Log message:
Django 1.11.2 release notes

Django 1.11.2 adds a minor feature and fixes several bugs in 1.11.1. Also, the \ 
latest string translations from Transifex are incorporated.

Minor feature:
* The new LiveServerTestCase.port attribute reallows the use case of binding to \ 
a specific port following the bind to port zero change in Django 1.11.

Bugfixes:
* Added detection for GDAL 2.1 and 2.0, and removed detection for unsupported \ 
versions 1.7 and 1.8.
* Changed contrib.gis to raise ImproperlyConfigured rather than GDALException if \ 
gdal isn’t installed, to allow third-party apps to catch that exception.
* Fixed django.utils.http.is_safe_url() crash on invalid IPv6 URLs.
* Fixed regression causing pickling of model fields to crash.
* Fixed django.contrib.auth.authenticate() when multiple authentication backends \ 
don’t accept a positional request argument.
* Fixed introspection of index field ordering on PostgreSQL.
* Fixed a regression where Model._state.adding wasn’t set correctly on \ 
multi-table inheritance parent models after saving a child model.
* Allowed DjangoJSONEncoder to serialize django.utils.deprecation.CallableBool.
* Relaxed the validation added in Django 1.11 of the fields in the defaults \ 
argument of QuerySet.get_or_create() and update_or_create() to reallow settable \ 
model properties.
* Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if the \ 
InvalidPage message contains non-ASCII.
* Prevented Subquery from adding an unnecessary CAST which resulted in invalid SQL.
* Corrected detection of GDAL 2.1 on Windows.
* Made date-based generic views return a 404 rather than crash when given an out \ 
of range date.
* Fixed a regression where file_move_safe() crashed when moving files to a CIFS \ 
mount.
* Moved the ImageField file extension validation added in Django 1.11 from the \ 
model field to the form field to reallow the use case of storing images without \ 
an extension

Log message:
Changes 1.11.1:

Allowed disabling server-side cursors on PostgreSQL

Bugfixes:
Made migrations respect Index’s name argument. If you created a named index \ 
with Django 1.11, makemigrations will create a migration to recreate the index \ 
with the correct name.
Fixed a crash when using a __icontains lookup on a ArrayField.
Fixed a crash when using a two-tuple in EmailMessage’s attachments argument.
Fixed QuerySet.filter() crash when it references the name of a OneToOneField \ 
primary key.
Fixed empty POST data table appearing instead of “No POST data” in \ 
HTML debug page.
Restored BoundFields without any choices evaluating to True.
Prevented SessionBase.cycle_key() from losing session data if _session_cache \ 
isn’t populated.
Fixed layout of ReadOnlyPasswordHashWidget (used in the admin’s user change \ 
page).
Allowed prefetch calls on managers with custom ModelIterable subclasses.
Fixed change password link in the contrib.auth admin for el, es_MX, and pt \ 
translations.
Restored the output of the class attribute in the <ul> of widgets that use \ 
the multiple_input.html template. This fixes ModelAdmin.radio_fields with \ 
admin.HORIZONTAL.
Fixed crash in BaseGeometryWidget.subwidgets().
Fixed exception reraising in ORM query execution when cursor.execute() fails and \ 
the subsequent cursor.close() also fails.
Fixed a regression where CheckboxSelectMultiple, NullBooleanSelect, RadioSelect, \ 
SelectMultiple, and Select localized option values.
Corrected the stack level of unordered queryset pagination warnings.
Fixed a regression causing incorrect queries for __in subquery lookups when \ 
models use ForeignKey.to_field.
Fixed crash when overriding the template of django.views.static.directory_index().
Fixed a regression in formset min_num validation with unchanged forms that have \ 
initial data.
Prepared for cx_Oracle 6.0 support.
Updated the contrib.postgres SplitArrayWidget to use template-based widget rendering.
Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs.
Prevented AddIndex and RemoveIndex from mutating model state.
Prevented migrations from dropping database indexes from Meta.indexes when \ 
changing Field.db_index to False.
Fixed a regression in choice ordering in form fields with grouped and \ 
non-grouped options.
Fixed crash in BaseInlineFormSet._construct_form() when using save_as_new.
Fixed a regression where Model._state.db wasn’t set correctly on \ 
multi-table inheritance parent models after saving a child model.
Corrected the return type of ArrayField(CITextField()) values retrieved from the \ 
database.
Fixed QuerySet.prefetch_related() crash when fetching relations in nested \ 
Prefetch objects.
Prevented hiding GDAL errors if it’s not installed when using contrib.gis. \ 
(It’s a required dependency as of Django 1.11.)
Fixed a regression causing __in lookups on a foreign key to fail when using the \ 
foreign key’s parent model as the lookup

Log message:
Changes 1.11:
As always, the release notes cover the medley of new features in detail, but a \ 
few highlights are:
* Class-based model indexes for creating database indexes.
* Template-based widget rendering to ease customizing form widgets.
* Subquery expressions to create explicit subqueries using the ORM.

Log message:
Changes 1.10.6:

Bugfixes:
* Fixed ClearableFileInput’s “Clear” checkbox on model form \ 
fields where the model field has a default.
* Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than \ 
generating a bad request response.
* Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or \ 
IntegerField from DateField.
* Fixed query expression date subtraction accuracy on PostgreSQL for differences \ 
larger than a month.
* Fixed a GDALException raised by GDALClose on GDAL ≥ 2.0.

Log message:
Changes 1.10.5:
Bugfixes
* Fixed a crash in the debug view if request.user can’t be retrieved, such \ 
as if the database is unavailable.
* Fixed occasional missing plural forms in JavaScriptCatalog.
* Fixed a regression in the timesince and timeuntil filters that caused \ 
incorrect results for dates in a leap year.
* Fixed a regression where collectstatic overwrote newer files in remote storages.

Log message:
Use "${MV} || ${TRUE}" and "${RM} -f" consistently in \ 
post-install targets.

Log message:
Changes 1.10.4:
Bugfixes
* Quoted the Oracle test user’s password in queries to fix the \ 
“ORA-00922: missing or invalid option” error when the password starts \ 
with a number or special character.
* Fixed incorrect app_label / model_name arguments for allow_migrate() in \ 
makemigrations migration consistency checks.
* Made Model.delete(keep_parents=True) preserve parent reverse relationships in \ 
multi-table inheritance.
* Fixed a QuerySet.update() crash on SQLite when updating a DateTimeField with \ 
an F() expression and a timedelta.
* Prevented LocaleMiddleware from redirecting on URLs that should return 404 \ 
when using prefix_default_language=False.
* Prevented an unnecessary index from being created on an InnoDB ForeignKey when \ 
the field was added after the model was created.

Log message:
Update to 1.10.3
Approved by:	joerg@(maintainer)

Upstream changelog is too long, please visit:
https://github.com/django/django/tree/master/docs/releases

Log message:
Update to 1.9.11(security update)

Upstream changes:
Django 1.9.11 release notes

November 1, 2016
Django 1.9.11 fixes two security issues in 1.9.10.
        User with hardcoded password created when running tests on Oracle
        DNS rebinding vulnerability when DEBUG=True

Log message:
Update to 1.9.10(security update)

Upstream changes:
Django 1.9.10 release notes

September 26, 2016

Django 1.9.10 fixes a security issue in 1.9.9.
CSRF protection bypass on a site with Google Analytics

An interaction between Google Analytics and Django's cookie parsing could allow \ 
an attacker to set arbitrary cookies leading to a bypass of CSRF protection.

The parser for request.COOKIES is simplified to better match the behavior of \ 
browsers and to mitigate this attack. request.COOKIES may now contain cookies \ 
that are invalid according to RFC 6265 but are possible to set via \ 
document.cookie.