- Update to 3.2.4 (CVE-2021-33203, CVE-2021-33571)
  + CVE-2021-33203: Potential directory traversal via admindocs
  + CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks
    since validators accepted leading zeros in IPv4 addresses
  + Fixed a bug in Django 3.2 where a final catch-all view in the
    admin didn’t respect the server-provided value of SCRIPT_NAME when
    redirecting unauthenticated users to the login page
  + Fixed a bug in Django 3.2 where a system check would crash on an
    abstract model
  + Prevented unnecessary initialization of unused caches following a
    regression in Django 3.2
  + Fixed a crash in Django 3.2 that could occur when running mod_wsgi
    with the recommended settings while the Windows colorama library
    was installed
  + Fixed a bug in Django 3.2 that would trigger the auto-reloader for
    template changes when directory paths were specified with strings
  + Fixed a regression in Django 3.2 that caused a crash of
    auto-reloader with AttributeError, e.g. inside a Conda environment
  + Fixed a regression in Django 3.2 that caused a loss of precision
    for operations with DecimalField on MySQL

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.2.3
  + Prepared for mysqlclient > 2.0.3 support
  + Fixed a regression in Django 3.2 that caused the incorrect
    filtering of querysets combined with the | operator
  + Fixed a regression in Django 3.2.1 where saving FileField would
    raise a SuspiciousFileOperation even when a custom upload_to
    returns a valid file path

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.2.2 (CVE-2021-32052)

• Files Changed
• Browse Source

- Keep rpm runtime requirements in sync. Downstream packages often
  read the egg-info and fail if they are not fulfilled. 

• Files Changed
• Browse Source

- Update to 3.2.1 (CVE-2021-31542)
  + CVE-2021-31542: Potential directory-traversal via uploaded files
  + Corrected detection of GDAL 3.2 on Windows
  + Fixed a bug in Django 3.2 where subclasses of BigAutoField and
    SmallAutoField were not allowed for the DEFAULT_AUTO_FIELD setting
  + Fixed a regression in Django 3.2 that caused a crash of
    QuerySet.values()/values_list() after QuerySet.union(),
    intersection(), and difference() when it was ordered by an
    unannotated field
  + Restored, following a regression in Django 3.2, displaying an
    exception message on the technical 404 debug page
  + Fixed a bug in Django 3.2 where a system check would crash on a
    reverse one-to-one relationships in CheckConstraint.check or
    UniqueConstraint.condition
  + Fixed a regression in Django 3.2 that caused a crash of
    ModelAdmin.search_fields when searching against phrases with
    unbalanced quotes
  + Fixed a bug in Django 3.2 where variable lookup errors were logged
    rendering the sitemap template if alternates were not defined
  + Fixed a regression in Django 3.2 that caused a crash when
    combining Q() objects which contains boolean expressions
  + Fixed a regression in Django 3.2 that caused a crash of
    QuerySet.update() on a queryset ordered by inherited or joined
    fields on MySQL and MariaDB
  + Fixed a regression in Django 3.2 that caused a crash when decoding
    a cookie value, used by
    django.contrib.messages.storage.cookie.CookieStorage, in the
    pre-Django 3.2 format
  + Fixed a regression in Django 3.2 that stopped the shift-key
    modifier selecting multiple rows in the admin changelist
  + Fixed a bug in Django 3.2 where a system check would crash on the
    STATICFILES_DIRS setting with a list of 2-tuples of (prefix, path)
  + Fixed a long standing bug involving queryset bitwise combination
    when used with subqueries that began manifesting in Django 3.2,
    due to a separate fix using Exists to exclude() multi-valued
    relationships
  + Fixed a bug in Django 3.2 where variable lookup errors were logged
    when rendering some admin templates
  + Fixed a bug in Django 3.2 where an admin changelist would crash
    when deleting objects filtered against multi-valued relationships
  + Fixed a regression in Django 3.2 where the calling process
    environment would not be passed to the dbshell command on PostgreSQL
  + Fixed a performance regression in Django 3.2 when building complex
    filters with subqueries

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.2.0
  + Automatic ~django.apps.AppConfig discovery
  + Customizing type of auto-created primary keys
  + Functional indexes
  + pymemcache support
  + New decorators for the admin site  
  + For a complete description of new features check:
    https://github.com/django/django/blob/main/docs/releases/3.2.txt
- Update PYTHOPATH to include the local tests
- Drop i18n_test.patch, i18n_test_extraction.patch,
  test_clear_site_cache-sort.patch

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Don't install python36-numpy for testing. It is no longer
  available. (The tests or portions of tests requiring numpy
  are skipped automatically in this case.)
- Let the singlespec macro do its job to set the primary provider
  for python3-django and python3-South on the primary flavor only.
- Fix mtime of cache file by recompiling.

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1.4
 * Fixed setting the Content-Length HTTP header in AsyncRequestFactory
 * Fixed passing extra HTTP headers to AsyncRequestFactory request methods
 * Fixed crash of key transforms for JSONField on PostgreSQL when usingi
     on a Subquery() annotation
 * Fixed a regression in Django 3.1 that caused the incorrect grouping
     by a Q object annotation
 * Fixed a regression in Django 3.1 that caused suppressing connection errors
     when JSONField is used on SQLite
 * Fixed a crash on SQLite, when QuerySet.values()/values_list() contained
     key transforms for JSONField returning non-string primitive values

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1.3
 * Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin
   changelist search bar
 * Fixed a regression in Django 3.1.2 that caused the incorrect width of the
   admin changelist search bar on a filtered page
 * Fixed displaying Unicode characters in forms.JSONField and read-only
   models.JSONField values in the admin
 * Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg
   with ordering on key transforms for JSONField
 * Fixed a regression in Django 3.1 that caused a crash of __in lookup when using
   key transforms for JSONField in the lookup value
 * Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with
   key transforms for JSONField
 * Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL
   when adding an ExclusionConstraint with key transforms for JSONField in expressions
 * Fixed a regression in Django 3.1 where ProtectedError.protected_objects
   and RestrictedError.restricted_objects attributes returned iterators instead
   of set of objects
 * Fixed a regression in Django 3.1.2 that caused incorrect form input layout
   on small screens in the admin change form view
 * Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset tokens
 * Added support for asgiref 3.3
 * Fixed a regression in Django 3.1 that caused incorrect textarea layout
   on medium-sized screens in the admin change form view with the sidebar open
 * Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases
   in the GROUP BY clause
 * Fixed a bug in Django 3.1 where FileField instances with a callable storage were
   not correctly deconstructed
 * Fixed a regression in Django 3.1 where the QuerySet.ordered attribute returned
   incorrectly True for GROUP BY queries (e.g. .annotate().values()) on models with

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1.1
  * CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+
  * CVE-2020-24584: Permission escalation in intermediate-level directories of the file 
    system cache on Python 3.7+
  * Fixed a data loss possibility in the select_for_update(). When using related fields 
    pointing to a proxy model in the of argument, the corresponding model was not locked
  * Fixed a regression in Django 3.1 that caused a crash when decoding an invalid session data
  * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, and SQLite
  * Fixed a regression in Django 3.1 that caused permission errors in CommonPasswordValidator 
    and settings.py

• Files Changed
• Browse Source

- Require asgiref >= 3.2.10 per upstream

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1
  * Asynchronous views and middleware support
  * JSONField for all supported database backends
  * DEFAULT_HASHING_ALGORITHM settings¶
  * Read https://docs.djangoproject.com/en/3.1/releases/3.1/
- Drop fix-selenium-test.patch. Already upstream.
- Add i18n_test_extraction.patch to support xgettext 0.21

• Files Changed
• Browse Source