diff --git a/Django-1.11.4.tar.gz b/Django-1.11.4.tar.gz deleted file mode 100644 index 849ee84..0000000 --- a/Django-1.11.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:abe86e67dda9897a1536a727ed57dbefb5a42b41943be3b116fe3edab4c07bb2 -size 7870752 diff --git a/Django-1.11.4.tar.gz.asc b/Django-1.11.4.tar.gz.asc deleted file mode 100644 index 94b843e..0000000 --- a/Django-1.11.4.tar.gz.asc +++ /dev/null @@ -1,63 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -This file contains MD5, SHA1, and SHA256 checksums for the source-code -tarball and wheel files of Django 1.11.4, released August 1, 2017. - -To use this file, you will need a working install of PGP or other -compatible public-key encryption software. You will also need to have -the Django release manager's public key in your keyring; this key has -the ID ``1E8ABDC773EDE252`` and can be imported from the MIT -keyserver. For example, if using the open-source GNU Privacy Guard -implementation of PGP: - - gpg --keyserver pgp.mit.edu --recv-key 1E8ABDC773EDE252 - -Once the key is imported, verify this file:: - - gpg --verify <> - -Once you have verified this file, you can use normal MD5, SHA1, or SHA256 -checksumming applications to generate the checksums of the Django -package and compare them to the checksums listed below. - -Release packages: -================= - -https://www.djangoproject.com/m/releases/1.11/Django-1.11.4-py2.py3-none-any.whl -https://www.djangoproject.com/m/releases/1.11/Django-1.11.4.tar.gz - -MD5 checksums -============= - -71cf96f790b1e729c8c1a95304971341 Django-1.11.4-py2.py3-none-any.whl -c851d892cd5ad3a90808703c4f36e3fe Django-1.11.4.tar.gz - -SHA1 checksums -============== - -fdd097a7bd8dc9bb065caedf3badd1d31ed3efcb Django-1.11.4-py2.py3-none-any.whl -2fd515ec779ab9bced0f96d92a22de9b726beadf Django-1.11.4.tar.gz - -SHA256 checksums -================ - -6fd30e05dc9af265f7d7d10cfb0efa013e6236db0853c9f47c74c585587c5a57 Django-1.11.4-py2.py3-none-any.whl -abe86e67dda9897a1536a727ed57dbefb5a42b41943be3b116fe3edab4c07bb2 Django-1.11.4.tar.gz ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQIcBAEBCAAGBQJZgHIpAAoJEB6Kvcdz7eJSjIwP/1L0rFeilByW9gTv4tXJHQbM -t+KGd6lfrNGzWOJDORAGbyBj7kO+jzeeLmH2ibqCq+wwIfvyeGDmkToEfK2O2V3g -WXF1CTku1D6MvMAd+s94JzvlBKa4NxZrvZpP7rRem+PjjUyNH9RC0l0dffsH10sp -A+5xeAv6nShdlOg7dcbE8iroiKoqqKezO4xkvpr1vAg9IaxZo4tdIfg5ZqOkdvI+ -Fy1iEoVYmeATgIvpDCzjcdxQZ1nlta88HRXqvr0TWsQT3bFNM8bm6C1CIoLHLXKQ -THT7Gi3SAc5JUVijqwzScsXLMMb95EKYutXIn+p7hH2840zQ63V6hQV8T2GG6SMp -usLz+h+TUxWOffS3Rt30Y3+Ofii6wC/cnYBY4WwuR9JqRIdWfPKJJ85mZBS3Mqy0 -DIvWrtAOWcQW25JDV5UWJmrgasg0xXvGOYblOnFAYdJ2VPJBr+N6YDond2xZ0MR5 -Wq8Y0NALeQAHndQaUSdMDPJyhw+bhW/bQgSbSWTGEyJcJxpywd7BtNrf5xBP1LWo -l+2YnyEW25uOhR7UgpAgLjxTDaZUfFuUnWkGUd8xmxGxMPU+gTVMYFEkWweEFGZx -jyaxb1QGypYmrJ5dFNbj98CP3r0aUzKRSHVazXinTOsh/jnhkrD/2tbkQpTn3wIf -RspXvTG/kZn9uuHh5vdt -=saI9 ------END PGP SIGNATURE----- diff --git a/Django-1.11.5.tar.gz b/Django-1.11.5.tar.gz new file mode 100644 index 0000000..c42b4b6 --- /dev/null +++ b/Django-1.11.