Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Django4 for openSUSE:Factory
checked in at 2024-12-09 21:12:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django4 (Old)
and /work/SRC/openSUSE:Factory/.python-Django4.new.29675 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django4"
Mon Dec 9 21:12:45 2024 rev:6 rq:1229316 version:4.2.17
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django4/python-Django4.changes
2024-11-19 22:23:48.137667709 +0100
+++ /work/SRC/openSUSE:Factory/.python-Django4.new.29675/python-Django4.changes
2024-12-09 21:13:50.970684166 +0100
@@ -1,0 +2,7 @@
+Mon Dec 9 09:31:10 UTC 2024 - Markéta Machová <mmach...@suse.com>
+
+- Update to 4.1.17 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907)
+ * CVE-2024-53907: Potential denial-of-service in
django.utils.html.strip_tags()
+ * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle
+
+-------------------------------------------------------------------
Old:
----
Django-4.2.16.checksum.txt
Django-4.2.16.tar.gz
New:
----
Django-4.2.17.checksum.txt
Django-4.2.17.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Django4.spec ++++++
--- /var/tmp/diff_new_pack.2eXGnL/_old 2024-12-09 21:13:51.510706760 +0100
+++ /var/tmp/diff_new_pack.2eXGnL/_new 2024-12-09 21:13:51.514706927 +0100
@@ -24,7 +24,7 @@
%{?sle15_python_module_pythons}
Name: python-Django4
# We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc
-Version: 4.2.16
+Version: 4.2.17
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause
++++++ Django-4.2.16.checksum.txt -> Django-4.2.17.checksum.txt ++++++
--- /work/SRC/openSUSE:Factory/python-Django4/Django-4.2.16.checksum.txt
2024-09-04 13:27:43.081530864 +0200
+++
/work/SRC/openSUSE:Factory/.python-Django4.new.29675/Django-4.2.17.checksum.txt
2024-12-09 21:13:50.894680986 +0100
@@ -2,24 +2,24 @@
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 4.2.16, released September 3, 2024.
+tarball and wheel files of Django 4.2.17, released December 4, 2024.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring. This key has
-the ID ``2EE82A8D9470983E`` and can be imported from the MIT
+the ID ``3955B19851EA96EF`` and can be imported from the MIT
keyserver, for example, if using the open-source GNU Privacy Guard
implementation of PGP:
- gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
+ gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF
or via the GitHub API:
- curl https://github.com/nessita.gpg | gpg --import -
+ curl https://github.com/sarahboyce.gpg | gpg --import -
Once the key is imported, verify this file:
- gpg --verify Django-4.2.16.checksum.txt
+ gpg --verify Django-4.2.17.checksum.txt
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
@@ -28,40 +28,38 @@
Release packages
================
-https://www.djangoproject.com/m/releases/4.2/Django-4.2.16.tar.gz
-https://www.djangoproject.com/m/releases/4.2/Django-4.2.16-py3-none-any.whl
+https://www.djangoproject.com/m/releases/4.2/Django-4.2.17-py3-none-any.whl
+https://www.djangoproject.com/m/releases/4.2/Django-4.2.17.tar.gz
MD5 checksums
=============
-290c4b542590d86c700a04652d7cf1b7 Django-4.2.16.tar.gz
-3addd852809445c1f4541bed114025bb Django-4.2.16-py3-none-any.whl
+27f13e8049fd9416b53cbc8bde828331 Django-4.2.17-py3-none-any.whl
+f4da72476600b58016ddce31af4dc12b Django-4.2.17.tar.gz
SHA1 checksums
==============
-850cfa6be52834e0e1abef6e64903229791b05b9 Django-4.2.16.tar.gz
-93f5b781eb2e1cc6304cb8a8ec8b04e713988b00 Django-4.2.16-py3-none-any.whl
+a06c8254934dedfa9d3a423014d7997745ca5605 Django-4.2.17-py3-none-any.whl
+b96eaf8c473c6db686ca83125a26fd60f353b414 Django-4.2.17.tar.gz
SHA256 checksums
================
-6f1616c2786c408ce86ab7e10f792b8f15742f7b7b7460243929cb371e7f1dad
Django-4.2.16.tar.gz
-1ddc333a16fc139fd253035a1606bb24261951bbc3a6ca256717fa06cc41a898
Django-4.2.16-py3-none-any.whl
+3a93350214ba25f178d4045c0786c61573e7dbfa3c509b3551374f1e11ba8de0
Django-4.2.17-py3-none-any.whl
+6b56d834cc94c8b21a8f4e775064896be3b4a4ca387f2612d4406a5927cd2fdc
Django-4.2.17.tar.gz
-----BEGIN PGP SIGNATURE-----
-iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmbXBOMoHDEyNDMwNCtu
-ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPuX9D/4l
-TT1o5clCvNrswNtLLhmiUrJHH5A0hrHxmc1Ls7OMKM7OJvoMTH/qjKQSAPUccr5o
-x5osK4El2ln7nYnEjej0bkryT9eKAORHkL3NQEEJpdp1qWJY2OjHAQ9sdM5fYdLa
-IZXiDfhrsbE75gJbINoPX4HbwwJ2hpxA2tpDUwVQI7z6r0ps9UgE5wiElemjR1dK
-KZHrqsD+Lv5vXPynL8VtBOnKr1W373zbHAKwLyvv0CGBFML/YvZBquhQimPBGzIh
-Q7wk5rv7lyAvJpkYdQ8RjFZPJO6/gbT1WsEwvsGX0YevLllISBXJ1TyzmYItNxmR
-PzG9yINbcD08DJrLedtBeZU2CIsj06+HHiRKKolpa9YBNc5cfLZ20ZxBo3+gUB1/
-RSo7RZBFnRPU/kyMikkM4Seys3OdGltrGQhvwmRtBbnqsO+m+BgGWCpelP5Jil4F
-pTB5eCv8Dsxw64L2TO0010PlGXaEqqDxhHtWaFfCU+AHYLPwJlKiTpaOmgqxFH6X
-erGgKGqKAwBjAy6m0Spbw5THZu4apbsyizWtJvi02dXvs81PqmELV8cAcYY4bi+4
-FQT7GLnBO/6H5FdQUem1dP8HvCQbAht/gx806LZ/fC9uKiCZ/clHum8J4/IwneCB
-Q7GG+MgKA8SWoQ80VAjsVe5D6XyYhzOdKBkIu8TRVA==
-=yFhJ
+iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmdQWrstHDQyMjk2NTY2
+K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv
+WHsMAKlbu+X3NKtG1SfIia6GjvHRmFh+5jbfzJaWU8WFiQmjiPndZaJC/aMyk1UI
+3vCKdqgi8GrwQK3d6DsDE21jdLj9PJYqfQP19fp4oG9Ctapj6RQ0dcQRadyB1DP+
+aJUc3GVo6wT04EDJjbCs9hl1a8PX6qk+WbFG16W9iia8M90KxtEtr0DnDYvqkdEi
+rnkShDV/f8iAckZ5k+SCfKdva2iKxpqt4iHFju5Pa//3pxCnHcz91LLogq7TxqiC
+4GzLu1aTKnwPZgqrwDkRkdCgRuT2LZRW2NCjRCe6MHxHbKLgCGvc2aBn8aW1lbRU
+61cCbP7MQUfj6GSar/TqavtB5FajbVmLVM84HXbxPLDp6djUwp++Jbva9ywXx9p9
+b8LmnskFZiRgwaIgyZqc5cDzpLeQ5xcrISCpND6SlJBovndtLuO3hqeUX3Whag8C
+PfcjSJqwgTcp9ugWe76NinMsQHXEvSOuJB5thiWZBa3GuhCYIjAsBZT3YTQ6OUui
+CuWS2g==
+=61Fe
-----END PGP SIGNATURE-----
++++++ Django-4.2.16.tar.gz -> Django-4.2.17.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django4/Django-4.2.16.tar.gz
/work/SRC/openSUSE:Factory/.python-Django4.new.29675/Django-4.2.17.tar.gz
differ: char 5, line 1
++++++ python-Django4.keyring ++++++
--- /var/tmp/diff_new_pack.2eXGnL/_old 2024-12-09 21:13:51.594710275 +0100
+++ /var/tmp/diff_new_pack.2eXGnL/_new 2024-12-09 21:13:51.598710442 +0100
@@ -88,4 +88,46 @@
eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA==
=ul9f
-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k
+cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW
+qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR
+vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa
+bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz
+mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB
+a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3
+okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl
+EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93
+KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+
+iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG
+FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm
+j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu
+NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev
+BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK
+waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1
+CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC
+1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5
+AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi
+IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H
+MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW
+4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C
+aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS
+h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i
+SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU
+PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu
+tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb
+pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA
+AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV
+sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7
+G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk
+334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf
+07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj
++4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK
+qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL
+5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8
+BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF
+z+gZLcBuv/NdNg==
+=B8gH
+-----END PGP PUBLIC KEY BLOCK-----
