Hello community, here is the log from the commit of package python-Django for openSUSE:Factory checked in at 2019-07-21 11:32:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Django (Old) and /work/SRC/openSUSE:Factory/.python-Django.new.4126 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django" Sun Jul 21 11:32:24 2019 rev:53 rq:716616 version:2.2.3 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes 2019-06-05 11:38:17.627085107 +0200 +++ /work/SRC/openSUSE:Factory/.python-Django.new.4126/python-Django.changes 2019-07-21 11:32:25.596796738 +0200 @@ -1,0 +2,6 @@ +Thu Jul 18 17:21:59 UTC 2019 - Tomáš Chvátal <tchva...@suse.com> + +- Update to 2.2.3: + * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶ + +------------------------------------------------------------------- Old: ---- Django-2.2.2.tar.gz Django-2.2.2.tar.gz.asc New: ---- Django-2.2.3.tar.gz Django-2.2.3.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Django.spec ++++++ --- /var/tmp/diff_new_pack.OjMiD6/_old 2019-07-21 11:32:26.064796659 +0200 +++ /var/tmp/diff_new_pack.OjMiD6/_new 2019-07-21 11:32:26.068796658 +0200 @@ -23,7 +23,7 @@ %define skip_python2 1 Name: python-Django # We want support LTS versions of Django - odd numbered 2.2 -> 2.4 -> 2.6 -> 3.0 etc -Version: 2.2.2 +Version: 2.2.3 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause ++++++ Django-2.2.2.tar.gz -> Django-2.2.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Django/Django-2.2.2.tar.gz /work/SRC/openSUSE:Factory/.python-Django.new.4126/Django-2.2.3.tar.gz differ: char 5, line 1 ++++++ Django-2.2.2.tar.gz.asc -> Django-2.2.3.tar.gz.asc ++++++ --- /work/SRC/openSUSE:Factory/python-Django/Django-2.2.2.tar.gz.asc 2019-06-05 11:38:17.611085109 +0200 +++ /work/SRC/openSUSE:Factory/.python-Django.new.4126/Django-2.2.3.tar.gz.asc 2019-07-21 11:32:25.584796740 +0200 @@ -2,16 +2,16 @@ Hash: SHA256 This file contains MD5, SHA1, and SHA256 checksums for the source-code -tarball and wheel files of Django 2.2.2, released June 3, 2019. +tarball and wheel files of Django 2.2.3, released July 1, 2019. To use this file, you will need a working install of PGP or other compatible public-key encryption software. You will also need to have the Django release manager's public key in your keyring; this key has -the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT +the ID ``2EF56372BA48CD1B`` and can be imported from the MIT keyserver. For example, if using the open-source GNU Privacy Guard implementation of PGP: - gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00 + gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B Once the key is imported, verify this file:: @@ -24,39 +24,40 @@ Release packages: ================= -https://www.djangoproject.com/m/releases/2.2/Django-2.2.2.tar.gz -https://www.djangoproject.com/m/releases/2.2/Django-2.2.2-py3-none-any.whl +https://www.djangoproject.com/m/releases/2.2/Django-2.2.3.tar.gz +https://www.djangoproject.com/m/releases/2.2/Django-2.2.3-py3-none-any.whl MD5 checksums ============= -c52b05c2bc4898bd68dc0359347fff69 Django-2.2.2.tar.gz -41fdd9254fcbce92001c6881ba5af68d Django-2.2.2-py3-none-any.whl +f152164e77d38460ee06c42c210d2f57 Django-2.2.3.tar.gz +32c2feb280afee531389ec8fa38f49d8 Django-2.2.3-py3-none-any.whl SHA1 checksums ============== -2d8de20bbc3c2864fb095341ecea8cb095bce7ed Django-2.2.2.tar.gz -3ebc7aee84574513a88d7ae765a532cfbcb88c71 Django-2.2.2-py3-none-any.whl +1d4eca8884b601e8e7dc06705b9644fb579c57f9 Django-2.2.3.tar.gz +eeb00e26dfae7f98a6e188bae71ef243732e9dfe Django-2.2.3-py3-none-any.whl SHA256 checksums ================ -753d30d3eb078064d2ddadfea65083c9848074a7f93d7b4dc7fa6b1380d278f5 Django-2.2.2.tar.gz -7cb67e8b934fab23b6daed7144da52e8a25a47eba7f360ca43d2b448506b01ad Django-2.2.2-py3-none-any.whl +4d23f61b26892bac785f07401bc38cbf8fa4cec993f400e9cd9ddf28fd51c0ea Django-2.2.3.tar.gz +6e974d4b57e3b29e4882b244d40171d6a75202ab8d2402b8e8adbd182e25cf0c Django-2.2.3-py3-none-any.whl -----BEGIN PGP SIGNATURE----- -iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAlz07+wACgkQ4X31yCtP -nQAp9g//QtCzWnDfLOgFMg6yX/ZXN6XPzTfehjq1oMkEfluXwZrrCUPL3vzLkRiL -2ftqmuvYO16qR0XU+U0939fdXkP22ESStuHJR5Ynj9NXbX2DZy39ccH6vEMD/m1p -5nIz7iS6bOcjz3ocJK/gL1LLp5lZ7q6PXkXYNYzRPMQwfbmjG2ZQHAm+6UE4f1dY -CpdMKOHDeCg6abdOsnD8CBXz5HMS2IfJAQThFJ82ZpiIRnXRs2P0dIWsovN+yIdX -EgcGNsrefNQs9/QQ9N//5ee2g1PrxUaHg2bCu5afiiHRfAFTx9StikhHK/hYvt2l -UW+i2zIPWbS3I33YE5uIROyydOHtcL0pAgmw7OkKYLnmn3KYyVaY6uZ+8WVbjFaq -KSrnFu0qsZFr8p32k95BCYHWcAhcZNIlZKgUFB9gtgmAtkheLqqpG4PYV+BwD9Ff -ipBNIzUBNLBXOuaXm4BOuDjNjklycP/trTbK+VbZyKQrNRNPhnccoYT2qWw/zZVS -wpjpZULznMoc1BvMzMMXkDyhB/y7ov92rCcIj/LRzmYNMLyh0jQygO2ej5Ij7V3U -+nLf3I2702KDYB52/KZdtsLXyWfYmYONGJUgq+P67SuV923kftL4WfXOh/3xLpVJ -MPXK+ivBkyVTRRYhkV3Ouh5AN74sJV71Isz/lCCxK7goWwzFg/8= -=QQ53 +iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAl0Zom4bHGZlbGlzaWFr +Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0bZyIP/RaqvtvbI0NmPideK4O1 +juNqk1Np5+3cCJ+xbL1jtenrGnvSC6VwR/nV08ES/PSjJzk2AXi2GPBT7rjunJJA +iGnL9OR9TWAZqH2fMCywL2/EqTqcFJQPxLw5p3FrDfpijPn2G8zYh9F9TpXpnQIX +bfjkLoDjAgS4zSYl8bst0XCCl7E3qU+USJDl93PG4GnSwXLupDpU6jCm0o/x9e5k +sz8wjGsTijRUXRSvyOupMMtf7HiWTDGGUmKO9fXUup7SJXzLvndw9xTfBsj1K3C1 +rGXv4N2ZUBN88O61rcDJSp8fq6y6KhB0U+h6eC+vSZqIq+uKumF7cQW+qid/K7rj +rLtxMKZHK5yBbdzteNXRuQAs0ujcv8hTKRC9H40gixAXJhvMAjZV+8vwWJuRGTDT +OSJFJOPrvZIDtUybr0AkYwJ0EplOplJAB83Auh8DCeGlsBvlFk8vjSV0p+OxNblz +jD4oltjIrs6wJEq5onN7MGBlrcX4ghfYFyEElq0KcfjOi/MH4vUDpP3d7oIc/DoZ +Xq45tcRHmmp6MdAT0HOHoX2ovH9bEMuiqAs27692MRNtfc173tEhg4k37fCzftyH +qcz0xFNfNZaM9AhG2089grStJwn2PnRHAUxBHcqnFMIaiw8J+yJkx/YMqKprv/5C +KVqSZV56G5L0tdJMBq/AAkua +=kD67 -----END PGP SIGNATURE-----