Hello community, here is the log from the commit of package python-django for openSUSE:Factory checked in at 2012-10-23 19:45:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-django (Old) and /work/SRC/openSUSE:Factory/.python-django.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-django", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/python-django/python-django.changes 2012-09-14 12:34:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python-django.new/python-django.changes 2012-10-23 19:45:08.000000000 +0200 @@ -1,0 +2,14 @@ +Sat Oct 20 13:41:10 UTC 2012 - [email protected] + +- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin + +------------------------------------------------------------------- +Wed Oct 17 22:51:36 UTC 2012 - [email protected] + +- Update to 1.4.2: + - Security release: + - Host header poisoning + - Please check release notes for details: + https://www.djangoproject.com/weblog/2012/oct/17/security + +------------------------------------------------------------------- Old: ---- Django-1.4.1.tar.bz2 New: ---- Django-1.4.2.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-django.spec ++++++ --- /var/tmp/diff_new_pack.3A5JT1/_old 2012-10-23 19:45:18.000000000 +0200 +++ /var/tmp/diff_new_pack.3A5JT1/_new 2012-10-23 19:45:18.000000000 +0200 @@ -17,7 +17,7 @@ Name: python-django -Version: 1.4.1 +Version: 1.4.2 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause @@ -47,7 +47,7 @@ %prep %setup -q -n Django-%{version} %patch1 -%patch2 -p1 +%patch2 %build python setup.py build @@ -55,11 +55,12 @@ %install python setup.py install --prefix=%{_prefix} --root=%{buildroot} install -D -m 0755 extras/django_bash_completion %{buildroot}%{_sysconfdir}/bash_completion.d/django_bash_completion.sh +ln -s %{_bindir}/django-admin.py %{buildroot}%{_bindir}/django-admin %files %defattr(-,root,root,-) %doc AUTHORS LICENSE README -%{_bindir}/django-admin.py +%{_bindir}/django-admin* %{python_sitelib}/* %{_sysconfdir}/bash_completion.d/django_bash_completion.sh ++++++ Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch ++++++ --- /var/tmp/diff_new_pack.3A5JT1/_old 2012-10-23 19:45:18.000000000 +0200 +++ /var/tmp/diff_new_pack.3A5JT1/_new 2012-10-23 19:45:18.000000000 +0200 @@ -1,8 +1,8 @@ -diff --git a/django/conf/global_settings.py b/django/conf/global_settings.py -index 4711baa..244d1f2 100644 ---- a/django/conf/global_settings.py -+++ b/django/conf/global_settings.py -@@ -531,6 +531,7 @@ CSRF_COOKIE_NAME = 'csrftoken' +Index: django/conf/global_settings.py +=================================================================== +--- django/conf/global_settings.py.orig ++++ django/conf/global_settings.py +@@ -535,6 +535,7 @@ CSRF_COOKIE_NAME = 'csrftoken' CSRF_COOKIE_DOMAIN = None CSRF_COOKIE_PATH = '/' CSRF_COOKIE_SECURE = False @@ -10,10 +10,10 @@ ############ # MESSAGES # -diff --git a/django/middleware/csrf.py b/django/middleware/csrf.py -index fd8ff30..f977263 100644 ---- a/django/middleware/csrf.py -+++ b/django/middleware/csrf.py +Index: django/middleware/csrf.py +=================================================================== +--- django/middleware/csrf.py.orig ++++ django/middleware/csrf.py @@ -208,7 +208,8 @@ class CsrfViewMiddleware(object): max_age = 60 * 60 * 24 * 7 * 52, domain=settings.CSRF_COOKIE_DOMAIN, @@ -24,11 +24,11 @@ ) # Content varies with the CSRF cookie, so set the Vary header. patch_vary_headers(response, ('Cookie',)) -diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt -index 0ff9bd1..74584ad 100644 ---- a/docs/ref/contrib/csrf.txt -+++ b/docs/ref/contrib/csrf.txt -@@ -482,6 +482,17 @@ Whether to use a secure cookie for the CSRF cookie. If this is set to ``True``, +Index: docs/ref/contrib/csrf.txt +=================================================================== +--- docs/ref/contrib/csrf.txt.orig ++++ docs/ref/contrib/csrf.txt +@@ -543,6 +543,17 @@ Whether to use a secure cookie for the C the cookie will be marked as "secure," which means browsers may ensure that the cookie is only sent under an HTTPS connection. @@ -46,11 +46,11 @@ CSRF_FAILURE_VIEW ----------------- -diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt -index a1b76f6..56f5ddf 100644 ---- a/docs/ref/settings.txt -+++ b/docs/ref/settings.txt -@@ -362,6 +362,19 @@ Whether to use a secure cookie for the CSRF cookie. If this is set to ``True``, +Index: docs/ref/settings.txt +=================================================================== +--- docs/ref/settings.txt.orig ++++ docs/ref/settings.txt +@@ -362,6 +362,19 @@ Whether to use a secure cookie for the C the cookie will be marked as "secure," which means browsers may ensure that the cookie is only sent under an HTTPS connection. @@ -70,11 +70,11 @@ .. setting:: CSRF_FAILURE_VIEW CSRF_FAILURE_VIEW -diff --git a/tests/regressiontests/csrf_tests/tests.py b/tests/regressiontests/csrf_tests/tests.py -index 2d9b4f7..093d127 100644 ---- a/tests/regressiontests/csrf_tests/tests.py -+++ b/tests/regressiontests/csrf_tests/tests.py -@@ -100,7 +100,8 @@ class CsrfViewMiddlewareTest(TestCase): +Index: tests/regressiontests/csrf_tests/tests.py +=================================================================== +--- tests/regressiontests/csrf_tests/tests.py.orig ++++ tests/regressiontests/csrf_tests/tests.py +@@ -101,7 +101,8 @@ class CsrfViewMiddlewareTest(TestCase): with self.settings(CSRF_COOKIE_NAME='myname', CSRF_COOKIE_DOMAIN='.example.com', CSRF_COOKIE_PATH='/test/', @@ -84,7 +84,7 @@ # token_view calls get_token() indirectly CsrfViewMiddleware().process_view(req, token_view, (), {}) resp = token_view(req) -@@ -109,6 +110,7 @@ class CsrfViewMiddlewareTest(TestCase): +@@ -110,6 +111,7 @@ class CsrfViewMiddlewareTest(TestCase): self.assertNotEqual(csrf_cookie, False) self.assertEqual(csrf_cookie['domain'], '.example.com') self.assertEqual(csrf_cookie['secure'], True) ++++++ Django-1.4.1.tar.bz2 -> Django-1.4.2.tar.bz2 ++++++ ++++ 4387 lines of diff (skipped) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
