On Wed, Nov 07, 2007 at 05:57:39PM -0700, Darrin Chandler wrote: > There was an i18n vuln leading to possible DoS, described at > http://www.djangoproject.com/weblog/2007/oct/26/security-fix/ > > This updates the package to the new point release and bumps package from > py-django-0.96 -> py-django-0.96.1. Diff attached. > > Tested briefly on i386 with a project under development. > > Thanks to John Danks for the heads up.
I freshened up my ports tree a bit and had another go. Here's a better diff, thanks to a cluestick and help from [EMAIL PROTECTED] Index: Makefile =================================================================== RCS file: /cvs/ports/www/py-django/Makefile,v retrieving revision 1.2 diff -u -p -r1.2 Makefile --- Makefile 8 Oct 2007 08:22:43 -0000 1.2 +++ Makefile 8 Nov 2007 01:25:04 -0000 @@ -2,10 +2,11 @@ COMMENT= high-level Python web framework +VP= 0.96.1 V= 0.96 LNAME= django -DISTNAME= Django-${V} -PKGNAME= py-${LNAME}-${V}p0 +DISTNAME= Django-${VP} +PKGNAME= py-${LNAME}-${VP} CATEGORIES= www lang/python HOMEPAGE= http://www.djangoproject.com/ Index: distinfo =================================================================== RCS file: /cvs/ports/www/py-django/distinfo,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 distinfo --- distinfo 19 Sep 2007 13:45:00 -0000 1.1.1.1 +++ distinfo 8 Nov 2007 01:25:04 -0000 @@ -1,5 +1,5 @@ -MD5 (Django-0.96.tar.gz) = b4aedad1e90dd38d58ff9fc756180c7d -RMD160 (Django-0.96.tar.gz) = 2ca030a75c7b11fcc3507ad929d8a9884c0fad3e -SHA1 (Django-0.96.tar.gz) = 8870e0946ffe33a78293616d89b640fa58c6fe33 -SHA256 (Django-0.96.tar.gz) = d8e9cd5ad36901bc18cd13d939b0cffd23a028d0ae1a56e2ac753573ede10eba -SIZE (Django-0.96.tar.gz) = 1748745 +MD5 (Django-0.96.1.tar.gz) = EKoy5YlpxO/rAO9CuhkrFw== +RMD160 (Django-0.96.1.tar.gz) = G9j8zqsQH4BWC7SqikhRwgTzkYs= +SHA1 (Django-0.96.1.tar.gz) = hScPhX/0BZg8rpoe9237MwPKbuw= +SHA256 (Django-0.96.1.tar.gz) = SHQTTp/GvQjrfkUeQgODlGaIlcJrfMhn1MP9r51xEIU= +SIZE (Django-0.96.1.tar.gz) = 1746455 Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/www/py-django/pkg/PLIST,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 PLIST --- pkg/PLIST 19 Sep 2007 13:45:00 -0000 1.1.1.1 +++ pkg/PLIST 8 Nov 2007 01:25:04 -0000 @@ -1,5 +1,6 @@ @comment $OpenBSD: PLIST,v 1.1.1.1 2007/09/19 13:45:00 merdely Exp $ bin/${LNAME}-admin.py +lib/python${MODPY_VERSION}/site-packages/Django-${V}.1-py${MODPY_VERSION}.egg-info lib/python${MODPY_VERSION}/site-packages/${LNAME}/ lib/python${MODPY_VERSION}/site-packages/${LNAME}/__init__.py lib/python${MODPY_VERSION}/site-packages/${LNAME}/__init__.pyc