diff --git a/32bit.patch b/32bit.patch deleted file mode 100644 index 1f2ec89..0000000 --- a/32bit.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f12162107327b88a2f1faaab15d048e2535ec642 Mon Sep 17 00:00:00 2001 -From: Hasan Ramezani -Date: Wed, 29 Apr 2020 23:22:41 +0200 -Subject: [PATCH] Fixed #31521 -- Skipped test_parsing_rfc850 test on 32-bit - systems. - ---- - tests/utils_tests/test_http.py | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/tests/utils_tests/test_http.py b/tests/utils_tests/test_http.py -index ed6824429d51..aa9f194a8a53 100644 ---- a/tests/utils_tests/test_http.py -+++ b/tests/utils_tests/test_http.py -@@ -1,3 +1,4 @@ -+import platform - import unittest - from datetime import datetime - from unittest import mock -@@ -317,6 +318,7 @@ def test_parsing_rfc1123(self): - parsed = parse_http_date('Sun, 06 Nov 1994 08:49:37 GMT') - self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37)) - -+ @unittest.skipIf(platform.architecture()[0] == '32bit', 'The Year 2038 problem.') - @mock.patch('django.utils.http.datetime.datetime') - def test_parsing_rfc850(self, mocked_datetime): - mocked_datetime.side_effect = datetime diff --git a/Django-3.0.5.tar.gz b/Django-3.0.5.tar.gz deleted file mode 100644 index 6490055..0000000 --- a/Django-3.0.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d4666c2edefa38c5ede0ec1655424c56dc47ceb04b6d8d62a7eac09db89545c1 -size 8943850 diff --git a/Django-3.0.5.tar.gz.asc b/Django-3.0.5.tar.gz.asc deleted file mode 100644 index 504e1be..0000000 --- a/Django-3.0.5.tar.gz.asc +++ /dev/null @@ -1,62 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -This file contains MD5, SHA1, and SHA256 checksums for the source-code -tarball and wheel files of Django 3.0.5, released April 1, 2020. - -To use this file, you will need a working install of PGP or other -compatible public-key encryption software. You will also need to have -the Django release manager's public key in your keyring; this key has -the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT -keyserver. For example, if using the open-source GNU Privacy Guard -implementation of PGP: - - gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 - -Once the key is imported, verify this file:: - - gpg --verify <> - -Once you have verified this file, you can use normal MD5, SHA1, or SHA256 -checksumming applications to generate the checksums of the Django -package and compare them to the checksums listed below. - -Release packages: -================= - -https://www.djangoproject.com/m/releases/3.0/Django-3.0.5.tar.gz -https://www.djangoproject.com/m/releases/3.0/Django-3.0.5-py3-none-any.whl - -MD5 checksums -============= - -592912b4d708ef45e6cc85b44a24fcc2 Django-3.0.5.tar.gz -d9ef2b8c88dae4b65b789c6821c36114 Django-3.0.5-py3-none-any.whl - -SHA1 checksums -============== - -89094ee833129ece09dc27d2e59cc61462733d4a Django-3.0.5.tar.gz -0ed097747564888d42e94bb2b1fbada6216b7236 Django-3.0.5-py3-none-any.whl - -SHA256 checksums -================ - -d4666c2edefa38c5ede0ec1655424c56dc47ceb04b6d8d62a7eac09db89545c1 Django-3.0.5.tar.gz -642d8eceab321ca743ae71e0f985ff8fdca59f07aab3a9fb362c617d23e33a76 Django-3.0.5-py3-none-any.whl ------BEGIN PGP SIGNATURE----- - -iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl6ESAYACgkQ4X31yCtP -nQC0rxAAifyGMFDcaG7opGljMsBLzGbYJNVthOM2VGdDIcrGooyX1E9ilft/RJRS -vQngq5C8mHsEfKJJKPztTevtbxRSRqZBn2sb+foGnzKDFJXWJ+RUosBencKPBQ6d -aJtu5D2NMobKrvp/jkHWsU/FGLmcWxF/CsTeomR+deYFAk6Lp6HhDeGmENK2t7WI -SFMApIecOJ6Qg8nPcq9GCSWJhDXJjZnkwLeel4D3erKzxw7O+/FBIgiz58YklQpj -CCTJQTO5aOsDJH8Nb1qcclMsjU2aq6HwQreu1wde0KuTTGqp7GNjbXW6Dag+gEwc -NBrQrLb/7jGRaXO6+0NMvzXr+52O30nRzgtjSiqPRS/onpsMytG0B0F9DuxTjBdZ -a5Iamtutjik3ncq36szXAU6QfYqiZSlWCcrvYlzNlAP3tHarvgiNC4+diDKCqHVp -3aI9WAjI8ycQzHGTwvubP7PsrJ1aqHEjVT5MUj/9+EFJIREfbfr7n/6Psx040ZCG -DH+gG77xA4FHsIiD+GQF3rKuO0FBX8XDzt67ZYAbKh6J80bDCOJCzArGvbv7z0H1 -AyLdLCLzkQz2WpFkFKxwy4kc8E7IUOIB5kB+xEpA2zjhSLsPmidkGyygsGYVNq1w -VLplygxTltPnuMasPpHdYRYgozMP7k5vlAN/tjNMUxN1A5DHR6Q= -=UCTY ------END PGP SIGNATURE----- diff --git a/Django-3.0.7.tar.gz b/Django-3.0.7.tar.gz new file mode 100644 index 0000000..d3b2f56 --- /dev/null +++ b/Django-3.0.