From aaf262f20cf4f78c892f9d03c22f62c607635e0220c482040628390f43193f22 Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dleuenberger@suse.com>
Date: Mon, 26 Mar 2018 09:52:04 +0000
Subject: [PATCH] Accepting request 588436 from devel:languages:python

- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537):
  * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets.
  * Added CVE-2018-6188 to the security release archive.
  * Post-release version bump.
  * Updated translations from Transifex
  * Added stub release notes for security releases.
  * Fixed incorrect regex in re_path() example.
  * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments.
  * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks.
  * Used a CSS positioning in tutorial 6 that doesn't differ across browsers.
  * Fixed typo in bulk_create() documentation.
  * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string.
  * Removed blank lines per isort 4.3.0.
  * Added stub release notes for 2.0.3.
  * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
  * Fixed #29172 -- Fixed crash with Window expression in a subquery.
  * Fixed #29166 -- Fixed crash in When() expression with a list argument.
  * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution.
  * Improved clarity of docs/topics/install.txt.
  * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value.
  * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
  * Bumped version for 2.0.3 release.
  * Corrected doc'd type of some parameters from string to str.
  * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples.
  * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form.
  * Switched test requirement to new psycopg2-binary package.
  * Added backticks around obj argument in admin docs.
  * Fixed typo in docs/topics/forms/media.txt.
  * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale.
  * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)).

OBS-URL: https://build.opensuse.org/request/show/588436
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=37
---
 Django-2.0.2.tar.gz     |  3 --
 Django-2.0.2.tar.gz.asc | 63 -----------------------------------------
 Django-2.0.3.tar.gz     |  3 ++
 Django-2.0.3.tar.gz.asc | 63 +++++++++++++++++++++++++++++++++++++++++
 python-Django.changes   | 34 ++++++++++++++++++++++
 python-Django.spec      |  2 +-
 6 files changed, 101 insertions(+), 67 deletions(-)
 delete mode 100644 Django-2.0.2.tar.gz
 delete mode 100644 Django-2.0.2.tar.gz.asc
 create mode 100644 Django-2.0.3.tar.gz
 create mode 100644 Django-2.0.3.tar.gz.asc

diff --git a/Django-2.0.2.tar.gz b/Django-2.0.2.tar.gz
deleted file mode 100644
index 55735d7..0000000
--- a/Django-2.0.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:dc3b61d054f1bced64628c62025d480f655303aea9f408e5996c339a543b45f0
-size 8002374
diff --git a/Django-2.0.2.tar.gz.asc b/Django-2.0.2.tar.gz.asc
deleted file mode 100644
index 1af1abe..0000000
--- a/Django-2.0.2.tar.gz.asc
+++ /dev/null
@@ -1,63 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA256
-
-This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 2.0.2, released February 1, 2018.
-
-To use this file, you will need a working install of PGP or other
-compatible public-key encryption software. You will also need to have
-the Django release manager's public key in your keyring; this key has
-the ID ``1E8ABDC773EDE252`` and can be imported from the MIT
-keyserver. For example, if using the open-source GNU Privacy Guard
-implementation of PGP:
-
-    gpg --keyserver pgp.mit.edu --recv-key 1E8ABDC773EDE252
-
-Once the key is imported, verify this file::
-
-    gpg --verify <<THIS FILENAME>>
-
-Once you have verified this file, you can use normal MD5, SHA1, or SHA256
-checksumming applications to generate the checksums of the Django
-package and compare them to the checksums listed below.
-
-Release packages:
-=================
-
-https://www.djangoproject.com/m/releases/2.0/Django-2.0.2.tar.gz
-https://www.djangoproject.com/m/releases/2.0/Django-2.0.2-py3-none-any.whl
-
-MD5 checksums
-=============
-
-9d4ae0d4193bad0c6af751e54f3a4690  Django-2.0.2.tar.gz
-36d3f5a7f230296c040b11344f48ffce  Django-2.0.2-py3-none-any.whl
-
-SHA1 checksums
-==============
-
-036c521f6984312f34a5f656ec29c0a56ab24ac6  Django-2.0.2.tar.gz
-a2787ee2945f5ed1cb3ab66e93be9f0f9b5af1b5  Django-2.0.2-py3-none-any.whl
-
-SHA256 checksums
-================
-
-dc3b61d054f1bced64628c62025d480f655303aea9f408e5996c339a543b45f0  Django-2.0.2.tar.gz
-7c8ff92285406fb349e765e9ade685eec7271d6f5c3f918e495a74768b765c99  Django-2.0.2-py3-none-any.whl
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAEBCAAGBQJacyPXAAoJEB6Kvcdz7eJSQiMP/2EawFiXQYWts5MaPqE8akWT
-3sHMv0/KIliFYDXn4y6l0cZ8rPziW75rcG5rUDyweKyeJsQyD/KBGnn6ocppFkhr
-T+CceSzpgXds6oefkIz7zo+qOs5vFTtjfAgFvwyNl0DefY0h6FM1bw6JezaeSfUE
-zIpBJCb4fnfM2dKY8+1JO7EAA1YfUB35IRWbw0wDuesduC8ezRHcXRQLy8tFMPqD
-2F8iCHHXv/Hg1b69U1UcIvWOSA+KXIwwVlFgB2zhCC6Ib15TJ1ZRVzt+ZdQY17k9
-2t3/R9xK62Tp7CUF4lu43hO9xqhMpCFFcXS5uGGBOBPp9ik1R29RvpbsyJJW+q6+
-3N66ECskWps6V2yLHOFr273BLZUgO4P5q8Yb51m4vupi5U09r8pigL8ByC6s99/K
-IQbgsk5n33d0bZ2qrarsCSE0RawgAwENsCgjgjSKpiVxTRt5jq8b98F/1ufFcvnS
-ENJ8zUyhDeO87+I3sFFHrt4MKyJoK1MneFUx3qm7w1XoNprtwZeVAYQSXPFtM90l
-TIXfqLisAtD1inVPoiZ7Lu8dO4C+BOZS9Kc+gSphtzIi8rTbMkW2C4Ba0sVT2fjW
-pFJXpFUfLDpuWjOxxFoLVeJrsagzUpbDOv7T3Ye3SrURuvlwOaGQO/etjI2zOoxC
-7y2Y6qC+AfUnq0pYauZ9
-=OBBN
------END PGP SIGNATURE-----
diff --git a/Django-2.0.3.tar.gz b/Django-2.0.3.tar.gz
new file mode 100644
index 0000000..3c8124e
--- /dev/null
+++ b/Django-2.0.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:769f212ffd5762f72c764fa648fca3b7f7dd4ec27407198b68e7c4abf4609fd0
+size 8114604
diff --git a/Django-2.0.3.tar.gz.asc b/Django-2.0.3.tar.gz.asc
new file mode 100644
index 0000000..bae0b18
--- /dev/null
+++ b/Django-2.0.3.tar.gz.asc
@@ -0,0 +1,63 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+This file contains MD5, SHA1, and SHA256 checksums for the source-code
+tarball and wheel files of Django 2.0.3, released March 6, 2018.
+
+To use this file, you will need a working install of PGP or other
+compatible public-key encryption software. You will also need to have
+the Django release manager's public key in your keyring; this key has
+the ID ``1E8ABDC773EDE252`` and can be imported from the MIT
+keyserver. For example, if using the open-source GNU Privacy Guard
+implementation of PGP:
+
+    gpg --keyserver pgp.mit.edu --recv-key 1E8ABDC773EDE252
+
+Once the key is imported, verify this file::
+
+    gpg --verify <<THIS FILENAME>>
+
+Once you have verified this file, you can use normal MD5, SHA1, or SHA256
+checksumming applications to generate the checksums of the Django
+package and compare them to the checksums listed below.
+
+Release packages:
+=================
+
+https://www.djangoproject.com/m/releases/2.0/Django-2.0.3-py3-none-any.whl
+https://www.djangoproject.com/m/releases/2.0/Django-2.0.3.tar.gz
+
+MD5 checksums
+=============
+
+84742d3266ae1a2c02326b1e3036c7b5  Django-2.0.3-py3-none-any.whl
+ef1a31d36aaaa7cfe0a26af351c7ebbe  Django-2.0.3.tar.gz
+
+SHA1 checksums
+==============
+
+15eb4de63c1577dec274e20b7a3998350e5d226e  Django-2.0.3-py3-none-any.whl
+52e0d317a5dcc8fa89f1ae143eff093d83b98d1d  Django-2.0.3.tar.gz
+
+SHA256 checksums
+================
+
+3d9916515599f757043c690ae2b5ea28666afa09779636351da505396cbb2f19  Django-2.0.3-py3-none-any.whl
+769f212ffd5762f72c764fa648fca3b7f7dd4ec27407198b68e7c4abf4609fd0  Django-2.0.3.tar.gz
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQIcBAEBCAAGBQJanp8dAAoJEB6Kvcdz7eJSnokQAIHp+5H8vV7P3Y3M0bGXyML2
+prkPl7Lho9ZENQ9CoqXghmTmZxhpYvhInBlcq2Gzy2+on1G70yKq8hnsdQXrJBro
+SOrhRgqbxeORcGXKz84NmqyYQhKAQDnDS792JWF9zzpZoIpeWIk+nCSTOH4MPNOb
+hJgaAq2LvD+uzs23iC9duP6k9Ow+Bz1uwhWGgtiiP7tj10jjCwn8dYzT8Nu+Pqdy
+RRvG3F3MIRDmR9hWXGFjZ/X67SS+FCQ6JQhTgqJ1N7NX+ZvbHq9Mn5KA67W/UoS6
+qzrX4Buf6VkRoJKk0mAjucgFHAvuGDKZesdiWYxXmyG1rLXKdAORCW9It2Azfb2k
+xcFKmZLtprTb4ZMQKKZl0rP5w5pabvOdBcGgRUaTe8rR2c91MLcPvLFvSQdjWDCV
+DnnmdvAK/eLBc6s7bKGMoDfKkJk6gq1rBexAXnKQ6jfovwRFoGsnREsS3mhB5aOA
+k8f2U096KhMQeaP5bj3SXpN3i7B/ZCmfjx/F0P8CMa68D6jFi+zx7UCqDAYNwxJZ
+ci/srY6k/ccBh7cuvQTlW92OSBm2KTR+iDN7pQBjYRSCy2T2Tp8SFh40yAbQGuLW
+HCZc+wpNUfghZJZIt0IXttRgKvsqsxyJO/pEDBefUrGovFuyS0k/3BTnN6+Rffrm
+cBJ1tilSjJPf13IuNPcF
+=Zb8T
+-----END PGP SIGNATURE-----
diff --git a/python-Django.changes b/python-Django.changes
index 1b08f8c..c452b8a 100644
--- a/python-Django.changes
+++ b/python-Django.changes
@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Mon Mar 19 07:09:53 UTC 2018 - tbechtold@suse.com
+
+- update to 2.0.3 (bsc#1083305, bsc#1083304, CVE-2018-7536, CVE-2018-7537):
+  * Fixed #29108 -- Fixed crash in aggregation of distinct+ordered+sliced querysets.
+  * Added CVE-2018-6188 to the security release archive.
+  * Post-release version bump.
+  * Updated translations from Transifex
+  * Added stub release notes for security releases.
+  * Fixed incorrect regex in re_path() example.
+  * Fixed #29125 -- Made Q.deconstruct() deterministic with multiple keyword arguments.
+  * Fixed #29126 -- Doc'd the behavior of QuerySet.update_or_create() with manually specified pks.
+  * Used a CSS positioning in tutorial 6 that doesn't differ across browsers.
+  * Fixed typo in bulk_create() documentation.
+  * Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string.
+  * Removed blank lines per isort 4.3.0.
+  * Added stub release notes for 2.0.3.
+  * Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
+  * Fixed #29172 -- Fixed crash with Window expression in a subquery.
+  * Fixed #29166 -- Fixed crash in When() expression with a list argument.
+  * Fixed #24270 -- Doc'd that django_bash_completion is only in the source distribution.
+  * Improved clarity of docs/topics/install.txt.
+  * Refs #29125 -- Made Q.deconstruct() omit 'query_utils' in the path and _connector='AND' since it's a default value.
+  * Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
+  * Bumped version for 2.0.3 release.
+  * Corrected doc'd type of some parameters from string to str.
+  * Fixed #29146 -- Readded ^ and $ inadvertently removed from re_path() examples.
+  * Fixed #29107 -- Doc'd that ModelForm doesn't actually inherit from Form.
+  * Switched test requirement to new psycopg2-binary package.
+  * Added backticks around obj argument in admin docs.
+  * Fixed typo in docs/topics/forms/media.txt.
+  * Fixed #29109 -- Fixed the admin time picker widget for the Thai locale.
+  * Fixed #29118 -- Fixed crash with QuerySet.order_by(Exists(...)).
+
 -------------------------------------------------------------------
 Wed Feb  7 13:54:36 UTC 2018 - tbechtold@suse.com
 
diff --git a/python-Django.spec b/python-Django.spec
index 1fe3d27..b8b870b 100644
--- a/python-Django.spec
+++ b/python-Django.spec
@@ -19,7 +19,7 @@
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %define skip_python2 1
 Name:           python-Django
-Version:        2.0.2
+Version:        2.0.3
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause