Path to this page:
Subject: CVS commit: pkgsrc/www/py-django2
From: Adam Ciarcinski
Date: 2019-12-02 12:46:56
Message id: 20191202114656.E1DBDFA97@cvs.NetBSD.org
Log Message:
py-django2: updated to 2.2.8
2.2.8:
* CVE-2019-19118: Privilege escalation in the Django admin.
* Fixed a data loss possibility in the admin changelist view when a custom \
formset’s prefix contains regular expression special characters, e.g. ‘$’.
* Fixed a regression in Django 2.2.1 that caused a crash when migrating \
permissions for proxy models with a multiple database setup if the default entry \
was empty.
* Fixed a data loss possibility in the select_for_update(). When using 'self' in \
the of argument with multi-table inheritance, a parent model was locked instead \
of the queryset’s model
Files: