./www/py-django, Django, a high-level Python Web framework

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.11.13, Package name: py27-django-1.11.13, Maintainer: joerg

Django is a high-level Python Web framework that encourages rapid development
and clean, pragmatic design. Django was designed to make common Web-development
tasks fast and easy.

DEINSTALL [+/-]

Required to run:
[devel/py-setuptools] [time/py-pytz] [lang/python27]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 52a110506aae3ac499c2969e455fdec96926c8b5
RMD160: 5a736f86b38d183e6b2b4ec098c73063966b3546
Filesize: 7699.735 KB

Version history: (Expand)


CVS history: (Expand)


   2018-05-02 08:28:35 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: updated to 1.11.13

1.11.13:
Bugfixes
* Fixed a regression in Django 1.11.8 where altering a field with a unique \ 
constraint may drop and rebuild more foreign keys than necessary.
* Fixed crashes in django.contrib.admindocs when a view is a callable object, \ 
such as django.contrib.syndication.views.Feed.
* Fixed a regression in Django 1.11.12 where QuerySet.values() or values_list() \ 
after combining an annotated and unannotated queryset with union(), \ 
difference(), or intersection() crashed due to mismatching columns
   2018-04-03 10:58:32 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: updated to 1.11.12

Django 1.11.12:
Bugfixes:
Fixed a regression in Django 1.11.8 where combining two annotated values_list() \ 
querysets with union(), difference(), or intersection() crashed due to \ 
mismatching columns.
Fixed a regression in Django 1.11 where an empty choice could be initially \ 
selected for the SelectMultiple and CheckboxSelectMultiple widgets
   2018-03-06 21:04:06 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: updated to 1.11.11

1.11.11:
CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc template \ 
filters
CVE-2018-7537: Denial-of-service possibility in truncatechars_html and \ 
truncatewords_html template filters
   2018-02-02 08:55:34 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: updated to 1.11.10

1.11.10:

CVE-2018-6188: Information leakage in AuthenticationForm

A regression in Django 1.11.8 made AuthenticationForm run its \ 
confirm_login_allowed() method even if an incorrect password is entered. This \ 
can leak information about a user, depending on what messages \ 
confirm_login_allowed() raises. If confirm_login_allowed() isn’t overridden, \ 
an attacker enter an arbitrary username and see if that user has been set to \ 
is_active=False. If confirm_login_allowed() is overridden, more sensitive \ 
details could be leaked.

This issue is fixed with the caveat that AuthenticationForm can no longer raise \ 
the “This account is inactive.” error if the authentication backend rejects \ 
inactive users (the default authentication backend, ModelBackend, has done that \ 
since Django 1.10). This issue will be revisited for Django 2.1 as a fix to \ 
address the caveat will likely be too invasive for inclusion in older versions.

Bugfixes:
Fixed incorrect foreign key nullification if a model has two foreign keys to the \ 
same model and a target model is deleted.
Fixed a regression where contrib.auth.authenticate() crashes if an \ 
authentication backend doesn’t accept request and a later one does.
Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields
   2018-01-03 08:23:45 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: updated to 1.11.9

Bugfixes:
Fixed a regression in Django 1.11 that added newlines between MultiWidget’s \ 
subwidgets.
Fixed incorrect class-based model index name generation for models with quoted \ 
db_table.
Fixed incorrect foreign key constraint name for models with quoted db_table.
Fixed a regression in caching of a GenericForeignKey when the referenced model \ 
instance uses more than one level of multi-table inheritance.
   2017-12-25 10:18:24 by Adam Ciarcinski | Files touched by this commit (1)
Log message:
REPLACE_PYTHON does not need WRKSRC
   2017-12-04 15:23:00 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-django: updated to 1.11.8

Django 1.11.8 fixes several bugs in 1.11.7:
* Reallowed, following a regression in Django 1.10, AuthenticationForm to raise \ 
the inactive user error when using ModelBackend.
* Added support for QuerySet.values() and values_list() for union(), \ 
difference(), and intersection() queries.
* Fixed incorrect index name truncation when using a namespaced db_table.
* Made QuerySet.iterator() use server-side cursors on PostgreSQL after values() \ 
and values_list().
* Fixed crash on SQLite and MySQL when ordering by a filtered subquery that uses \ 
nulls_first or nulls_last.
* Made query lookups for CICharField, CIEmailField, and CITextField use a citext \ 
cast.
* Fixed a regression in caching of a GenericForeignKey when the referenced model \ 
instance uses multi-table inheritance.
* Fixed “Cannot change column ‘x’: used in a foreign key constraint” \ 
crash on MySQL with a sequence of AlterField and/or RenameField operations in a \ 
migration
   2017-11-02 10:38:43 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-django: updated to 1.11.7

1.11.7:
Bugfixes
* Prevented cache.get_or_set() from caching None if the default argument is a \ 
callable that returns None.
* Fixed the Basque DATE_FORMAT string.
* Made QuerySet.reverse() affect nulls_first and nulls_last.
* Fixed unquoted table names in Subquery SQL when using OuterRef