python-Django

2 Commits 2 Branches 0 Tags

Author	SHA256	Message	Date
Markéta Machová	8d6af13dc7	- Update to 5.1.1 (CVE-2024-45230, bsc#1229823, CVE-2024-45231, bsc#1229824) * Fixed a regression in Django 5.1 that caused a crash of Window() when passing an empty sequence to the order_by parameter, and a crash of Prefetch() for a sliced queryset without ordering * Fixed a regression in Django 5.1 where a new usable_password field was included in BaseUserCreationForm (and children). * Adjusted the deprecation warning stacklevel in Model.save() and Model.asave() to correctly point to the offending call site * Adjusted the deprecation warning stacklevel when using OS_OPEN_FLAGS in FileSystemStorage to correctly point to the offending call site * Adjusted the deprecation warning stacklevel in FieldCacheMixin.get_cache_name() to correctly point to the offending call site * Restored, following a regression in Django 5.1, the ability to override the timezone and role setting behavior used within the init_connection_state method of the PostgreSQL backend * Fixed a bug in Django 5.1 where variable lookup errors were logged when rendering admin fieldsets OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=178	2024-09-04 07:53:21 +00:00
Alberto Planas Dominguez	9989555d48	- Update to 5.1.1 * CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() * CVE-2024-45231: Potential user email enumeration via response status on password reset * Fixed a regression in Django 5.1 that caused a crash of Window() when passing an empty sequence to the order_by parameter, and a crash of Prefetch() for a sliced queryset without ordering * Fixed a regression in Django 5.1 where a new usable_password field was included in BaseUserCreationForm (and children). A new AdminUserCreationForm including this field was added, isolating the feature to the admin where it was intended * Adjusted the deprecation warning stacklevel in Model.save() and Model.asave() to correctly point to the offending call site * Adjusted the deprecation warning stacklevel when using OS_OPEN_FLAGS in FileSystemStorage to correctly point to the offending call site * Adjusted the deprecation warning stacklevel in FieldCacheMixin.get_cache_name() to correctly point to the offending call site * Restored, following a regression in Django 5.1, the ability to override the timezone and role setting behavior used within the init_connection_state method of the PostgreSQL backend * Fixed a bug in Django 5.1 where variable lookup errors were logged when rendering admin fieldsets OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=177	2024-09-04 07:52:11 +00:00

Author

SHA256

Message

Date

Markéta Machová

8d6af13dc7

- Update to 5.1.1 (CVE-2024-45230, bsc#1229823, CVE-2024-45231, bsc#1229824)

* Fixed a regression in Django 5.1 that caused a crash of Window() when 
    passing an empty sequence to the order_by parameter, and a crash of 
    Prefetch() for a sliced queryset without ordering
  * Fixed a regression in Django 5.1 where a new usable_password field was 
    included in BaseUserCreationForm (and children).
  * Adjusted the deprecation warning stacklevel in Model.save() and 
    Model.asave() to correctly point to the offending call site
  * Adjusted the deprecation warning stacklevel when using OS_OPEN_FLAGS 
    in FileSystemStorage to correctly point to the offending call site
  * Adjusted the deprecation warning stacklevel in FieldCacheMixin.get_cache_name() 
    to correctly point to the offending call site
  * Restored, following a regression in Django 5.1, the ability to 
    override the timezone and role setting behavior used within the 
    init_connection_state method of the PostgreSQL backend
  * Fixed a bug in Django 5.1 where variable lookup errors were logged 
    when rendering admin fieldsets

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=178

2024-09-04 07:53:21 +00:00

Alberto Planas Dominguez

9989555d48

- Update to 5.1.1

* CVE-2024-45230: Potential denial-of-service vulnerability in
    django.utils.html.urlize()
  * CVE-2024-45231: Potential user email enumeration via response
    status on password reset
  * Fixed a regression in Django 5.1 that caused a crash of Window()
    when passing an empty sequence to the order_by parameter, and a
    crash of Prefetch() for a sliced queryset without ordering
  * Fixed a regression in Django 5.1 where a new usable_password field
    was included in BaseUserCreationForm (and children). A new
    AdminUserCreationForm including this field was added, isolating
    the feature to the admin where it was intended
  * Adjusted the deprecation warning stacklevel in Model.save() and
    Model.asave() to correctly point to the offending call site
  * Adjusted the deprecation warning stacklevel when using
    OS_OPEN_FLAGS in FileSystemStorage to correctly point to the
    offending call site
  * Adjusted the deprecation warning stacklevel in
    FieldCacheMixin.get_cache_name() to correctly point to the
    offending call site
  * Restored, following a regression in Django 5.1, the ability to
    override the timezone and role setting behavior used within the
    init_connection_state method of the PostgreSQL backend
  * Fixed a bug in Django 5.1 where variable lookup errors were logged
    when rendering admin fieldsets

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=177

2024-09-04 07:52:11 +00:00