forked from pool/python-Django
Ana Guerrero
aa9f2197a0
- Update to 5.1.1 (bsc#1229823, bsc#1229824)
* CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize()
* CVE-2024-45231: Potential user email enumeration via response
status on password reset
* Fixed a regression in Django 5.1 that caused a crash of Window()
when passing an empty sequence to the order_by parameter, and a
crash of Prefetch() for a sliced queryset without ordering
* Fixed a regression in Django 5.1 where a new usable_password field
was included in BaseUserCreationForm (and children). A new
AdminUserCreationForm including this field was added, isolating
the feature to the admin where it was intended
* Adjusted the deprecation warning stacklevel in Model.save() and
Model.asave() to correctly point to the offending call site
* Adjusted the deprecation warning stacklevel when using
OS_OPEN_FLAGS in FileSystemStorage to correctly point to the
offending call site
* Adjusted the deprecation warning stacklevel in
FieldCacheMixin.get_cache_name() to correctly point to the
offending call site
* Restored, following a regression in Django 5.1, the ability to
override the timezone and role setting behavior used within the
init_connection_state method of the PostgreSQL backend
* Fixed a bug in Django 5.1 where variable lookup errors were logged
when rendering admin fieldsets
OBS-URL: https://build.opensuse.org/request/show/1198700
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=122