Hello community,
here is the log from the commit of package python-Django for openSUSE:Factory
checked in at 2020-02-06 13:19:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django (Old)
and /work/SRC/openSUSE:Factory/.python-Django.new.26092 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django"
Thu Feb 6 13:19:21 2020 rev:61 rq:769928 version:2.2.10
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes
2020-01-16 18:16:50.448825478 +0100
+++ /work/SRC/openSUSE:Factory/.python-Django.new.26092/python-Django.changes
2020-02-06 13:19:25.748678238 +0100
@@ -2 +2,9 @@
-Wed Jan 15 14:25:13 UTC 2020 - Ondřej Súkup <mimi...@gmail.com>
+Tue Feb 4 09:42:08 UTC 2020 - Ondřej Súkup <mimi...@gmail.com>
+
+- update to 2.2.10
+- drop pyyaml53.patch
+ * fix boo#1161919 (CVE-2020 7471) Potential SQL injection via
``StringAgg(delimiter)``
+
+
+-------------------------------------------------------------------
+Wed Jan 15 15:08:32 UTC 2020 - Ondřej Súkup <mimi...@gmail.com>
Old:
----
Django-2.2.9.tar.gz
Django-2.2.9.tar.gz.asc
pyyaml53.patch
New:
----
Django-2.2.10.tar.gz
Django-2.2.10.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.RrZgbG/_old 2020-02-06 13:19:27.704679198 +0100
+++ /var/tmp/diff_new_pack.RrZgbG/_new 2020-02-06 13:19:27.704679198 +0100
@@ -23,7 +23,7 @@
%bcond_with memcached
Name: python-Django
# We want support LTS versions of Django - numbered 2.2 -> 3.2 -> 4.2 etc
-Version: 2.2.9
+Version: 2.2.10
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause
@@ -35,7 +35,6 @@
Patch0: i18n_test.patch
Patch1: test_clear_site_cache-sort.patch
Patch2: fix-selenium-test.patch
-Patch3: pyyaml53.patch
BuildRequires: %{python_module Jinja2 >= 2.9.2}
BuildRequires: %{python_module Pillow}
BuildRequires: %{python_module PyYAML}
@@ -101,7 +100,6 @@
%patch0 -p1
%patch1 -p1
%patch2 -p1
-%patch3 -p1
chmod a-x django/contrib/admin/static/admin/js/vendor/xregexp/xregexp.js
%build
++++++ Django-2.2.9.tar.gz -> Django-2.2.10.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django/Django-2.2.9.tar.gz
/work/SRC/openSUSE:Factory/.python-Django.new.26092/Django-2.2.10.tar.gz
differ: char 5, line 1
++++++ Django-2.2.9.tar.gz.asc -> Django-2.2.10.tar.gz.asc ++++++
--- /work/SRC/openSUSE:Factory/python-Django/Django-2.2.9.tar.gz.asc
2019-12-30 12:34:24.011790651 +0100
+++
/work/SRC/openSUSE:Factory/.python-Django.new.26092/Django-2.2.10.tar.gz.asc
2020-02-06 13:19:25.480678106 +0100
@@ -2,16 +2,16 @@
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 2.2.9, released December 18, 2019.
+tarball and wheel files of Django 2.2.10, released February 3, 2020.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring; this key has
-the ID ``2EF56372BA48CD1B`` and can be imported from the MIT
+the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT
keyserver. For example, if using the open-source GNU Privacy Guard
implementation of PGP:
- gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B
+ gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00
Once the key is imported, verify this file::
@@ -24,40 +24,39 @@
Release packages:
=================
-https://www.djangoproject.com/m/releases/2.2/Django-2.2.9-py3-none-any.whl
-https://www.djangoproject.com/m/releases/2.2/Django-2.2.9.tar.gz
+https://www.djangoproject.com/m/releases/2.2/Django-2.2.10-py3-none-any.whl
+https://www.djangoproject.com/m/releases/2.2/Django-2.2.10.tar.gz
MD5 checksums
=============
-2bdad7b5e9a0012f916b14f68df8084b Django-2.2.9-py3-none-any.whl
-a9a6555d166196e502b69715341f7ad4 Django-2.2.9.tar.gz
+d24676ee3a4e112abc46f5363a608cd6 Django-2.2.10-py3-none-any.whl
+10f192f8565ab137aea2dda4a4cb3d26 Django-2.2.10.tar.gz
SHA1 checksums
==============
-3257a5f8bf77896b6e883162282c256c59977aa4 Django-2.2.9-py3-none-any.whl
-c5a1c4bec360b4e98e839fcf6088b8eb1599c1ed Django-2.2.9.tar.gz
+084cdc5c5e2041b0d202cd9cfc2d272f978a244b Django-2.2.10-py3-none-any.whl
+86b0f5160b52cc4330d17cd69090f7f240c9fb47 Django-2.2.10.tar.gz
SHA256 checksums
================
-687c37153486cf26c3fdcbdd177ef16de38dc3463f094b5f9c9955d91f277b14
Django-2.2.9-py3-none-any.whl
-662a1ff78792e3fd77f16f71b1f31149489434de4b62a74895bd5d6534e635a5
Django-2.2.9.tar.gz
+9a4635813e2d498a3c01b10c701fe4a515d76dd290aaa792ccb65ca4ccb6b038
Django-2.2.10-py3-none-any.whl
+1226168be1b1c7efd0e66ee79b0e0b58b2caa7ed87717909cd8a57bb13a7079a
Django-2.2.10.tar.gz
-----BEGIN PGP SIGNATURE-----
-iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAl3543QbHGZlbGlzaWFr
-Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0bzHsP/3EjnNZi5CZYQLLiay1P
-4QIhHdl0Qqu5ocugQVngnBIu9/Lsn7QlCiQBE+M83HsUz03s6IEEIJ1t0wDpQFph
-PGEe3YbUk8U5VK0aEuDrc1Shi+mYmFnvA0Cj9+6TeFj8jVqTZH1olqJ7OwWBahXr
-6WPyU0R21VFjTAbgnw3iNT8sgnDm+pZBjXmmKScsXzDEcM6lnZd2ZcXg78cUKPPU
-VC32noVdiCh3HZnCxo/9yWpqLYfbdcg0UW/4xsVs0sRj923lYdgDD8Iht4anot+3
-lKK6PUht50iBCpVdmlYG1mfI5FWIEXZy/RKFMA/wwwXHqT9A7v5O1M4thFvyUHbA
-4926eGIZpU2RvPPCJDkReUmCQTqgmNdjFft8uLs4o10hiHp0vZKj+Zjm7rfSle8r
-cRCeTirfI+MVSLEP2ZhbVvFBQ2kXjFH1vtdZZaTEriWDCTb+F44K8zjeGpz/Yb/X
-PUfeT5++WPzGFxwaR1FNGL9gLUJLL656a8YeZdWWb//byMENdOoPMBazIGJ31k9S
-0aPtOs4hqz1MWRmoc67Xf/T3wzmgZVlpFEBL8wyMFoIbtAqj/ZwUSQ0f8BdF4BRk
-MwbkZ1PQoAGpiGJSUq6I1IFSp5mHf890AU50DkGmgOXNbjoOoGNRWO4NuEAiecA9
-+cpI6GRKyos9gsdiKyxObHqc
-=hVIR
+iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl432l4ACgkQ4X31yCtP
+nQDn1BAAn6zw5gnrDYDq1l3EOu5msL93pTt4vlRQP398taGwmytUdlpiDBtzRwUC
+wDRqOIwAoExhoxRbg5vn4oYkb+V5mYBr3ExWQpDvVRS3j4Pt+sldOUUF66JpfUEV
+iyo982VN0x91Ddx1Q+KGiEd3i+p5w2VFMDh+FDM+ySBzv86t0g0errCxb6+9Je4P
+MxtLgVzeGhAigoiQzJcGjr3uYxOZSNwNuxYiw/3vHpi8KmET3Bst+zLhYtr3LiAz
+3+K1qWek/Wwbv/Ycj4S+6TaVjaUkeNN3LlU7JCS8HFh2FkqmBGkmw5lZKM8RO9BK
+hIu8ZK8c5gzJ2I/Ez9bU1aAE2GFXBKMdvixmDMJ7NrMGATjrGOhI3mfGkG01QDKq
+jcLK89d/faeb2qsNRaSFlroI4F4tEVPkvehKAeazByynpZZ30kSmr2PMQwJezAK8
+LSjOfGSpF4cQJe4d/oyQm+JfqZA0NTby+6JjFgN1Ar0DjouXsUa96m5iQgwBbNwJ
+x6NqRk9fWyC73nr+MyQ2h+WaWwsW5sT2T6V6ZVaNLu3jdt9ijfhjKTsrvEIhe+Ri
+7sMz57PBaSNETZgwT86aLvDE6BMP5FjJ4MKB5MGFK3q3FHTtsogj5a3WZ1lyWyt0
+WiWQzCjdIyQnrmSOLTXV6EdlThziXZor81ilDiFcMeIUr/HF8tk=
+=IWbV
-----END PGP SIGNATURE-----
