Hello community, here is the log from the commit of package python-Django for openSUSE:Factory checked in at 2014-06-17 11:23:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Django (Old) and /work/SRC/openSUSE:Factory/.python-Django.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django" Changes: -------- --- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes 2014-02-26 06:55:18.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django.new/python-Django.changes 2014-06-17 11:23:26.000000000 +0200 @@ -1,0 +2,11 @@ +Wed Jun 11 12:34:45 UTC 2014 - mci...@suse.cz + +- Update to version 1.6.5, sercurity and important changes: + + Unexpected code execution using reverse() + + Caching of anonymous pages could reveal CSRF token + + MySQL typecasting + + select_for_update() requires a transaction + + Issue: Caches may incorrectly be allowed to store and serve private data + + Issue: Malformed redirect URLs from user input not correctly validated + +------------------------------------------------------------------- Old: ---- Django-1.6.2.tar.gz New: ---- Django-1.6.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Django.spec ++++++ --- /var/tmp/diff_new_pack.zwxzfc/_old 2014-06-17 11:23:27.000000000 +0200 +++ /var/tmp/diff_new_pack.zwxzfc/_new 2014-06-17 11:23:27.000000000 +0200 @@ -17,7 +17,7 @@ Name: python-Django -Version: 1.6.2 +Version: 1.6.5 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause ++++++ Django-1.6.2.tar.gz -> Django-1.6.5.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Django/Django-1.6.2.tar.gz /work/SRC/openSUSE:Factory/.python-Django.new/Django-1.6.5.tar.gz differ: char 5, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org