./www/py-django, Django, a high-level Python Web framework

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.10.4, Package name: py27-django-1.10.4, Maintainer: joerg

Django is a high-level Python Web framework that encourages rapid development
and clean, pragmatic design. Django was designed to make common Web-development
tasks fast and easy.

DEINSTALL [+/-]

Required to run:
[devel/py-setuptools] [lang/python27]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 8629ec973aa868f03cd24fbd772ef9c0cf037e38
RMD160: 682378cd8f44866ef3453900daef0471d777cdfd
Filesize: 7553.919 KB

Version history: (Expand)


CVS history: (Expand)


   2016-12-02 13:21:17 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
Changes 1.10.4:
Bugfixes
* Quoted the Oracle test user’s password in queries to fix the “ORA-00922: \ 
missing or invalid option” error when the password starts with a number or \ 
special character.
* Fixed incorrect app_label / model_name arguments for allow_migrate() in \ 
makemigrations migration consistency checks.
* Made Model.delete(keep_parents=True) preserve parent reverse relationships in \ 
multi-table inheritance.
* Fixed a QuerySet.update() crash on SQLite when updating a DateTimeField with \ 
an F() expression and a timedelta.
* Prevented LocaleMiddleware from redirecting on URLs that should return 404 \ 
when using prefix_default_language=False.
* Prevented an unnecessary index from being created on an InnoDB ForeignKey when \ 
the field was added after the model was created.
   2016-11-06 10:08:52 by Wen Heping | Files touched by this commit (3) | Package updated
Log message:
Update to 1.10.3
Approved by:	joerg@(maintainer)

Upstream changelog is too long, please visit:
https://github.com/django/django/tree/m … s/releases
   2016-11-02 15:30:49 by Wen Heping | Files touched by this commit (2) | Package updated
Log message:
Update to 1.9.11(security update)

Upstream changes:
Django 1.9.11 release notes

November 1, 2016
Django 1.9.11 fixes two security issues in 1.9.10.
        User with hardcoded password created when running tests on Oracle
        DNS rebinding vulnerability when DEBUG=True
   2016-10-21 04:19:46 by Wen Heping | Files touched by this commit (2) | Package updated
Log message:
Update to 1.9.10(security update)

Upstream changes:
Django 1.9.10 release notes

September 26, 2016

Django 1.9.10 fixes a security issue in 1.9.9.
CSRF protection bypass on a site with Google Analytics

An interaction between Google Analytics and Django's cookie parsing could allow \ 
an attacker to set arbitrary cookies leading to a bypass of CSRF protection.

The parser for request.COOKIES is simplified to better match the behavior of \ 
browsers and to mitigate this attack. request.COOKIES may now contain cookies \ 
that are invalid according to RFC 6265 but are possible to set via \ 
document.cookie.
   2016-08-28 17:48:37 by Thomas Klausner | Files touched by this commit (112)
Log message:
Remove unnecessary PLIST_SUBST and FILES_SUBST that are now provided
by the infrastructure.

Mark a couple more packages as not ready for python-3.x.
   2016-08-04 10:23:11 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes 1.9.9:
Bugfixes:
* Fixed invalid HTML in template postmortem on the debug page
* Fixed some GIS database function crashes on MySQL 5.7
   2016-07-19 09:32:42 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
Django 1.9.8 fixes a security issue and several bugs in 1.9.7.

Unsafe usage of JavaScript’s Element.innerHTML could result in XSS in the \ 
admin’s add/change related popup. Element.textContent is now used to prevent \ 
execution of the data.

The debug view also used innerHTML. Although a security issue wasn’t \ 
identified there, out of an abundance of caution it’s also updated to use \ 
textContent.

Bugfixes:

* Fixed missing varchar/text_pattern_ops index on CharField and TextField \ 
respectively when using AddField on PostgreSQL.
* Fixed makemessages crash on Python 2 with non-ASCII file names.
   2016-06-06 11:34:59 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes 1.9.7:
Bugfixes:
* Removed the need for the request context processor on the admin login page to \ 
fix a regression in 1.9.
* Fixed translation of password validators’ help_text in forms.
* Fixed a regression causing the cached template loader to crash when using lazy \ 
template names.
* Fixed on_commit callbacks execution order when callbacks make transactions.
* Fixed HStoreField to raise a ValidationError instead of crashing on \ 
non-dictionary JSON input.
* Fixed dbshell crash on PostgreSQL with an empty database name.
* Fixed a regression in queries on a OneToOneField that has to_field and \ 
primary_key=True.