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5052b34b34b3425233c682e0e11d658fd6efd587d11335a0203d827224ada8f2 +size 8947502 diff --git a/Django-3.0.7.tar.gz.asc b/Django-3.0.7.tar.gz.asc new file mode 100644 index 0000000..7686907 --- /dev/null +++ b/Django-3.0.7.tar.gz.asc @@ -0,0 +1,62 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 3.0.7, released June 3, 2020. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring; this key has +the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT +keyserver. For example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 + +Once the key is imported, verify this file:: + + gpg --verify <> + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages: +================= + +https://www.djangoproject.com/m/releases/3.0/Django-3.0.7-py3-none-any.whl +https://www.djangoproject.com/m/releases/3.0/Django-3.0.7.tar.gz + +MD5 checksums +============= + +fbe615d79cebdd75bb057b729e6f1224 Django-3.0.7-py3-none-any.whl +c3ac98d5503c671d316cf78ded3c9809 Django-3.0.7.tar.gz + +SHA1 checksums +============== + +ab0642b1b00c6c0f8410f0705e9f4230a69fb0c9 Django-3.0.7-py3-none-any.whl +71938dec22f3f6adae6f3edac6a288fee69def24 Django-3.0.7.tar.gz + +SHA256 checksums +================ + +e1630333248c9b3d4e38f02093a26f1e07b271ca896d73097457996e0fae12e8 Django-3.0.7-py3-none-any.whl +5052b34b34b3425233c682e0e11d658fd6efd587d11335a0203d827224ada8f2 Django-3.0.7.tar.gz +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl7XXlgACgkQ4X31yCtP +nQCPlxAAwj8oU47ooKt/+Cgz6VUyf053O5jI1OwD52CJWV055isXBrTichqZ7ZgB +UEdLpzmoUSBTzdN2q03yKsnBo8USZxs8kqBuHoCDbfIlMVE43pOa3/BtwMsUWA00 +0hzwosS8wURCcOJRYum7py/PxQ2N64s/lUxtaxVHmSc37nYpgmJEjABTf8PlwPTb +Iq0e0sGyJbLNjGB3P9T5B/QAwXswM7KbLfH/9YqiTenyAm1sQ82vTJBSDBM6ywcy +gB918nCrIEbQzRiPwDznPWp85e3Gx7WUdohC5jdW5GPpFbjBQc5lp4pJ0WRqbV7N +NAQKEk5qQ/g0uZB3NIRKPkEm2L6XPslpRtA2LkaDWBMmyeK3x4YpHJqNqNxCw7NS +Ir3M/gAlMqi49zEQw9orJEfavbxs0QLF4CK2SfxH+Fo2r6Vk2neaio2K+gFlg5iX +xdKO/DzZszgLs9QadLDtAtffWm3BWaJLhVWdC+gtghQMDiUm+e/a+APb3ARhkktw +ivzduaT5tEZZg0Nkp6EKWOD8g6SXBQDmSVWp0khjXtfP+GfRXsKeVwfsjPpjybj+ +7HZ1wtBIMlajFZIHEmb5tgowaangdhP/YredZFNmjNCcyHuw8vRXKcA4buLgkPZL +s/eGMnK4WXSip5eTqmxi/WD0x68WULqbUVse4HziuALXLeWtEeE= +=7Lzb +-----END PGP SIGNATURE----- diff --git a/python-Django.changes b/python-Django.changes index 7f50180..ea061c1 100644 --- a/python-Django.changes +++ b/python-Django.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Thu Jun 4 14:35:25 UTC 2020 - Ondřej Súkup + +- update to 3.0.7 +- drop 32bit.patch + * boo#1172167 - CVE-2020-13254: Potential data leakage via malformed + memcached keys + * boo#1172167 - CVE-2020-13596: Possible XSS via admin + ForeignKeyRawIdWidget + * many other bugfixes + ------------------------------------------------------------------- Thu Apr 30 05:14:28 UTC 2020 - Tomáš Chvátal diff --git a/python-Django.spec b/python-Django.spec index 68bd293..5cb279f 100644 --- a/python-Django.spec +++ b/python-Django.spec @@ -23,7 +23,7 @@ %bcond_with memcached Name: python-Django # We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc -Version: 3.0.5 +Version: 3.0.7 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause @@ -35,7 +35,6 @@ Source99: python-Django-rpmlintrc Patch0: i18n_test.patch Patch1: test_clear_site_cache-sort.patch Patch2: fix-selenium-test.patch -Patch3: 32bit.patch BuildRequires: %{python_module Jinja2 >= 2.9.2} BuildRequires: %{python_module Pillow} BuildRequires: %{python_module PyYAML}