rpm/python-Django
SHA256
1
0
Fork 0
forked from pool/python-Django
Code Pull Requests Activity

Accepting request 1198700 from devel:languages:python:django

Browse Source 
- Update to 5.1.1 (bsc#1229823, bsc#1229824)
  * CVE-2024-45230: Potential denial-of-service vulnerability in
    django.utils.html.urlize()
  * CVE-2024-45231: Potential user email enumeration via response
    status on password reset
  * Fixed a regression in Django 5.1 that caused a crash of Window()
    when passing an empty sequence to the order_by parameter, and a
    crash of Prefetch() for a sliced queryset without ordering
  * Fixed a regression in Django 5.1 where a new usable_password field
    was included in BaseUserCreationForm (and children). A new
    AdminUserCreationForm including this field was added, isolating
    the feature to the admin where it was intended
  * Adjusted the deprecation warning stacklevel in Model.save() and
    Model.asave() to correctly point to the offending call site
  * Adjusted the deprecation warning stacklevel when using
    OS_OPEN_FLAGS in FileSystemStorage to correctly point to the
    offending call site
  * Adjusted the deprecation warning stacklevel in
    FieldCacheMixin.get_cache_name() to correctly point to the
    offending call site
  * Restored, following a regression in Django 5.1, the ability to
    override the timezone and role setting behavior used within the
    init_connection_state method of the PostgreSQL backend
  * Fixed a bug in Django 5.1 where variable lookup errors were logged
    when rendering admin fieldsets

OBS-URL: https://build.opensuse.org/request/show/1198700
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=122
This commit is contained in:
Ana Guerrero 2024-09-05 13:46:17 +00:00 committed by Git OBS Bridge
commit aa9f2197a0
6 changed files with 100 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
Django-5.1.1.checksum.txt Normal file
View File

@ -0,0 +1,67 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
tarball and wheel files of Django 5.1.1, released September 3, 2024.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring. This key has
the ID ``2EE82A8D9470983E`` and can be imported from the MIT
keyserver, for example, if using the open-source GNU Privacy Guard
implementation of PGP:
gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
or via the GitHub API:
curl https://github.com/nessita.gpg | gpg --import -
Once the key is imported, verify this file:
gpg --verify Django-5.1.1.checksum.txt
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
package and compare them to the checksums listed below.
Release packages
================
https://www.djangoproject.com/m/releases/5.1/Django-5.1.1.tar.gz
https://www.djangoproject.com/m/releases/5.1/Django-5.1.1-py3-none-any.whl
MD5 checksums
=============
8024c23d7efe9e7acb04496ae22739c7 Django-5.1.1.tar.gz
7782d604d5b7cbb56e6b7da90595b6fa Django-5.1.1-py3-none-any.whl
SHA1 checksums
==============
8dedfc247c7bf010c93c5e5e30bca2012704a7ce Django-5.1.1.tar.gz
a038998584b227243ae6c1d29b3e7c2a166db918 Django-5.1.1-py3-none-any.whl
SHA256 checksums
================
021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2 Django-5.1.1.tar.gz
71603f27dac22a6533fb38d83072eea9ddb4017fead6f67f2562a40402d61c3f Django-5.1.1-py3-none-any.whl
-----BEGIN PGP SIGNATURE-----
iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmbXARwoHDEyNDMwNCtu
ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmSPEACs
vwz2HvzWF+YpeXx1jLQJ6/JdQjmRPT/6pp+r0GW6KG6UqmawMsvRSX/k4zdvceYx
c7SVAIJwWNwZsPHbrjetGAI1NbAoWYxl8soCTIMR9A0mSlZebBSHb0+oUMQcwiZ5
E4OMBv7QYYo8QVGs1KH1dMx4Unn+5VlAlaxo9BOa94PtCzUWxsIuji+yv1uKDVVa
BQivwy0ZuzBPMkHHaTAb5byWtsbLFhHeXkWirEzivecIVxvd88mO1GXh5zY3wjRW
UKLHQCNT6e3s7UB/ZS7IsQp7bPCmFfLsVp8+8pbABXqYHn6rM4/VCLhN06s/xVID
DSPkqNQz39gRbn5UNVSTLVNv/yoQ6crIHw9AiRECrJ3UaRzeDcQStnmxJx92duDr
bDLnmTI0Sx7+hqQjNOrGCFg6vO8ZVosxOgM/FgbXDKyA+FqtfbdR+/tW9KKtunPy
AHs87A6VqYMRzyTvRChzVpKKYrdMckjRUuyrogQJEuE5VJ0o5579FxBy9OekA3km
FTscEn8GiC4EZTR48IWSsNOCYn7VjihHvZGo4eO0uZRYFChTKc6Sah7p+i41XV1W
FLhOqCqF/4Kl6u3dWkWPAnm8mmWDsARpGbAoxCkd8AJtlR0nScdYuwOshlpixIVa
XgUJwJ3rzCSTd35tq+sF7y3WT3bPyUl/DwkuJVHhFA==
=i1OF
-----END PGP SIGNATURE-----

3
Django-5.1.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2
size 10675933

67
Django-5.1.checksum.txt
View File

@ -1,67 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
tarball and wheel files of Django 5.1, released August 7, 2024.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring. This key has
the ID ``2EE82A8D9470983E`` and can be imported from the MIT
keyserver, for example, if using the open-source GNU Privacy Guard
implementation of PGP:
gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
or via the GitHub API:
curl https://github.com/nessita.gpg | gpg --import -
Once the key is imported, verify this file:
gpg --verify Django-5.1.checksum.txt
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
package and compare them to the checksums listed below.
Release packages
================
https://www.djangoproject.com/m/releases/5.1/Django-5.1.tar.gz
https://www.djangoproject.com/m/releases/5.1/Django-5.1-py3-none-any.whl
MD5 checksums
=============
77f44885427c09458e1abd0b48e09517 Django-5.1.tar.gz
e8a8edeeb894fcba4830653e450ef8ea Django-5.1-py3-none-any.whl
SHA1 checksums
==============
34e73c5ea536989ce8b59d4dcbcad81f8df042b0 Django-5.1.tar.gz
c1c96089c6a5d90439ae6849f8ab4d11f22cfaec Django-5.1-py3-none-any.whl
SHA256 checksums
================
848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d Django-5.1.tar.gz
d3b811bf5371a26def053d7ee42a9df1267ef7622323fe70a601936725aa4557 Django-5.1-py3-none-any.whl
-----BEGIN PGP SIGNATURE-----
iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmazdjMoHDEyNDMwNCtu
ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPoWDD/0S
xuoCMIvhc7m8FWAZ8VS0zkzT0e7TZonySEG5Oa1GrEMEZLe7C98HIXXptGDBuJkQ
W8WPbOgoc8iylA6/X3Q74guZMiZ2x/yK1XH3W/TwahMO0ii7bjcBkMJX0hB0zSph
SndMUCmBLuyfPNKUWQrBfGHtegmtm6tyHi5pLBLNgZjebh5Poy+3lrYlIL95sVG9
5ckvE9B4+5z/muZlJzSf3784mMirWRnHLsOsvFZLuEBESyaS7C4gjUaRFX2JUzKG
0HRw/CUFR5BlsNefYRXZGAdW0rWMk9ucgc6BYbqTfwDfRUyFE+0jxQgNLP+t2hVj
W4Jr0hNyYJ6fLvW+L9owIBdL8dUBGEOoFKQmudnKEKFyfa2uXJcPnHPzTOMX28WT
CvN0kh55v8IqBpMlXZY7/6Cc2E6LTNvDRMygNJbV8Jl9bhQDvl9vII8PhmEv8774
bJBExGvgTluySZQHUr2/aJXC0ldUiHAyleq8iD4lq3z7jOHN7W4T1TNFPI9+m34D
nTzOJSu7H/sYGp11UoyvW1MyHrocxgn+GE1Lg4MOlFpbwsRXG8vBBP8n00w6srqO
/0wfOtmwHK+Kf2VjW6VtzKIg5LUTpEKZC9FOgAweiZ80BVZRXqB0pSIkHIRTqswJ
ygDLRvq/Cp4D0OxHDM3DVZW/vKNn1zi0WH+9zlCLrA==
=XAjV
-----END PGP SIGNATURE-----

3
Django-5.1.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:848a5980e8efb76eea70872fb0e4bc5e371619c70fffbe48e3e1b50b2c09455d
size 10681050

29
python-Django.changes
View File

@ -1,3 +1,32 @@
-------------------------------------------------------------------
Wed Sep 4 07:21:54 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
- Update to 5.1.1 (bsc#1229823, bsc#1229824)
* CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize()
* CVE-2024-45231: Potential user email enumeration via response
status on password reset
* Fixed a regression in Django 5.1 that caused a crash of Window()
when passing an empty sequence to the order_by parameter, and a
crash of Prefetch() for a sliced queryset without ordering
* Fixed a regression in Django 5.1 where a new usable_password field
was included in BaseUserCreationForm (and children). A new
AdminUserCreationForm including this field was added, isolating
the feature to the admin where it was intended
* Adjusted the deprecation warning stacklevel in Model.save() and
Model.asave() to correctly point to the offending call site
* Adjusted the deprecation warning stacklevel when using
OS_OPEN_FLAGS in FileSystemStorage to correctly point to the
offending call site
* Adjusted the deprecation warning stacklevel in
FieldCacheMixin.get_cache_name() to correctly point to the
offending call site
* Restored, following a regression in Django 5.1, the ability to
override the timezone and role setting behavior used within the
init_connection_state method of the PostgreSQL backend
* Fixed a bug in Django 5.1 where variable lookup errors were logged
when rendering admin fieldsets
-------------------------------------------------------------------
Fri Aug 9 12:09:27 UTC 2024 - Markéta Machová <mmachova@suse.com>

2
python-Django.spec
View File

@ -23,7 +23,7 @@
%bcond_with memcached
%{?sle15_python_module_pythons}
Name: python-Django
Version: 5.1
Version: 5.1.1
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause