Hello community,
here is the log from the commit of package python-Django1 for
openSUSE:Leap:15.2 checked in at 2020-02-21 23:48:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/python-Django1 (Old)
and /work/SRC/openSUSE:Leap:15.2/.python-Django1.new.26092 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django1"
Fri Feb 21 23:48:33 2020 rev:24 rq:776292 version:1.11.28
Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/python-Django1/python-Django1.changes
2020-01-15 15:45:57.163340849 +0100
+++
/work/SRC/openSUSE:Leap:15.2/.python-Django1.new.26092/python-Django1.changes
2020-02-21 23:48:35.744476347 +0100
@@ -1,0 +2,62 @@
+Tue Feb 4 10:00:42 UTC 2020 - Ondřej Súkup <[email protected]>
+
+- update to 1.11.28
+- drop pyyaml53.patch
+ * fix boo#1161919 (CVE-2020-7471) Potential SQL injection via
StringAgg(delimiter)
+
+-------------------------------------------------------------------
+Wed Jan 15 14:55:09 UTC 2020 - Ondřej Súkup <[email protected]>
+
+- add pyyaml53.patch - fix tests with new PyYAML 5.3
+
+-------------------------------------------------------------------
+Sun Dec 29 11:00:47 UTC 2019 - Ondřej Súkup <[email protected]>
+
+- Update to 1.11.27
+ * CVE-2019-19844: Potential account hijack via password reset form
(bsc#1159447)
+ * Fixed a data loss possibility in SplitArrayField.
+
+-------------------------------------------------------------------
+Fri Nov 15 10:54:06 UTC 2019 - Tomáš Chvátal <[email protected]>
+
+- Update to 1.11.26:
+ * Fixed a crash when using a contains, contained_by, has_key,
+ has_keys, or has_any_keys lookup on JSONField, if the right
+ or left hand side of an expression is a key transform (#30826).
+
+-------------------------------------------------------------------
+Mon Oct 7 13:14:53 UTC 2019 - Tomáš Chvátal <[email protected]>
+
+- Update to 1.11.25:
+ * Fixed a crash when filtering with a Subquery() annotation of
+ a queryset containing JSONField or HStoreField (#30769).
+
+-------------------------------------------------------------------
+Mon Sep 16 10:10:34 UTC 2019 - Tomáš Chvátal <[email protected]>
+
+- Update to 1.11.24:
+ * Fixed crash of KeyTransform() for JSONField and HStoreField when using
+ on expressions with params (#30672).
+
+-------------------------------------------------------------------
+Thu Aug 1 11:15:29 UTC 2019 - Tomáš Chvátal <[email protected]>
+
+- Update to 1.11.23:
+ * CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235
+ bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880
+ * Just security fixes
+
+-------------------------------------------------------------------
+Fri Jul 19 11:56:00 UTC 2019 - Tomáš Chvátal <[email protected]>
+
+- Update to 1.11.22:
+ * CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy
connecting via HTTPS
+
+-------------------------------------------------------------------
+Mon Jun 3 10:30:28 UTC 2019 - Ondřej Súkup <[email protected]>
+
+- update to 1.11.21
+ * fix bnc#1136468 - CVE-2019-12308: AdminURLFieldWidget XSS
+ - drop pyyaml5.patch
+
+-------------------------------------------------------------------
Old:
----
Django-1.11.20.tar.gz
Django-1.11.20.tar.gz.asc
pyyaml5.patch
New:
----
Django-1.11.28.tar.gz
Django-1.11.28.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Django1.spec ++++++
--- /var/tmp/diff_new_pack.5ja1vD/_old 2020-02-21 23:48:36.348477547 +0100
+++ /var/tmp/diff_new_pack.5ja1vD/_new 2020-02-21 23:48:36.348477547 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-Django1
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
%define skip_python3 1
%endif
Name: python-Django1
-Version: 1.11.20
+Version: 1.11.28
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause
@@ -33,7 +33,6 @@
Source2: %{name}.keyring
Source99: python-Django1-rpmlintrc
Patch0: django-sqlite-326.patch
-Patch1: pyyaml5.patch
# PATCH-FIX-OPENSUSE bmwiedemann -- fix tests after 2028 - merged in Django
master only
Patch2: fix2028.patch
BuildRequires: %{python_module Jinja2 >= 2.9.2}
@@ -93,7 +92,6 @@
%setup -q -n Django-%{version}
%patch0 -p1
-%patch1 -p1
%patch2 -p1
%build
++++++ Django-1.11.20.tar.gz -> Django-1.11.28.tar.gz ++++++
/work/SRC/openSUSE:Leap:15.2/python-Django1/Django-1.11.20.tar.gz
/work/SRC/openSUSE:Leap:15.2/.python-Django1.new.26092/Django-1.11.28.tar.gz
differ: char 5, line 1
++++++ Django-1.11.20.tar.gz.asc -> Django-1.11.28.tar.gz.asc ++++++
--- /work/SRC/openSUSE:Leap:15.2/python-Django1/Django-1.11.20.tar.gz.asc
2020-01-15 15:45:57.063340792 +0100
+++
/work/SRC/openSUSE:Leap:15.2/.python-Django1.new.26092/Django-1.11.28.tar.gz.asc
2020-02-21 23:48:35.676476211 +0100
@@ -2,7 +2,7 @@
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 1.11.20, released February 11, 2019.
+tarball and wheel files of Django 1.11.28, released February 3, 2020.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
@@ -24,39 +24,39 @@
Release packages:
=================
-https://www.djangoproject.com/m/releases/1.11/Django-1.11.20.tar.gz
-https://www.djangoproject.com/m/releases/1.11/Django-1.11.20-py2.py3-none-any.whl
+https://www.djangoproject.com/m/releases/1.11/Django-1.11.28-py2.py3-none-any.whl
+https://www.djangoproject.com/m/releases/1.11/Django-1.11.28.tar.gz
MD5 checksums
=============
-096091c29c00f36cce4356054119b702 Django-1.11.20.tar.gz
-f597fa6d128cda70649a2147819d2b5e Django-1.11.20-py2.py3-none-any.whl
+103fe7af9f88d6c621026b8f9d284d1b Django-1.11.28-py2.py3-none-any.whl
+8a21a5148aece7f6110d6ff3a9f57652 Django-1.11.28.tar.gz
SHA1 checksums
==============
-bad59a5672e6abe394ed03b9fd6d592d874bd750 Django-1.11.20.tar.gz
-99e3161e6878168954996a7e36629721a1b004e4 Django-1.11.20-py2.py3-none-any.whl
+5a6260681cbd4c0493637fb04e3d3aeaf27c2429 Django-1.11.28-py2.py3-none-any.whl
+1537a67692f9f724d005631cc035d9a58648934a Django-1.11.28.tar.gz
SHA256 checksums
================
-43a99da08fee329480d27860d68279945b7d8bf7b537388ee2c8938c709b2041
Django-1.11.20.tar.gz
-0a73696e0ac71ee6177103df984f9c1e07cd297f080f8ec4dc7c6f3fb74395b5
Django-1.11.20-py2.py3-none-any.whl
+a3b01cdff845a43830d7ccacff55e0b8ff08305a4cbf894517a686e53ba3ad2d
Django-1.11.28-py2.py3-none-any.whl
+b33ce35f47f745fea6b5aa3cf3f4241069803a3712d423ac748bd673a39741eb
Django-1.11.28.tar.gz
-----BEGIN PGP SIGNATURE-----
-iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAlxhjUAACgkQ4X31yCtP
-nQBssw/+OmYdygB5E8J8ski49ZkpQkQ8rKcWCleMNAu3FMt+SDXIpkHDw68kS4r7
-vwhGdEjeSUDtKPbKfONR/yHNGKJ+4z0H4P7SoMhKzBIifbfVPpohO2oSs0l/IFVm
-HDI3qFiVoudlHHDQ5tYbAiE4YSGNhckuUV2dRpgAsYRnCRLvSks8t8pBhVnB0/B7
-SH8Jz7omu2mQoKnWx8x36gtuIYYnfWJLNlcQxbx2aPel6AhSikF2gkw5Ov9dwKx+
-Aovl/z0RhCeAJpTc8fscZN4FfJBNaqlR8KDp8Y8FrNOkCrMcJeguJA5r5TYE24om
-iNLsQ6xXLfJEIGc8v8xaMDM66l006f+ziqBhGBJMbx5z3Lm59UKTXNtybb2naW0Y
-Y7cY27wVytoucgpljunf0VRQSbtcas+lCJ0PsAjbHTG5YNQjnqevyClsk4cMOIa6
-mEGqT02jsFo2ZHPeFD9NSpa5kiiATx//Y6gFBPRN6HvysHde1EC4oFfZWE3mOBYL
-R0o5Tgl+AnUbLBFfC0QUH+K7NBLBQShmNtUEjJPOtpjkP9m50yd6XLFpib75QLu+
-nHXxT3EbJpSU1u6vwwWgkgKTmGazeZTrAXg+VBd5vmIrKzyfaYKNiqUk4ep5CK2r
-KoVbX4CnghJ6RtdwxHMLqFsTITkKA/iGRuWjc3JrPnFOB5NWMrw=
-=auwM
+iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl4313kACgkQ4X31yCtP
+nQApghAAwJVtvmmGChbVI5YkyLMqaitECRelw2voshJD2Jq2dIMzqkXzmjSYps8M
+DWGxvJWsImy7zP6LfKZLg3VP13DBM9H25jzqUHuwUssXtRNtPzWexibajrdSbdhE
+qmPVwvdpeXqGs1gNu6evX2X56cOH28antf7f1tZLFCizEP/xUOtmFOqHCLp3hcMB
+WjVuiTq6LrETdzEzVjlQv592nz1EWo5fnAhOiYAEJvPWSUVMWIdYhgDLlMA6hfFF
+Wl/IxLsZ2fGq80mXo8RC27YX0JAjwCaKydfhFLM/j+gEsC6V8jv+bttx8awX11W5
+BO0fjyG+pOA8VrxHrB7PWeOD9cAe1QrX4QnvySfH/Y3Zs6lJY7cSUuzjBHP3TdKg
+wpQEPPO7OooSfJRBCtcPSJeby+Ky29AI2VnypAasDPEY9qjX7yPNmlRR8oW5ZnB7
+1NztJ95xpfU6zmt95ndIXCU843f/2uZrRMnFdv34XCbqxBP/93S5PT2A7026GPeg
+Nis+R7WqDno3PvtIzNgQatj3TjXszAJq0j2YqDSB6QhaSiK+KsKBqF4acTOM5lBl
+/5ChW+/fftWyERi9/cD6WKLdBKw3oZHaUWbvWcZCl6Wm1PlMpbCRA4bv7/QlmtC2
+CVNvlx0zhug5e4SR2PVO9mgvzfrz8krbWmFODWoX93pyIA9e28w=
+=re0T
-----END PGP SIGNATURE-----
++++++ python-Django1.keyring ++++++
--- /var/tmp/diff_new_pack.5ja1vD/_old 2020-02-21 23:48:36.408477667 +0100
+++ /var/tmp/diff_new_pack.5ja1vD/_new 2020-02-21 23:48:36.408477667 +0100
@@ -210,3 +210,77 @@
kJM+o2RA9lIY3aIhVNVFQTcUFAX1xOBw42ZcrirRHykhVs/SVJhozrWB50ia
=IeMF
-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFYVPG8BEACy8Ck2PGx9zC3tDe5rOflqzSGvTVXGLJosJpxBq+5vZv3FCsHk
+r1ynG0osFpFFdo51lb92sPiF7DooCW2VGCpnrC7IxpNCmDgavDk3GnWpLbEkKNxc
+DtRoGoJqJLVwM3ITfIKn1QGqIKx6zDwDj3W6ECozpQ20wNeM2so12Nqkt4O2GNAt
+B5WfRZVfA9aNXvEp0j79es6dhgnL7qG5jZtO1TfmJdkEPDoPMg19YkQDbOU559Sj
+gniHDn2TLLwtne1CHMznawZ9Vf/gLcE9HSTzqX1XwNFJ1pNDAEfzQ01PCbpWKxI2
+8IaJkDmmI79TGz1TN/CnttKZ0fTnS4nYDe73ZodIu66V5Tu8J5P15DJGY2l05BdG
+zFt986AhOqQkl4sPKNvbxekPMU8bnWBy5iev0rwJOIST2MOM11dGVODlTnoN6pOc
+sO7nNgYnK3Kmqd2YmOXvRHHwePidUREzt4mPgQliUEJUkLxFHp7iuiInA5s6/7mu
+1pZ9N7q2/P6YKfg7QhbqOiTMw/jjz8ol/DJ+90r9suL0cZoSGOFBg5PATuIbsg/6
+mM6uERHiaVT/5lgYIFAC//8gYkUe5d8DGk7/PXRNO7hlHQhHNoxvypDghCs53Zbx
+7b+xEwaqm/RtzNhe7HHaiVTeh4ZC9aLrYgFsifvTOmExG08sha0slrOK3QARAQAB
+tDZNYXJpdXN6IEZlbGlzaWFrIChmZWxpeHgpIDxmZWxpc2lhay5tYXJpdXN6QGdt
+YWlsLmNvbT6JAjgEEwECACIFAlYVPG8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
+AheAAAoJEC71Y3K6SM0bPZgP/0ahFBKHx1+HpC5n77+cnmgMw4FZlCZHDDc7YBj5
+fx/qZ4CWHQydJI7hDhhRriCnZG1juM6ncpNt3zP3sqpTgkKwHOxJtIR9oukPrgTc
+ZZve9nuM/XG6gnEknUvrKbMcKtna8uckxRNRI+zj/GbYNpHGT8c+dlS9ycNmBE4e
+2/ywa0hkFOMYA3UU7p23PigAP3W7Q2tFJaqpSFTIvvc/fba9nnESNRYTOCuwUl/4
+H35Mq2UksGoSq307ZbF8/0cKGf98FOtFSOPUbspdTPouDcuJbaYGacdVJB+FrVuD
+kzcWS79pM5gczdBlg/tsBPpsoRVImlOHubikqzuUX5F7iN3DUUi4bgVj9OJGrA8X
+30FJPzdNkD+4UWAJr35g2S58Bp1UPfFlfw3zSaNBqVMKkU9UhWG9bxtuHKixzYAW
+/vUF/2wtphyJ173kXhBder/j4qjIG4gQuLM4ke/ClkJ+UTeqJPi2W//xBmOIvIxj
+ciGtj2CUfN1+jMJ2HTYEPST5fgneczAc4W4v73lsUtxVIwJDPCain6vo2xnLYPb2
+r+Z7MyCnZn+tGw/NkbxFtzW3eXGhsbn8BeFIVueVK9nJ0AFT56utw5j1mwb8DdY1
+X5JeyHWuRYKE8v6q8phMLEUxXwbmXW/hWH9ylE+2HTQCu4tGmFJ2bilGFrCcLB/t
+CpeauQINBFYVPG8BEACxDZjbsMvXrbKdApKltiXbnC43nfE2hRw14xAdiuJmkZ4y
+Yr/2u/mq91ThR/WRTROm4HTBLnVWaz9OSJBhiVU+awWxYKaRxGG4dsKqsaHo/w2U
+o5jDt1ryB1AVFR5Xhnav3LANNN9ti12fnIwqX7CJAN9HvmtlmyI3y0VcOoFGRh9U
+kbyC+MggukKlP/MAkVWaeuLKhF1cbDXf71cCom8jQnbEA93drT2PfsAd1C+eEyrg
+JsJftkjPu6w6t+BNKAlbx/2MyXEpp24eBVf4k+7z1CpbwQX5kYrDJwOwPdPQBFtu
+HKPVfMZmIszr/Vuv5cSWM1leTkXG/L4j1OfzOEkAHS5UtWecozbBjcC3qnt+DMCr
+BmnExwtr+GgKYNJBCOja2SCSXC/pegHBpkyxgtp6x5ykk0Ll9l8dfxvX0prmN9yv
+0HjLDtflG0qHEFdrLyMTQY6Dy0nx+ffzs7sNfZG8kAySAMl/E8RRlOnoHPXm3ALm
+YZTXFoY+K80oI+n4HCGQQcRDFYYf3xE+WZTzAlAT8S72/erUnRbpAiCu8cIICfe4
+N8OCJxczlPtG9rlBgA24ZcXRlsz37D7HUwCLzEFDOLtxrk28PAvY8+iKIb7hH60z
+s9v89bCltaPNVSQqfnCnsHXdi4xhZeAjQ/V9Fl3VR9hQBy/Xo3A8T1+R0fRy+QAR
+AQABiQIfBBgBAgAJBQJWFTxvAhsMAAoJEC71Y3K6SM0bbPQP/3slD183zkxP9oKa
+5txv2uNXSFihJDwJW1GO75FiUxickE9kFPCS+X4uELJ5miZfhgWGbKParfQCkoTn
+tC4UmavfFJHe9+yS1gggEcRGvWhsZPikYW/fOdILxJ4yN2Fr7mBTZcsriRMaRJda
+6EkGQmxe/UeJwEp23kcmIW06criAsIAEG05z+I8Kng9JU70JKLZOozWztzyeCmR5
+LqMoKPD4dN0DRlg+G8Z1qzvHW+5Ity+6+xg6WfyzhFklwCId4ZNxccR0SyvFIyse
+EqC3KxGIOyOyxuniXIPPK11FvfLm/qMoZR2miMibadqYTloDbKkDiQ1fFi6U5Rz0
+lgKViIdEEsjexKJKx9soU4rw3Wb61P+AU9zo84Y8LSqOErdCh/uIyvzjDXn5xU4J
+yHvmZou4Rvq1JUplLIPSLNFN817EvYjkY5N/mEiA7LIw7C/qkjbbPk3qvnoUyfUF
+cXu3OFigMqP1WWoBmZs2vl8jTWGCpAN/1hfv57e9sWtrolfINU/VQJdTvHTi5pQi
+0W8bUnJWgYO4pQn9Nczdo1y1RhrRASEevCPuJ0QBiE3gzKy9KGqqXNSm0cTqS+hc
+G10Js8rYSzckKUeb1BmDUCwA+tCsFk5fOpV4cTcjf+bUkMfVz71t2P3xEUpwlsxc
+qYU8AFzZNDaaNyZJ4ppSR56+dL2uuQINBFxhlVgBEACzISQ+k+CxaIFVJL37UsUk
+q6DtE7N4qXMrq0eytc98ycspB+thR2FH+QciM/BSSGj6KalYwCyPfewcvZcHmmNo
+8wF756lbH8YwXED0Jc/8osXHYHtHlNVJcE+GnWRZQoUoRfkjFy1LuusidqiTSrJB
+Ai/kCULEPoVMxt7uDMGsLrpujA8ikciZ/9E/X3jALFmRXN/PbAlo6hh4fLsbbGh0
+UJnwynxoE5ooWGuICzJ6Aa7eYJS6RYOESxZcRFkWdZgxSfQ7ZfQgDrAU3xTz8TOQ
+NHniKcwMXe7jYmIcIidzKXI3QUEwJC+e/q+DR9DQHcYSVfEZ0xf+EL9ka6PHdOQU
+BrCOKsKgTjs4U8ZBmwQS2701MN9W6PVPNdJ29bfhBosE58Hmg3YOPXK3X90A24YB
+ssj5DACcHGFe5JWz3kSEPK325lAba/9Jk+Zc37WrwU5CXvgXwPtGGcYi2sg+Xqhe
+nrYgVThxS9BzyA1Yj3RFIoy0NOYwIkeVsZyyllG7kmgvdaCo25qqRCbqnSoBYi85
+2cpDoDYPfzhBz/rGRYm031U1SqsBGVXqIMLaCOUx2Op1udy8t3OE3vXesOt17O2/
+pB1S7BeIkCPIPTWGb0JGcuZMor9axfkxypx5eOetlmqZR4E3L2/bkQ/5Tg9xdbyj
+bp8hPMnPIZ8unI9dh5CE3QARAQABiQI2BBgBCgAgFiEEq7LCqM0B8WE2GLcNLvVj
+crpIzRsFAlxhlVgCGyAACgkQLvVjcrpIzRszYRAAo3k8TEYRM/UhFgUP9RGxAuzw
+N+WBe63rGKghx2bVn02HLuGL+UPqaZLN6kos/zTYCSiEWBQst2kdKwBdFBCtGe8g
+bwBtgJI8tgi3ruaztYOw/bTI8DV97uXMViMD3aPPxrcIVi+QaDMAfzowTv3O3S1r
+8LGxYYx23TUCMAVtdfO+2ZKDhfz+rCjF1wkjOrKngbt3qe+MTyDhPnYuk4dTgLog
+/DXwCM/0K8nf7kcfXKSZtYhfJAZP7QqN4z9TChVxE7viz0fL69owiTLgEAHHssDG
+CMPzBw+T+YZa88CUOhG7yPIKO+rv76gW7Z1f/T/Ai4+HTpPv5EP+yOGU0mnredl2
+Bk/Br9cSVxlzar4MSciufg5pBQ79qz6JBqawjYAmXiG2D50E9WhblqjjhQAqs/zK
+VQU2euIcxvB0Pv/5zxCW+/4D7klNFImh7YR/9t3bwnEjxMQRJ7V8NZTNRfAHvZx1
+F2p5NtPyVZTxgzs9S43SaJGYWhkak4iB8FqvK9HHJK2Wp6o+2r85fOiIMHzg/jy7
+mFL7Q7gwTREz1H9xC9TgZXqUiuCZaLnkItSdYodaePLFZQkDIgC2cA3X5C4NHh44
+8oBmszrxd6o2KPwpUOG/NJLfH3LjypytF+Qt/3NnwQHC/niSmSNZUt/duetfr8yS
+4yBrC5IMCo5nvfBpu8E=
+=jxsE
+-----END PGP PUBLIC KEY BLOCK-----
