepting request 890932 from home:aplanas:branches:devel:languages:python:django
- Update to 3.2.2 (CVE-2021-32052) OBS-URL: https://build.opensuse.org/request/show/890932 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=82
This commit is contained in:
Git OBS Bridge
parent
bc6d5ae53b
commit
8622f84af6
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:95c13c750f1f214abadec92b82c2768a5e795e6c2ebd0b4126f895ce9efffcdd
|
||||
size 9820723
|
||||
@ -1,67 +0,0 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA256
|
||||
|
||||
This file contains MD5, SHA1, and SHA256 checksums for the source-code
|
||||
tarball and wheel files of Django 3.2.1, released May 4, 2021.
|
||||
|
||||
To use this file, you will need a working install of PGP or other
|
||||
compatible public-key encryption software. You will also need to have
|
||||
the Django release manager's public key in your keyring. This key has
|
||||
the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT
|
||||
keyserver, for example, if using the open-source GNU Privacy Guard
|
||||
implementation of PGP:
|
||||
|
||||
gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00
|
||||
|
||||
or via the GitHub API:
|
||||
|
||||
curl https://github.com/carltongibson.gpg | gpg --import -
|
||||
|
||||
Once the key is imported, verify this file:
|
||||
|
||||
gpg --verify <<THIS FILENAME>>
|
||||
|
||||
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
|
||||
checksumming applications to generate the checksums of the Django
|
||||
package and compare them to the checksums listed below.
|
||||
|
||||
Release packages:
|
||||
=================
|
||||
|
||||
https://www.djangoproject.com/m/releases/3.2/Django-3.2.1-py3-none-any.whl
|
||||
https://www.djangoproject.com/m/releases/3.2/Django-3.2.1.tar.gz
|
||||
|
||||
MD5 checksums
|
||||
=============
|
||||
|
||||
dd5ba0f289ab783e2359a078b569e054 Django-3.2.1-py3-none-any.whl
|
||||
0ded0d3408c38f4a5cff2128f5a9c4ba Django-3.2.1.tar.gz
|
||||
|
||||
SHA1 checksums
|
||||
==============
|
||||
|
||||
6ed6e36a7e5ebf37f0ff0efe2b03d81730fd4c1b Django-3.2.1-py3-none-any.whl
|
||||
cd6f18967e13a6e67dbee4713116aab9cb348865 Django-3.2.1.tar.gz
|
||||
|
||||
SHA256 checksums
|
||||
================
|
||||
|
||||
e2f73790c60188d3f94f08f644de249d956b3789161e7604509d128a13fb2fcc Django-3.2.1-py3-none-any.whl
|
||||
95c13c750f1f214abadec92b82c2768a5e795e6c2ebd0b4126f895ce9efffcdd Django-3.2.1.tar.gz
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJPBAEBCAA5FiEE/l+2OHah1xioxnVW4X31yCtPnQAFAmCRCGkbHGNhcmx0b24u
|
||||
Z2lic29uQG5vdW1lbmFsLmVzAAoJEOF99cgrT50AEOAQALLp01Bu+1LOKrpd3kql
|
||||
UhgZgD4buu3olr/qPnj6j9wCNyOV3zk/G7CmImY6WAIZdhI8Y8PoxJ3WeirzBsWt
|
||||
yCdMItlDpjcjvW8BJUHAo80hjeBTETXzkaylJfCkjMdFP/EPmunxWdFr7cWoB32F
|
||||
uGsPegBjZ3KWUIPsKxUMO81PBtGq0ir5Ht0hs/z/ni+DOUSZixSBNZo/cmECelwR
|
||||
4ssPd+ixNc1qxUeBGGLzmmrZQF72iINiA4bmyQzVUIBZ/0H72ZyNvkITTH4x7Qab
|
||||
UwYHJOXNhW+pQGjN7V4RPKUwfVfoauXbRYr/FvcqKfob3iSy4UH59GRZ3xxbt//1
|
||||
Ox2U+IOiv0Ikck2UZcfQZdwpsTe0V36NONyrYsvnEcCdAy2BZ2zZu51N9vedIIxb
|
||||
e+3OJNNvMsn+Rt1BhZZNVHPfVeqaYBqeV+ZrDUnfb9gChaxKCwCc/hoet/xP5FKw
|
||||
2UgkXejevYvVNsaWXY8AN09rD26qruhadN2vx2O0nyiEoot3cC3ufGquBvjphs/I
|
||||
L/1ftY1pRTR3KKLkKLPcfcQpeeuQjmZewhaGALJ/aeFwPC1Fzp/wJ73omfJpb+2y
|
||||
PUr9GZBi5vGdgin+x2HjwP1ho00ZpoyIePVWxxC4GrPApmHW/M/GBmt6ns4kVJhL
|
||||
uOfA7SNMCou79sy7Jy/dZwhs
|
||||
=5lpt
|
||||
-----END PGP SIGNATURE-----
|
||||
3
Django-3.2.2.tar.gz
Normal file
3
Django-3.2.2.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0a1d195ad65c52bf275b8277b3d49680bd1137a5f55039a806f25f6b9752ce3d
|
||||
size 9796920
|
||||
67
Django-3.2.2.tar.gz.asc
Normal file
67
Django-3.2.2.tar.gz.asc
Normal file
@ -0,0 +1,67 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA256
|
||||
|
||||
This file contains MD5, SHA1, and SHA256 checksums for the source-code
|
||||
tarball and wheel files of Django 3.2.2, released May 6, 2021.
|
||||
|
||||
To use this file, you will need a working install of PGP or other
|
||||
compatible public-key encryption software. You will also need to have
|
||||
the Django release manager's public key in your keyring. This key has
|
||||
the ID ``2EF56372BA48CD1B`` and can be imported from the MIT
|
||||
keyserver, for example, if using the open-source GNU Privacy Guard
|
||||
implementation of PGP:
|
||||
|
||||
gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B
|
||||
|
||||
or via the GitHub API:
|
||||
|
||||
curl https://github.com/felixxm.gpg | gpg --import -
|
||||
|
||||
Once the key is imported, verify this file:
|
||||
|
||||
gpg --verify <<THIS FILENAME>>
|
||||
|
||||
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
|
||||
checksumming applications to generate the checksums of the Django
|
||||
package and compare them to the checksums listed below.
|
||||
|
||||
Release packages:
|
||||
=================
|
||||
|
||||
https://www.djangoproject.com/m/releases/3.2/Django-3.2.2-py3-none-any.whl
|
||||
https://www.djangoproject.com/m/releases/3.2/Django-3.2.2.tar.gz
|
||||
|
||||
MD5 checksums
|
||||
=============
|
||||
|
||||
abd67e107427fb9b5f68863bf0b384d5 Django-3.2.2-py3-none-any.whl
|
||||
43784c090a8805605e3d0b768cd21cb2 Django-3.2.2.tar.gz
|
||||
|
||||
SHA1 checksums
|
||||
==============
|
||||
|
||||
d2edacc8e6e2a3eaa7a598a3c70761436157c56f Django-3.2.2-py3-none-any.whl
|
||||
67932014e89b3388eb6df61619ce65ebe49cd620 Django-3.2.2.tar.gz
|
||||
|
||||
SHA256 checksums
|
||||
================
|
||||
|
||||
18dd3145ddbd04bf189ff79b9954d08fda5171ea7b57bf705789fea766a07d50 Django-3.2.2-py3-none-any.whl
|
||||
0a1d195ad65c52bf275b8277b3d49680bd1137a5f55039a806f25f6b9752ce3d Django-3.2.2.tar.gz
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAmCTlDMbHGZlbGlzaWFr
|
||||
Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0bpS4QAISsBwHgTdsgdtC/qJbM
|
||||
kUvw3W2l00B0GBbm14W2jdwXBftn31V8zP6DcfTEKmBjkHlEvnfmd/IvHR+poFKR
|
||||
q6Pz43+xNcT7r6UIgB5Qftd9KDQmUGKp7Be3FzZ3Q3+EwduMWGRReOjHLC25Ed+z
|
||||
Wetdg2IsR/6FF2+fSgMuYSSWjQ83Y1Pb2t2EWyEhTwRnM5wYhY7ZrNwnNa3mZaIJ
|
||||
/8tvCKQrqAZpjxyJT6wmvCNT1IZH6GwEJ5jAqFNQM89sxgNyi68gDiO11K3oFkxZ
|
||||
Eyeo3i32FKKcHhqrGJnoC1mwuYIFbB2e2K347smcwrc670dVuj1IdQ5PFAQBdyXZ
|
||||
6YCNznWXM1nZ6NovOXO2DiT2QpKb0olKsdlENeCLM9oqSrhP1YYlVeRRpzgg3GCh
|
||||
J7RFnuileSEu2fl1kVofdsDa2/FFNn+3IJFgdEAXSI1ITwrMMMNFCkNh4h0JR/Cn
|
||||
LJw7+LCYxm8qJeY+LzzW3bGjAXZs1eM1DfquvQKqE65hRr93LKXjFn4FHmUvIIeg
|
||||
Ke1G4VPCmKD+vRo8uvE32lkevW81aycCujdn3ssQe4lP/QEOfZVEEKpMQ+wjt3JK
|
||||
gD6Ogxgdd+ZRgzuycBv1ZDD6vdgX6onBoFYDxJEWDQ8ZKpRbZ03oZgT6cZCX1Zwm
|
||||
5Z26wvw98synt63VvV5Pg2eC
|
||||
=T6ja
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,3 +1,13 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu May 6 08:54:41 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Update to 3.2.2 (CVE-2021-32052)
|
||||
+ CVE-2021-32052: Header injection possibility since URLValidator
|
||||
accepted newlines in input on Python 3.9.5+
|
||||
+ Prevented, following a regression in Django 3.2.1, makemigrations
|
||||
from generating infinite migrations for a model with Meta.ordering
|
||||
contained OrderBy expressions
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 5 17:25:18 UTC 2021 - Ben Greiner <code@bnavigator.de>
|
||||
|
||||
|
||||
@ -23,7 +23,7 @@
|
||||
%bcond_with memcached
|
||||
Name: python-Django
|
||||
# We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc
|
||||
Version: 3.2.1
|
||||
Version: 3.2.2
|
||||
Release: 0
|
||||
Summary: A high-level Python Web framework
|
||||
License: BSD-3-Clause
|
||||
|
||||
Loading…
Reference in New Issue
Block a user