File python-Django.changes of Package python-Django
-------------------------------------------------------------------
Tue Nov 10 05:36:21 UTC 2015 - tbechtold@suse.com
- add missing Requires for python-setuptools (bsc#952198)
/usr/bin/django-admin needs the pkg_resources framework from
python-setuptools to run properly.
-------------------------------------------------------------------
Sun Sep 20 07:51:27 UTC 2015 - tbechtold@suse.com
- update to 1.8.4 (CVE-2015-5963):
* https://docs.djangoproject.com/en/1.8/releases/1.8.4/
-------------------------------------------------------------------
Fri Jul 10 11:51:49 UTC 2015 - astieger@suse.com
- add keyring and verify source signature
-------------------------------------------------------------------
Fri Jul 10 10:03:54 UTC 2015 - dmueller@suse.com
- update to 1.8.3:
* https://docs.djangoproject.com/en/1.8/releases/1.8.3/
Various bugfixes/security fixes (CVE-2015-5145, bsc#937524)
-------------------------------------------------------------------
Tue May 26 08:26:56 UTC 2015 - dmueller@suse.com
- update to 1.8.2 (CVE-2015-3982):
* https://docs.djangoproject.com/en/1.8/releases/1.8.2/
* https://docs.djangoproject.com/en/1.8/releases/1.8.1/
-------------------------------------------------------------------
Thu Apr 2 07:35:07 UTC 2015 - aplanas@suse.com
- Update to Django 1.8
* "Long-Term Support" (LTS) release
New features:
* Model._meta API
* Multiple template engines
* Security enhancements
* New PostgreSQL specific functionality
* New data types
* Query Expressions, Conditional Expressions, and Database Functions
* TestCase data setup
Backwards incompatible changes:
* Related object operations are run in a transaction
* Assigning unsaved objects to relations raises an error
* Management commands that only accept positional arguments
* Custom test management command arguments through test runner
* Model check ensures auto-generated column names are within limits
specified by database
* Query relation lookups now check object types
* select_related() now checks given fields
* Default EmailField.max_length increased to 254
* (DROP) Support for PostgreSQL versions older than 9.0
* (DROP) Support for MySQL versions older than 5.5
* (DROP) Support for Oracle versions older than 11.1
* Specific privileges used instead of roles for tests on Oracle
* ...
-------------------------------------------------------------------
Mon Mar 23 10:51:37 UTC 2015 - mcihar@suse.cz
- Update to Django 1.7.7:
Security issues:
* Denial-of-service possibility with strip_tags()
* Mitigated possible XSS attack via user-supplied redirect URLs
Bugfixes:
* Fixed renaming of classes in migrations where renaming a subclass would
cause incorrect state to be recorded for objects that referenced the
superclass (#24354).
* Stopped writing migration files in dry run mode when merging migration
conflicts. When makemigrations --merge is called with verbosity=3 the
migration file is written to stdout (:ticket: 24427).
-------------------------------------------------------------------
Wed Mar 11 16:18:53 UTC 2015 - aplanas@suse.com
- Update to Djano 1.7.6:
Bugfixes
* Mitigated an XSS attack via properties in
"ModelAdmin.readonly_fields"
* Fixed crash when coercing "ManyRelatedManager" to a string
(#24352).
* Fixed a bug that prevented migrations from adding a foreign key
constraint when converting an existing field to a foreign key
(#24447).
-------------------------------------------------------------------
Fri Feb 27 14:36:46 UTC 2015 - aplanas@suse.com
- Update to Django 1.7.5:
Bugfixes
* Reverted a fix that prevented a migration crash when unapplying
contrib.contenttypes's or contrib.auth's first migration (#24075)
due to severe impact on the test performance (#24251) and problems
in multi-database setups (#24298).
* Fixed a regression that prevented custom fields inheriting from
ManyToManyField from being recognized in migrations (#24236).
* Fixed crash in contrib.sites migrations when a default database
isn't used (#24332).
* Added the ability to set the isolation level on PostgreSQL with
psycopg2 >= 2.4.2 (#24318). It was advertised as a new feature in
Django 1.6 but it didn't work in practice.
* Formats for the Azerbaijani locale (az) have been added.