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1836878162dfdf865492bacfdff0321e4ee8f1e7d51d93192546000b54982b29 +size 7875054 diff --git a/Django-1.11.5.tar.gz.asc b/Django-1.11.5.tar.gz.asc new file mode 100644 index 0000000..2862c9a --- /dev/null +++ b/Django-1.11.5.tar.gz.asc @@ -0,0 +1,63 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +This file contains MD5, SHA1, and SHA256 checksums for the source-code +tarball and wheel files of Django 1.11.5, released September 5, 2017. + +To use this file, you will need a working install of PGP or other +compatible public-key encryption software. You will also need to have +the Django release manager's public key in your keyring; this key has +the ID ``1E8ABDC773EDE252`` and can be imported from the MIT +keyserver. For example, if using the open-source GNU Privacy Guard +implementation of PGP: + + gpg --keyserver pgp.mit.edu --recv-key 1E8ABDC773EDE252 + +Once the key is imported, verify this file:: + + gpg --verify <> + +Once you have verified this file, you can use normal MD5, SHA1, or SHA256 +checksumming applications to generate the checksums of the Django +package and compare them to the checksums listed below. + +Release packages: +================= + +https://www.djangoproject.com/m/releases/1.11/Django-1.11.5-py2.py3-none-any.whl +https://www.djangoproject.com/m/releases/1.11/Django-1.11.5.tar.gz + +MD5 checksums +============= + +6380d5fb6ede4847dc186a09ccc7b538 Django-1.11.5-py2.py3-none-any.whl +8cef0d42aabacbc414ec4fbbb6056f3c Django-1.11.5.tar.gz + +SHA1 checksums +============== + +e0e7626da2a21c04b016757a6d4164d129f00d39 Django-1.11.5-py2.py3-none-any.whl +c16f8090c2251ff03e041afda77264474777a2d7 Django-1.11.5.tar.gz + +SHA256 checksums +================ + +89162f70a74aac62a53f975128faba6099a7ef2c9d8140a41ae9d6210bda05cd Django-1.11.5-py2.py3-none-any.whl +1836878162dfdf865492bacfdff0321e4ee8f1e7d51d93192546000b54982b29 Django-1.11.5.tar.gz +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQIcBAEBCAAGBQJZrr75AAoJEB6Kvcdz7eJSrRwQAI9OtHOn49wSz0e3p/Tw50Z0 +oJM6Lrub8QZu7SV7JoWqzVsm1Yd3xXpFWEk625Npn7oEQ31zJcCyMUhjsmd1zlGE +iYkuVzqUfvlxzhdijkDL43DFZADb1L8BgSO0qGqYLq3OYMRYpynKa6C3syifRTqt +qXCprPNF184cpd0pHhgGqSkxZAUuK5G92XgeISkATvnDKITW4IUfN8cA0/FOUHC6 +3nuEFRi/rV8tz8rE7WBDt3zE6VwcNH4gpy1nLAkhPEnok53KIljodwjnO4hSsNAe +6cCD9r4TdXfZXlUAtKYxfV6Gyee8otE0tB3tjg6nfpuYRuvcH0rup2MhdEDXiwZJ +OArDiz0YOkKBX3tMh9coWujwnsWVOt+MgUccBCwwmxQZWz+UbHzpdncVsG2Ot8tY +VCorJybxO6AXsOxyGtJUhjhyYRpr9tUv64WAdgwe+I+Y7kzuyNatpb4slQCQvlzy +FHbJ64ezsGz0c7GATcYL6TUO2nPsx8772xQi8vZD48Qaj6+bKkIY06cOjOCC029Q +yNG4PAf1SC3v1pYlZkalcyEpzEdYxsm+uTMmfQK8ri1NerFE9BnEFpX6pEZdvyRT +QogOfL67xScggiOT/6/zHqjRfSZm5F3vPBOujaX4oUhA+GVYZ1dfKZ+jLV2gSi5V +lU+oNCp30YpaDSa6mdBY +=Smso +-----END PGP SIGNATURE----- diff --git a/python-Django.changes b/python-Django.changes index 0f38aaa..12731f1 100644 --- a/python-Django.changes +++ b/python-Django.changes @@ -1,3 +1,36 @@ +------------------------------------------------------------------- +Wed Sep 20 21:53:53 UTC 2017 - toddrme2178@gmail.com + +- update to version 1.11.5 + * CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page + * Fixed GEOS version parsing if the version has a commit hash at the end (new + in GEOS 3.6.2) (:ticket:`28441`). + * Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`). + * Fixed select widget rendering when option values are tuples (:ticket:`28502`). + * Django 1.11 inadvertently changed the sequence and trigger naming scheme on + Oracle. This causes errors on INSERTs for some tables if + ``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``. + The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily + requires an update to Oracle tables created with Django 1.11.[1-4]. Use the + upgrade script in :ticket:`28451` comment 8 to update sequence and trigger + names to use the pre-1.11 naming scheme. + * Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). + * Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None`` + (:ticket:`25809`). + * Fixed a regression where ``SelectDateWidget`` localized the years in the + select box (:ticket:`28530`). + * Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode + system encodings on Python 2 + Windows (:ticket:`28487`). + * Fixed a regression in Django 1.10 where changes to a ``ManyToManyField`` + weren't logged in the admin change history (:ticket:`27998`) and prevented + ``ManyToManyField`` initial data in model forms from being affected by + subsequent model changes (:ticket:`28543`). + * Fixed non-deterministic results or an ``AssertionError`` crash in some + queries with multiple joins (:ticket:`26522`). + * Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views + where they ignored positional arguments (:ticket:`28550`). + ------------------------------------------------------------------- Thu Aug 10 12:51:56 UTC 2017 - tbechtold@suse.com @@ -488,7 +521,7 @@ Wed Jan 27 15:25:25 UTC 2016 - aplanas@suse.com ------------------------------------------------------------------- Wed Dec 2 15:14:05 UTC 2015 - aplanas@suse.com -- update to 1.9 +- update to 1.9 (CVE-2016-7401, CVE-2015-8213) * https://docs.djangoproject.com/en/1.9/releases/1.9/ * Performing actions after a transaction commit * Password validation diff --git a/python-Django.spec b/python-Django.spec index 63c7a41..ddd3817 100644 --- a/python-Django.spec +++ b/python-Django.spec @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %define oldpython python Name: python-Django -Version: 1.11.4 +Version: 1.11.5 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause @@ -79,9 +79,10 @@ echo "`grep -e '^[0-9a-f]\{64\} Django-%{version}.tar.gz' %{SOURCE1} | cut -c1- %{python_expand install -D -m 0644 extras/django_bash_completion %{buildroot}%{_sysconfdir}/bash_completion.d/django_bash_completion-%{$python_bin_suffix}.sh pushd %{buildroot}%{$python_sitelib} +chmod a-x django/contrib/admin/static/admin/js/vendor/xregexp/xregexp.js # Fix wrong-script-interpreter -sed -i "s|#!/usr/bin/env python|#!%__$python|" django/bin/django-admin.py -sed -i "s|#!/usr/bin/env python|#!%__$python|" django/conf/project_template/manage.py-tpl +sed -i "s|^#!/usr/bin/env python$|#!%{__$python}|" django/bin/django-admin.py +sed -i "s|^#!/usr/bin/env python$|#!%{__$python}|" django/conf/project_template/manage.py-tpl %fdupes . # Deduplicating files can generate a RPMLINT warning for pyc mtime $python -m compileall -d %{$python_sitelib} django/bin/ @@ -92,6 +93,7 @@ $python -m compileall -d %{$python_sitelib} django/conf/locale/ $python -O -m compileall -d %{$python_sitelib} django/conf/locale/ $python -m compileall -d %{$python_sitelib} django/conf/locale/ru/ $python -O -m compileall -d %{$python_sitelib} django/conf/locale/ru/ +%fdupes django/bin/ popd }