commit python-Django for openSUSE:Factory

root Mon, 14 Sep 2020 03:04:11 -0700

Hello community,

here is the log from the commit of package python-Django for openSUSE:Factory 
checked in at 2020-09-14 12:02:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django (Old)
 and      /work/SRC/openSUSE:Factory/.python-Django.new.4249 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "python-Django"

Mon Sep 14 12:02:48 2020 rev:68 rq:833249 version:3.1.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes      
2020-09-04 10:57:53.618584195 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django.new.4249/python-Django.changes    
2020-09-14 12:04:04.907672370 +0200
@@ -1,0 +2,19 @@
+Wed Sep  9 14:14:08 UTC 2020 - Marketa Calabkova <mcalabk...@suse.com>
+
+- Update to 3.1.1
+  * CVE-2020-24583: Incorrect permissions on intermediate-level directories on 
Python 3.7+
+  * CVE-2020-24584: Permission escalation in intermediate-level directories of 
the file 
+    system cache on Python 3.7+
+  * Fixed a data loss possibility in the select_for_update(). When using 
related fields 
+    pointing to a proxy model in the of argument, the corresponding model was 
not locked
+  * Fixed a regression in Django 3.1 that caused a crash when decoding an 
invalid session data
+  * Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, 
Oracle, and SQLite
+  * Fixed a regression in Django 3.1 that caused permission errors in 
CommonPasswordValidator 
+    and settings.py
+
+-------------------------------------------------------------------
+Wed Sep  9 03:55:36 UTC 2020 - John Vandenberg <jay...@gmail.com>
+
+- Require asgiref >= 3.2.10 per upstream
+
+-------------------------------------------------------------------

Old:
----
  Django-3.1.tar.gz
  Django-3.1.tar.gz.asc

New:
----
  Django-3.1.1.tar.gz
  Django-3.1.1.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.rnb9qq/_old  2020-09-14 12:04:06.163673662 +0200
+++ /var/tmp/diff_new_pack.rnb9qq/_new  2020-09-14 12:04:06.163673662 +0200
@@ -23,7 +23,7 @@
 %bcond_with memcached
 Name:           python-Django
 # We want support LTS versions of Django -  numbered 2.2 -> 3.2 -> 4.2 etc
-Version:        3.1
+Version:        3.1.1
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause
@@ -40,7 +40,7 @@
 BuildRequires:  %{python_module Pillow}
 BuildRequires:  %{python_module PyYAML}
 BuildRequires:  %{python_module argon2-cffi >= 16.1.0}
-BuildRequires:  %{python_module asgiref}
+BuildRequires:  %{python_module asgiref >= 3.2.10}
 BuildRequires:  %{python_module base >= 3.5}
 BuildRequires:  %{python_module bcrypt}
 BuildRequires:  %{python_module docutils}
@@ -56,7 +56,7 @@
 Requires:       python
 Requires:       python-Pillow
 Requires:       python-argon2-cffi >= 16.1.0
-Requires:       python-asgiref
+Requires:       python-asgiref >= 3.2.10
 Requires:       python-pytz
 Requires:       python-setuptools
 Requires:       python-sqlparse >= 0.2.2

++++++ Django-3.1.tar.gz -> Django-3.1.1.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django/Django-3.1.tar.gz 
/work/SRC/openSUSE:Factory/.python-Django.new.4249/Django-3.1.1.tar.gz differ: 
char 5, line 1

++++++ Django-3.1.tar.gz.asc -> Django-3.1.1.tar.gz.asc ++++++
--- /work/SRC/openSUSE:Factory/python-Django/Django-3.1.tar.gz.asc      
2020-09-04 10:57:46.030580130 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django.new.4249/Django-3.1.1.tar.gz.asc  
2020-09-14 12:04:03.979671416 +0200
@@ -2,16 +2,16 @@
 Hash: SHA256
 
 This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 3.1, released August 4, 2020.
+tarball and wheel files of Django 3.1.1, released September 1, 2020.
 
 To use this file, you will need a working install of PGP or other
 compatible public-key encryption software. You will also need to have
 the Django release manager's public key in your keyring; this key has
-the ID ``2EF56372BA48CD1B`` and can be imported from the MIT
+the ID ``E17DF5C82B4F9D00`` and can be imported from the MIT
 keyserver. For example, if using the open-source GNU Privacy Guard
 implementation of PGP:
 
-    gpg --keyserver pgp.mit.edu --recv-key 2EF56372BA48CD1B
+    gpg --keyserver pgp.mit.edu --recv-key E17DF5C82B4F9D00
 
 Once the key is imported, verify this file::
 
@@ -24,40 +24,39 @@
 Release packages:
 =================
 
-https://www.djangoproject.com/m/releases/3.1/Django-3.1-py3-none-any.whl
-https://www.djangoproject.com/m/releases/3.1/Django-3.1.tar.gz
+https://www.djangoproject.com/m/releases/3.1/Django-3.1.1.tar.gz
+https://www.djangoproject.com/m/releases/3.1/Django-3.1.1-py3-none-any.whl
 
 MD5 checksums
 =============
 
-281c2e919cb60fd09a64fd068cf152fb  Django-3.1-py3-none-any.whl
-2001ba40467d61a2b90570a68c657e35  Django-3.1.tar.gz
+d5e894fb3c46064e84e9dc68a08a46d0  Django-3.1.1.tar.gz
+f4eb53dd67fc64f9b62514fb21a95949  Django-3.1.1-py3-none-any.whl
 
 SHA1 checksums
 ==============
 
-078f1ca04e2a85b33061b573eb60f653fe3af6ed  Django-3.1-py3-none-any.whl
-e337b9d012e55fef0e2ebd40df2f594973be090f  Django-3.1.tar.gz
+85b27794ddeea5b127563ba6cae0f35b59d78289  Django-3.1.1.tar.gz
+65c131f4e90c914a52bca1543e70678a64ffad93  Django-3.1.1-py3-none-any.whl
 
 SHA256 checksums
 ================
 
-1a63f5bb6ff4d7c42f62a519edc2adbb37f9b78068a5a862beff858b68e3dc8b  
Django-3.1-py3-none-any.whl
-2d390268a13c655c97e0e2ede9d117007996db692c1bb93eabebd4fb7ea7012b  
Django-3.1.tar.gz
+59c8125ca873ed3bdae9c12b146fbbd6ed8d0f743e4cf5f5817af50c51f1fc2f  
Django-3.1.1.tar.gz
+b5fbb818e751f660fa2d576d9f40c34a4c615c8b48dd383f5216e609f383371f  
Django-3.1.1-py3-none-any.whl
 -----BEGIN PGP SIGNATURE-----
 
-iQJPBAEBCAA5FiEEq7LCqM0B8WE2GLcNLvVjcrpIzRsFAl8pFPIbHGZlbGlzaWFr
-Lm1hcml1c3pAZ21haWwuY29tAAoJEC71Y3K6SM0b6vkP/32JhaDGV29bTaxKnaSH
-LGtLADGlIBKueTjiWGJtRGHiYqCrTg5wnqs9VDlgnskhXJqTN3dCEmX9TXrrUOAv
-Mujog0bXm1iQbD3Y/pv8RCuWUZPLbTKTbQn2OlONIHPbbTeeUFIAhu7P7t8g/Jjl
-UIKM+CjgrAluHHQf+texdN0qiddd6gajf+Re+znWuT4COo1b0urcXHUGbCyJx0Ae
-Kb/U9asLxB+Z8O+4gSxphb9Eo8dt5d3HpmnmAJ/Lfx47TCi4jmoHEHV/BNvQoYBF
-fCqLRelGWWjkPbDoCX2JAAalvNDAk4fVe9ZQkFTD6uiur1jHn/nD3Dgt+zfdhTNb
-0kQZ4WIawiH1VwQQ1GqkvDu04sToafKstdtRrgf/WbgwNivfxui531/niF30E6nd
-8svHLA+a63KFx6sQPv7v4430g6uLvvEEyqIA5tjB2MjGFgmcOhnsykYmT/bidwIy
-A0tEJ0/iNsS0WyYCqwoQ3op0+wnx1voCgN5Rt5MaBVAcwl3Lzp8StUJTC5o2QDUM
-qDdFrr1Mp4JBj992i33vu8QqQsgbUDozZJOedH3j5E47PRx74XAUHNmaAbcAKB9y
-v5XV4ueNKEyI1bP/wuUKqm6QqYRcjEnxAq08OkiBHvsqr8L0EXS+5enyaQsRNOA6
-WyWATW0ae02i6KMPWn4owW5L
-=nCOU
+iQIzBAEBCAAdFiEE/l+2OHah1xioxnVW4X31yCtPnQAFAl9OASwACgkQ4X31yCtP
+nQC97Q//V1gnXYEsqn2UOz1JJ16I3M8LSDKpma1FY4BJ9EtKjB+JgiGkjwLUAJZP
+sOyDeNkTOnLk0sNn7LTpSnOhjfb5vgbeFrGiXaCL3njJjSqZl6M6HnsePuanOTAA
+ufGKyFhk5TJ243oHMuKAfcqWOQegSHi3ZXgD0NJOTH6dGsKNsvcNaPlwlGAPc0EH
+wokz/ikDIV8q10/uquOP+AUew3lClCuncI+YCsGVUs/wnniiqxxoY9V2uxP/8/mt
+OfL5/VRAkXNk0kBxu5lLPGOLNdJfgskpQbhZFXAAtWjbQw2D0s1/HCB2XXfiiztU
+j34o/CD1USOzTZA3uv8zoCiLjWON/FXwvdvJFNo3J79DGdeqJmjdCFEpnLNzLBUW
+kliy9i+OVCR3eWfx6UEu4WwsSOLuyDP38J0V57FzRzZAXSyVYpvTKToHWMkDi7eU
+CrCkhUkWTWIS9C73V42FUChReFkHfZ00RVR+g21rz6wEp4UFu1IRPcxLsir1Uy63
+7VSHydexXllr0/BS1Ii1V5z1Vk8eUx4qE10yiRAtxBEjaGMJkVsvJXVmA2MINrxI
+mYO1Q2j7FkXLA3AHcH1FPHjYiPZDfEHX4MADNXU0YVoRWDiWXZRp2bCuM2Q6PmkW
+l5WhxbfllVcy1xJMmqwsTu0Wvr27x7hyU/nA348+9I6SV3uh3cQ=
+=Q2LD
 -----END PGP SIGNATURE-----

commit python-Django for openSUSE:Factory

Reply via email to