-------------------------------------------------------------------
Fri Jan 30 15:13:10 UTC 2015 - aplanas@suse.com
- Update to Django 1.7.4:
Bugfixes
* Fixed a migration crash when unapplying ``contrib.contenttypes``’s
or ``contrib.auth``’s first migration (:ticket:`24075`).
* Made the migration's ``RenameModel`` operation rename
``ManyToManyField`` tables (:ticket:`24135`).
* Fixed a migration crash on MySQL when migrating from a
``OneToOneField`` to a ``ForeignKey`` (:ticket:`24163`).
* Prevented the ``static.serve`` view from producing
``ResourceWarning``\s in certain circumstances (security fix
regression, :ticket:`24193`).
* Fixed schema check for ManyToManyField to look for internal type
instead of checking class instance, so you can write custom
m2m-like fields with the same behavior. (:ticket:`24104`).
-------------------------------------------------------------------
Wed Jan 14 07:57:46 UTC 2015 - mcihar@suse.cz
- Update to Django 1.7.3:
Security fixes:
* WSGI header spoofing via underscore/dash conflation.
* Mitigated possible XSS attack via user-supplied redirect URLs.
* Denial-of-service attack against django.views.static.serve.
* Database denial-of-service with ModelMultipleChoiceField.
Bug fixes:
* The default iteration count for the PBKDF2 password hasher has been
increased by 25%. This part of the normal major release process was
inadvertently omitted in 1.7. This backwards compatible change will not
affect users who have subclassed
django.contrib.auth.hashers.PBKDF2PasswordHasher to change the default
value.
* Fixed a crash in the CSRF middleware when handling non-ASCII referer
header (#23815).
* Fixed a crash in the django.contrib.auth.redirect_to_login view when
passing a reverse_lazy() result on Python 3 (#24097).
* Added correct formats for Greek (el) (#23967).
* Fixed a migration crash when unapplying a migration where multiple
operations interact with the same model (#24110).
-------------------------------------------------------------------
Sun Jan 11 12:49:28 UTC 2015 - p.drouand@gmail.com
- South has been merged in main Django; provide and obsolete it
-------------------------------------------------------------------
Thu Jan 8 11:04:09 UTC 2015 - tbechtold@suse.com
- Update to Django 1.7.2:
* Fixed migration’s renaming of auto-created many-to-many tables
when changing Meta.db_table (#23630).
* Fixed a migration crash when adding an explicit id field to a
model on SQLite (#23702).
* Added a warning for duplicate models when a module is
reloaded. Previously a RuntimeError was raised every time two
models clashed in the app registry. (#23621).
* Prevented flush from loading initial data for migrated apps
(#23699).
* Fixed a makemessages regression in 1.7.1 when STATIC_ROOT has the
default None value (#23717).
* Added GeoDjango compatibility with mysqlclient database driver.
* Fixed MySQL 5.6+ crash with GeometryFields in migrations (#23719).
* Fixed a migration crash when removing a field that is referenced
in AlterIndexTogether or AlterUniqueTogether (#23614).
* Updated the first day of the week in the Ukrainian locale to
Monday.
* Added support for transactional spatial metadata initialization on
SpatiaLite 4.1+ (#23152).
* Fixed a migration crash that prevented changing a nullable field
with a default to non-nullable with the same default (#23738).
* Fixed a migration crash when adding GeometryFields with blank=True
on PostGIS (#23731).
* Allowed usage of DateTimeField() as Transform.output_field
(#23420).
* Fixed a migration serializing bug involving float("nan") and
float("inf") (#23770).
* Fixed a regression where custom form fields having a queryset
attribute but no limit_choices_to could not be used in a ModelForm
(#23795).
* Fixed a custom field type validation error with MySQL backend when
db_type returned None (#23761).
* Fixed a migration crash when a field is renamed that is part of an
index_together (#23859).
* Fixed squashmigrations to respect the --no-optimize parameter
(#23799).
* Made RenameModel reversible (#22248)
* Avoided unnecessary rollbacks of migrations from other apps when
migrating backwards (#23410).
* Fixed a rare query error when using deeply nested subqueries
(#23605).
* Fixed a crash in migrations when deleting a field that is part of
a index/unique_together constraint (#23794).
* Fixed django.core.files.File.__repr__() when the file’s name
contains Unicode characters (#23888).
* Added missing context to the admin’s delete_selected view that
prevented custom site header, etc. from appearing (#23898).
* Fixed a regression with dynamically generated inlines and allowed
field references in the admin (#23754).
* Fixed an infinite loop bug for certain cyclic migration
dependencies, and made the error message for cyclic dependencies
much more helpful.
* Added missing index_together handling for SQLite (#23880).
* Fixed a crash when RunSQL SQL content was collected by the schema
editor, typically when using sqlmigrate (#23909).
* Fixed a regression in contrib.admin add/change views which caused
some ModelAdmin methods to receive the incorrect obj value
(#23934).
* Fixed runserver crash when socket error message contained Unicode
characters (#23946).
* Fixed serialization of type when adding a deconstruct() method
(#23950).
* Prevented the SessionAuthenticationMiddleware from setting a
"Vary: Cookie" header on all responses (#23939).
* Fixed a crash when adding blank=True to TextField() on MySQL
(#23920).
* Fixed index creation by the migration infrastructure, particularly
when dealing with PostgreSQL specific {text|varchar}_pattern_ops
indexes (#23954).
* Fixed bug in makemigrations that created broken migration files
when dealing with multiple table inheritance and inheriting from
more than one model (#23956).
* Fixed a crash when a MultiValueField has invalid data (#23674).
* Fixed a crash in the admin when using “Save as new” and also
deleting a related inline (#23857).
* Always converted related_name to text (unicode), since that is
required on Python 3 for interpolation. Removed conversion of
related_name to text in migration deconstruction (#23455 and
#23982).
* Enlarged the sizes of tablespaces which are created by default for
testing on Oracle (the main tablespace was increased from 200M to
300M and the temporary tablespace from 100M to 150M). This was
required to accommodate growth in Django’s own test suite
(#23969).
* Fixed timesince filter translations in Korean (#23989).
* Fixed the SQLite SchemaEditor to properly add defaults in the
absence of a user specified default. For example, a CharField with
blank=True didn’t set existing rows to an empty string which
resulted in a crash when adding the NOT NULL constraint (#23987).
* makemigrations no longer prompts for a default value when adding
TextField() or CharField() without a default (#23405).
* Fixed a migration crash when adding order_with_respect_to to a
table with existing rows (#23983).
* Restored the pre_migrate signal if all apps have migrations
(#23975).
* Made admin system checks run for custom AdminSites (#23497).
* Ensured the app registry is fully populated when unpickling
models. When an external script (like a queueing infrastructure)
reloads pickled models, it could crash with an AppRegistryNotReady
exception (#24007).
* Added quoting to field indexes in the SQL generated by migrations
to prevent a crash when the index name requires it (##24015).
* Added datetime.time support to migrations questioner (#23998).
* Fixed admindocs crash on apps installed as eggs (#23525).
* Changed migrations autodetector to generate an AlterModelOptions
operation instead of DeleteModel and CreateModel operations when
changing Meta.managed. This prevents data loss when changing
managed from False to True and vice versa (#24037).
* Enabled the sqlsequencereset command on apps with migrations
(#24054).
* Added tablespace SQL to apps with migrations (#24051).
* Corrected contrib.sites default site creation in a multiple
database setup (#24000).
* Restored support for objects that aren’t str or bytes in
mark_for_escaping() on Python 3.
* Supported strings escaped by third-party libraries with the
__html__ convention in the template engine (#23831).
* Prevented extraneous DROP DEFAULT SQL in migrations (#23581).
* Restored the ability to use more than five levels of subqueries
(#23758).
* Fixed crash when ValidationError is initialized with a
ValidationError that is initialized with a dictionary (#24008).
* Prevented a crash on apps without migrations when running migrate
--list (#23366).
-------------------------------------------------------------------
Thu Oct 23 07:53:57 UTC 2014 - aplanas@suse.com
- Update to Django 1.7.1
* Allowed related many-to-many fields to be referenced in the admin
(#23604).
* Added a more helpful error message if you try to migrate an app
without first creating the contenttypes table (#22411).
* Modified migrations dependency algorithm to avoid possible
infinite recursion.
* Fixed a UnicodeDecodeError when the flush error message contained
Unicode characters (#22882).
* Reinstated missing CHECK SQL clauses which were omitted on some
backends when not using migrations (#23416).
* Fixed serialization of type objects in migrations (#22951).
* Allowed inline and hidden references to admin fields (#23431).
* The @deconstructible decorator now fails with a ValueError if the
decorated object cannot automatically be imported (#23418).
* Fixed a typo in an inlineformset_factory() error message that
caused a crash (#23451).
* Restored the ability to use ABSOLUTE_URL_OVERRIDES with the
'auth.User' model (#11775). As a side effect, the setting now adds
a get_absolute_url() method to any model that appears in
ABSOLUTE_URL_OVERRIDES but doesn’t define get_absolute_url().
* Avoided masking some ImportError exceptions during application
loading (#22920).
* Empty index_together or unique_together model options no longer
results in infinite migrations (#23452).
* Fixed crash in contrib.sitemaps if lastmod returned a date rather
than a datetime (#23403).
* Allowed migrations to work with app_labels that have the same last
part (e.g. django.contrib.auth and vendor.auth) (#23483).
* Restored the ability to deepcopy F objects (#23492).
* Formats for Welsh (cy) and several Chinese locales (zh_CN,
zh_Hans, zh_Hant and zh_TW) have been added. Formats for
Macedonian have been fixed (trailing dot removed, #23532).
* Added quoting of constraint names in the SQL generated by
migrations to prevent crash with uppercase characters in the name
(#23065).
* Fixed renaming of models with a self-referential many-to-many
field (ManyToManyField('self')) (#23503).
* Added the get_extra(), get_max_num(), and get_min_num() hooks to
GenericInlineModelAdmin (#23539).
* Made migrations.RunSQL no longer require percent sign
escaping. This is now consistent with cursor.execute() (#23426).
* Made the SERIALIZE entry in the TEST dictionary usable (#23421).
* Fixed bug in migrations that prevented foreign key constraints to
unmanaged models with a custom primary key (#23415).
* Added SchemaEditor for MySQL GIS backend so that spatial indexes
will be created for apps with migrations (#23538).
* Added SchemaEditor for Oracle GIS backend so that spatial metadata
and indexes will be created for apps with migrations (#23537).
* Coerced the related_name model field option to unicode during
migration generation to generate migrations that work with both
Python 2 and 3 (#23455).
* Fixed MigrationWriter to handle builtin types without imports
(#23560).
* Fixed deepcopy on ErrorList (#23594).
* Made the admindocs view to browse view details check if the view
specified in the URL exists in the URLconf. Previously it was
possible to import arbitrary packages from the Python path. This
was not considered a security issue because admindocs is only
accessible to staff users (#23601).
* Fixed UnicodeDecodeError crash in AdminEmailHandler with non-ASCII
characters in the request (#23593).
* Fixed missing get_or_create and update_or_create on related
managers causing IntegrityError (#23611).
* Made urlsafe_base64_decode() return the proper type (byte string)
on Python 3 (#23333).
* makemigrations can now serialize timezone-aware values (#23365).
* Added a prompt to the migrations questioner when removing the null
constraint from a field to prevent an IntegrityError on existing
NULL rows (#23609).
* Fixed generic relations in ModelAdmin.list_filter (#23616).
* Restored RFC compliance for the SMTP backend on Python 3 (#23063).
* Fixed a crash while parsing cookies containing invalid content
(#23638).
* The system check framework now raises error models.E020 when the
class method Model.check() is unreachable (#23615).
* Made the Oracle test database creation drop the test user in the
event of an unclean exit of a previous test run (#23649).
* Fixed makemigrations to detect changes to Meta.db_table (#23629).
* Fixed a regression when feeding the Django test client with an
empty data string (#21740).
* Fixed a regression in makemessages where static files were
unexpectedly ignored (#23583).
-------------------------------------------------------------------
Wed Sep 24 08:30:00 UTC 2014 - aplanas@suse.com
- Update to Django 1.7
* A new built-in database migration system. Notes on upgrading from
South (a popular third*party application providing migration
functionality) are also available.
* A refactored concept of Django applications. Django applications
are no longer tied to the existence of a models files, and can now
specify both configuration data and code to be executed as Django
starts up.
* Improvements to the model Field API to support migrations and, in
the future, to enable easy addition of composite-key support to
Django's ORM.
* Improvements for custom Manager and QuerySet classes, allowing
reverse relationship traversal to specify the Manager to use, and
creation of a Manager from a custom QuerySet class.
* An extensible system check framework which can assist developers
in detecting and diagnosing errors.
Please refer to the release notes for all details and migration
instructions:
https://docs.djangoproject.com/en/1.7/releases/1.7/
- Added python-setuptools as a BuildRequires.
- Fixed Source URL from Django Project site.
- Reordered sources.
- Fixed deduplication to avoid wrong mtimes in pyc files.
-------------------------------------------------------------------
Thu Jul 31 16:55:11 UTC 2014 - dimstar@opensuse.org
- Rename rpmlintrc to %{name}-rpmlintrc.
Follow the packaging guidelines.
-------------------------------------------------------------------
Wed Jun 11 12:34:45 UTC 2014 - mcihar@suse.cz
- Update to version 1.6.5, sercurity and important changes:
+ Unexpected code execution using reverse()
+ Caching of anonymous pages could reveal CSRF token
+ MySQL typecasting
+ select_for_update() requires a transaction
+ Issue: Caches may incorrectly be allowed to store and serve private data
+ Issue: Malformed redirect URLs from user input not correctly validated
-------------------------------------------------------------------
Fri Feb 14 09:32:07 UTC 2014 - speilicke@suse.com
- Fix update-alternatives
-------------------------------------------------------------------
Fri Feb 7 08:30:04 UTC 2014 - speilicke@suse.com
- Update to version 1.6.2:
+ Prevented the base geometry object of a prepared geometry to be garbage
collected, which could lead to crash Django (#21662).
+ Fixed a crash when executing the changepassword command when the user
object representation contained non-ASCII characters (#21627).
+ The collectstatic command will raise an error rather than default to
using the current working directory if STATIC_ROOT is not set. Combined
with the --clear option, the previous behavior could wipe anything
below the current working directory (#21581).
+ Fixed mail encoding on Python 3.3.3+ (#21093).
+ Fixed an issue where when settings.DATABASES['default']['AUTOCOMMIT'] = False,
the connection wasn’t in autocommit mode but Django pretended it was.
+ Fixed a regression in multiple-table inheritance exclude() queries (#21787).
+ Added missing items to django.utils.timezone.__all__ (#21880).
+ Fixed a field misalignment issue with select_related() and model inheritance (#21413).
+ Fixed join promotion for negated AND conditions (#21748).
+ Oracle database introspection now works with boolean and float fields (#19884).
+ Fixed an issue where lazy objects weren’t actually marked as safe when
passed through mark_safe() and could end up being double-escaped (#21882).
-------------------------------------------------------------------
Tue Feb 4 14:33:40 UTC 2014 - mcihar@suse.cz
- Update to version 1.6.1:
- Most bug fixes are minor; you can find a complete list in the Django 1.6.1
release notes.
-------------------------------------------------------------------
Tue Nov 19 10:06:23 UTC 2013 - speilicke@suse.com
- Update-alternatives also for bash-completion
-------------------------------------------------------------------
Fri Nov 15 13:33:20 UTC 2013 - speilicke@suse.com
- Only ghost /etc/alternatives on 12.3 or newer
-------------------------------------------------------------------
Thu Nov 7 16:36:41 UTC 2013 - speilicke@suse.com
- Require python-Pillow for image-related functionality
- Package was renamed from python-django
- Drop Django-1.2-completion-only-for-bash.patch: Useless
-------------------------------------------------------------------
Tue Nov 5 03:27:13 UTC 2013 - alexandre@exatati.com.br
- Update to version 1.6:
- Please read the release notes
https://docs.djangoproject.com/en/1.6/releases/1.6
- Removed Patch2 as it is no needed anymore:
Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch
-------------------------------------------------------------------
Tue Sep 17 12:37:53 UTC 2013 - speilicke@suse.com
- Update to version 1.5.4:
+ Fixed denial-of-service via large passwords
- Changes from version 1.5.3:
+ Fixed directory traversal with ssi template tag
-------------------------------------------------------------------
Wed Aug 14 05:49:54 UTC 2013 - alexandre@exatati.com.br
- Update to 1.5.2:
- Security release, please check release notes for details:
https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued
-------------------------------------------------------------------
Thu Mar 28 23:27:01 UTC 2013 - alexandre@exatati.com.br
- Update to 1.5.1:
- Memory leak fix, please read release announcement at
https://www.djangoproject.com/weblog/2013/mar/28/django-151.
-------------------------------------------------------------------
Tue Feb 26 19:49:02 UTC 2013 - alexandre@exatati.com.br
- Update to 1.5:
- Please read the release notes
https://docs.djangoproject.com/en/1.5/releases/1.5
-------------------------------------------------------------------
Tue Dec 11 12:27:50 UTC 2012 - alexandre@exatati.com.br
- Update to 1.4.3:
- Security release:
- Host header poisoning
- Redirect poisoning
- Please check release notes for details:
https://www.djangoproject.com/weblog/2012/dec/10/security
-------------------------------------------------------------------
Sat Oct 20 13:41:10 UTC 2012 - saschpe@suse.de
- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin
-------------------------------------------------------------------
Wed Oct 17 22:51:36 UTC 2012 - alexandre@exatati.com.br
- Update to 1.4.2:
- Security release:
- Host header poisoning
- Please check release notes for details:
https://www.djangoproject.com/weblog/2012/oct/17/security
-------------------------------------------------------------------
Mon Jul 30 21:38:31 UTC 2012 - alexandre@exatati.com.br
- Update to 1.4.1:
- Security release:
- Cross-site scripting in authentication views
- Denial-of-service in image validation
- Denial-of-service via get_image_dimensions()
- Please check release notes for details:
https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
-------------------------------------------------------------------
Tue Jun 19 11:27:33 UTC 2012 - saschpe@suse.de
- Add patch to support CSRF_COOKIE_HTTPONLY config
-------------------------------------------------------------------
Fri Mar 23 18:39:40 UTC 2012 - alexandre@exatati.com.br
- Update to 1.4:
- Please read the release notes
https://docs.djangoproject.com/en/dev/releases/1.4
- Removed Patch2, it was merged on upstream,
-------------------------------------------------------------------
Thu Nov 24 12:30:40 UTC 2011 - saschpe@suse.de
- Set license to SDPX style (BSD-3-Clause)
- Package AUTHORS, LICENE and README files
- No CFLAGS for noarch package
- Drop runtime dependency on gettext-tools
-------------------------------------------------------------------
Sat Sep 10 12:05:07 UTC 2011 - alexandre@exatati.com.br
- Update to 1.3.1 to fix security issues, please read
https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued.
-------------------------------------------------------------------
Thu Mar 31 15:09:16 UTC 2011 - alexandre@exatati.com.br
- Fix build on SLES_9.
-------------------------------------------------------------------
Wed Mar 23 11:39:53 UTC 2011 - alexandre@exatati.com.br
- Update to 1.3 final;
- Refresh patch empty-ip-2.diff.
-------------------------------------------------------------------
Fri Mar 18 03:45:45 UTC 2011 - alexandre@exatati.com.br
- Update to 1.3-rc1;
- Regenerated spec file with py2pack;
- No more need to fix wrong line endings;
- Refresh patch empty-ip-2.diff with -p0.
-------------------------------------------------------------------
Thu Mar 3 09:32:52 UTC 2011 - saschpe@suse.de
- Spec file cleanup:
* Removed empty lines, package authors from description
* Cleanup duplicates
* Corrected wrong file endings
* Added zero-length rpmlint filter
- Added AUTHORS, LICENSE and doc files
-------------------------------------------------------------------
Wed Feb 9 03:37:29 UTC 2011 - alexandre@exatati.com.br
- Update to 1.2.5:
- This is a security update that fix:
- Flaw in CSRF handling;
- Potential XSS in file field rendering.
-------------------------------------------------------------------
Thu Dec 23 10:20:03 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2.4:
- Information leakage in Django administrative interface;
- Denial-of-service attack in password-reset mechanism.
- This is a mandatory security update.
-------------------------------------------------------------------
Sat Sep 11 11:46:41 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2.3:
- The patch applied for the security issue covered in Django
1.2.2 caused issues with non-ASCII responses using CSRF
tokens. This has been remedied;
- The patch also caused issues with some forms, most notably
the user-editing forms in the Django administrative interface.
This has been remedied.
- The packaging manifest did not contain the full list of
required files. This has been remedied.
-------------------------------------------------------------------
Thu Sep 9 01:06:43 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2.2.
- This is a ciritical security update fixing a default XSS bug!
-------------------------------------------------------------------
Fri Jul 9 11:27:26 UTC 2010 - jfunk@funktronics.ca
- Added patch to fix upstream bug 5622: Empty ipaddress raises an error
-------------------------------------------------------------------
Mon May 17 21:14:11 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2.1.
-------------------------------------------------------------------
Mon May 17 18:35:20 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2.
-------------------------------------------------------------------
Thu May 6 13:46:03 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2-rc-1.
-------------------------------------------------------------------
Mon Apr 5 02:21:44 UTC 2010 - alexandre@exatati.com.br
- Spec file cleaned with spec-cleaner;
- Minor manual adjusts on spec file.
-------------------------------------------------------------------
Thu Mar 18 17:47:12 UTC 2010 - alexandre@exatati.com.br
- Moved autocomplete file path from /etc/profile.d to
/etc/bash_completion.d. Then it works with konsole too.
-------------------------------------------------------------------
Mon Mar 15 01:53:50 UTC 2010 - alexandre@exatati.com.br
- Update to 1.2-beta-1;
- Using -q option on prep section of spec file;
- Using INSTALLED_FILES instead of declaring files;
- Removed dummy changelog section of spec file;
- Update completion bash patch.
-------------------------------------------------------------------
Sun Oct 11 07:51:32 UTC 2009 - nix@opensuse.org
- Update to 1.1.1 due to security issue described at
http://www.djangoproject.com/weblog/2009/oct/09/security/
-------------------------------------------------------------------
Sat Oct 10 12:18:31 UTC 2009 - alexandre@exatati.com.br
- Removed old tarball file (Django-1.1.tar.bz2).
-------------------------------------------------------------------
Tue Aug 25 12:23:09 CEST 2009 - garloff@suse.de
- Fix python version check.
-------------------------------------------------------------------
Sat Aug 22 13:39:35 CEST 2009 - garloff@suse.de
- Don't require python-sqlite2 for python >= 2.6.
-------------------------------------------------------------------
Fri Aug 21 11:38:03 CEST 2009 - garloff@suse.de
- Build as noarch on factory.
-------------------------------------------------------------------
Wed Aug 19 17:40:46 CEST 2009 - poeml@suse.de
- don't run bash completion on shells other than bash. Avoiding
error messages produced at login when using other shells.
-------------------------------------------------------------------
Fri Aug 14 18:05:42 UTC 2009 - alexandre@exatati.com.br
- Added bash auto-complete to openSUSE.
-------------------------------------------------------------------
Wed Jul 29 00:00:00 CEST 2009 - listuser@peternixon.net
- update to version 1.1
- add python-django-rpmlintrc to quiet rpmlint complaints about -lang
-------------------------------------------------------------------
Wed Jul 1 19:04:26 CEST 2009 - poeml@suse.de
- add python-xml to the Requires (./manage.py syncdb crashes
otherwise)
-------------------------------------------------------------------
Sat Sep 13 00:00:00 UTC 2008 - listuser@peternixon.net
- update to version 1.0
- Fix build on SLES9
-------------------------------------------------------------------
Thu Sep 4 10:40:58 CEST 2008 - crrodriguez@suse.de
- update to version 1.0 final
-------------------------------------------------------------------
Wed May 14 00:00:00 UTC 2008 - listuser@peternixon.net
- update to version 0.96.2
-------------------------------------------------------------------
Thu Feb 21 00:00:00 UTC 2008 - jfunk@funktronics.ca
- The way simplejson is included in this package is not useful to other
packages. Removed from provides
-------------------------------------------------------------------
Fri Oct 26 20:20:08 UTC 2007 - crrodriguez@suse.de
- verion 0.96.1 fixes D.o.S attack in the i18n module
-------------------------------------------------------------------
Fri Mar 23 00:00:00 UTC 2007 - crrodriguez@suse.de
- update to version 0.96
see http://www.djangoproject.com/documentation/release_notes_0.96 for details
- this package provides python-simplejson too.
