./www/py-django, Django, a high-level Python Web framework

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.8.3, Package name: py27-django-1.8.3, Maintainer: joerg

Django is a high-level Python Web framework that encourages rapid development
and clean, pragmatic design. Django was designed to make common Web-development
tasks fast and easy.

DEINSTALL [+/-]

Required to run:
[devel/py-setuptools] [lang/python27]

Master sites:

SHA1: 229dae14aa42169e2e2a6ecb1e00e75f0d57ed35
RMD160: 4a54b63b3408d37c1defe549a622aa4ef228eac6
Filesize: 7113.601 KB

Version history: (Expand)


CVS history: (Expand)


   2015-07-17 17:50:53 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 1.8.3:
* Denial-of-service possibility by filling session store
* Header injection possibility since validators accept newlines in input
* Denial-of-service possibility in URL validation
* Bugfixes
   2015-04-14 01:12:44 by Blue Rats | Files touched by this commit (94)
Log message:
Removing python26. EOL'd quite some ago and discussed a couple times on
tech-pkg@ and pkgsrc-users@.
   2015-03-19 10:53:45 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes 1.7.7:
* Fix for Denial-of-service possibility with strip_tags()
* Mitigated possible XSS attack via user-supplied redirect URLs
   2015-03-09 20:01:39 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes 1.7.6:
These releases address a security issue in the Django admin.
* Issue: XSS attack via properties in ModelAdmin.readonly_fields
* Advisory: HTML escaping when calling template filters from Python code
   2015-02-26 07:27:06 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 1.7.5:
Bugfixes:
* Reverted a fix that prevented a migration crash when unapplying \ 
contrib.contenttypes’s or contrib.auth’s first migration (24075) due to \ 
severe impact on the test performance (24251) and problems in multi-database \ 
setups (24298).
* Fixed a regression that prevented custom fields inheriting from \ 
ManyToManyField from being recognized in migrations (24236).
* Fixed crash in contrib.sites migrations when a default database isn’t used \ 
(24332).
* Added the ability to set the isolation level on PostgreSQL with psycopg2 ≥ \ 
2.4.2 (24318). It was advertised as a new feature in Django 1.6 but it didn’t \ 
work in practice.
* Formats for the Azerbaijani locale (az) have been added.
   2015-01-28 07:41:31 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes 1.7.4:
* Fixed a migration crash when unapplying contrib.contenttypes’s or \ 
contrib.auth’s first migration.
* Made the migration’s RenameModel operation rename ManyToManyField tables.
* Fixed a migration crash on MySQL when migrating from a OneToOneField to a \ 
ForeignKey.
* Prevented the static.serve view from producing ResourceWarnings in certain \ 
circumstances.
* Fixed schema check for ManyToManyField to look for internal type instead of \ 
checking class instance, so you can write custom m2m-like fields with the same \ 
behaviour.
   2015-01-14 18:07:12 by Adam Ciarcinski | Files touched by this commit (4)
Log message:
Fixed securify issues:
* WSGI header spoofing via underscore/dash conflation
* Mitigated possible XSS attack via user-supplied redirect URLs
* Denial-of-service attack against django.views.static.serve
* Database denial-of-service with ModelMultipleChoiceField
   2015-01-07 00:07:32 by Joerg Sonnenberger | Files touched by this commit (1)
Log message:
Python 2.6 is no longer supported.