Accepting request 237595 from devel:languages:python

1 OBS-URL: https://build.opensuse.org/request/show/237595 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=4
2014-06-17 09:23:06 +00:00 · 2014-06-17 09:23:06 +00:00 · ac52a6d205
commit ac52a6d205
parent 6ecbf27e18
4 changed files with 15 additions and 4 deletions
--- a/Django-1.6.2.tar.gz
+++ b/Django-1.6.2.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d1b3f8460e936f47846e7c4f80af951eda82a41c253c3a51ff3389863ff1c03a
-size 6615116
--- a/Django-1.6.5.tar.gz
+++ b/Django-1.6.5.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:36940268c087fede32d3f5887cce9af9e5d27962a0c405aacafc2a3cc1f755c5
+size 6633768
--- a/python-Django.changes
+++ b/python-Django.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz
+
+- Update to version 1.6.5, sercurity and important changes:
+  + Unexpected code execution using reverse()
+  + Caching of anonymous pages could reveal CSRF token
+  + MySQL typecasting
+  + select_for_update() requires a transaction
+  + Issue: Caches may incorrectly be allowed to store and serve private data
+  + Issue: Malformed redirect URLs from user input not correctly validated
+
 -------------------------------------------------------------------
 Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com

--- a/python-Django.spec
+++ b/python-Django.spec
@ -17,7 +17,7 @@


 Name:           python-Django
-Version:        1.6.2
+Version:        1.6.5
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause