Hi, On Feb 10, 2011, at 1:07 AM, "Federico G. Schwindt" <fg...@lodoss.net> wrote:
> On Wed, Feb 09, 2011 at 07:39:20PM -0800, Ryan Boggs wrote: >> Hi, >> >> Attached is the diff that applies the necessary change sets (15465, >> 15471, & 15468) from django to fix the issues mentioned in the >> security announcement released yesterday. Details can be found here: >> "http://www.djangoproject.com/weblog/2011/feb/08/security/". I tested >> this diff on i386 using the Feb 8 snapshot. >> >> I understand that ports is currently locked but since this is a >> security update, I thought it was important to get this in as soon as >> possible. I chose to patch 1.2.4 instead of upgrading to 1.2.5 >> because I am under the impression that this is the preferred method of >> submitting security updates when ports is locked. Please let me know >> if I am mistaken. >> >> I plan on upgrading to 1.2.5 once the ports tree is unlocked. >> >> Please let me know if there are any questions/comments/suggestions. > > there are some changes there that are not really needed (15349). > can you restrict the changes to the security bits please? Sorry, those snuck in by mistake. I will fix and resubmit today. > > f.- > Thanks, Ryan