Overview
Request 720192 accepted
- Update to 2.2.4:
* CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235
bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880
* Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628).
* Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621).
* Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506).
* Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647).
- Update to 2.2.3:
* CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶
- update to 2.2.2
* Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468)
* Fixes CVE-2019-11358: Prototype pollution
- Created by scarabeus_iv
- In state accepted
- Open review for devel:languages:python:django / python-Django
Request History
scarabeus_iv created request
- Update to 2.2.4:
* CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235
bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880
* Fixed a regression in Django 2.2 when ordering a QuerySet.union(), intersection(), or difference() by a field type present more than once results in the wrong ordering being used (#30628).
* Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type (#30621).
* Fixed a regression in Django 2.2 where auto-reloader crashes if a file path contains nulls characters ('\x00') (#30506).
* Fixed a regression in Django 2.2 where auto-reloader crashes if a translation directory cannot be resolved (#30647).
- Update to 2.2.3:
* CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS¶
- update to 2.2.2
* Fixes CVE-2019-12308: AdminURLFieldWidget XSS (bsc#1136468)
* Fixes CVE-2019-11358: Prototype pollution
factory-auto accepted review
Check script succeeded
maintbot added python-Django as a reviewer
Submission for python-Django by someone who is not maintainer in the devel project (devel:languages:python:django). Please review
maintbot accepted review
ok
licensedigger accepted review
ok
vitezslav_cizek accepted request
Thanks. Overriding review as agreed
devel:languages:python:django/python-Django@772c6f010288e92a4370241cd92ba17a -> openSUSE:Leap:15.1:Update/python-Django
expected origin is 'openSUSE:Factory' (changed)
sr#720189 waiting for review by licensedigger
found pending submission against origin (openSUSE:Factory)