Navigation:
Browse pkgsrc
(this page)| 2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030) |
Log message: www: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts): www/nghttp2/distinfo Unfetchable distfiles (almost certainly fetched conditionally...): ./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx-devel/distinfo naxsi-1.3.tar.gz ./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx-devel/distinfo njs-0.5.0.tar.gz ./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz ./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx/distinfo naxsi-1.3.tar.gz ./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx/distinfo njs-0.5.0.tar.gz ./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz |
| 2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033) |
Log message: www: Remove SHA1 hashes for distfiles |
2020-03-12 17:22:38 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: py-django: updated to 1.11.29 Django 1.11.29 fixes a security issue in 1.11.28. CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS functions \ and aggregates on Oracle GIS functions and aggregates on Oracle were subject to SQL injection, using a \ suitably crafted tolerance. |
| 2020-02-04 18:23:11 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.28 Django 1.11.28 fixes a security issue: CVE-2020-7471: Potential SQL injection via StringAgg(delimiter) StringAgg aggregation function was subject to SQL injection, using a suitably \ crafted delimiter. |
| 2019-12-19 14:39:50 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.27 Django 1.11.27 fixes a security issue and a data loss bug in 1.11.26. CVE-2019-19844: Potential account hijack via password reset form By submitting a suitably crafted email address making use of Unicode characters, \ that compared equal to an existing user email when lower-cased for comparison, \ an attacker could be sent a password reset token for the matched account. In order to avoid this vulnerability, password reset requests now compare the \ submitted email using the stricter, recommended algorithm for case-insensitive \ comparison of two identifiers from Unicode Technical Report 36, section \ 2.11.2(B)(2). Upon a match, the email containing the reset token will be sent to \ the email address on record rather than the submitted address. Bugfixes * Fixed a data loss possibility in SplitArrayField. When using with \ ArrayField(BooleanField()), all values after the first True value were marked as \ checked instead of preserving passed values |
| 2019-11-05 08:40:16 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.26 Django 1.11.26: Fixed a crash when using a contains, contained_by, has_key, has_keys, or \ has_any_keys lookup on JSONField, if the right or left hand side of an \ expression is a key transform. |
| 2019-10-01 19:56:03 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.25 Django 1.11.25: Fixed a crash when filtering with a Subquery() annotation of a queryset \ containing JSONField or HStoreField |
| 2019-09-04 10:31:06 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.24 Django 1.11.24 fixes a regression in 1.11.23. Bugfixes Fixed crash of KeyTransform() for JSONField and HStoreField when using on \ expressions with params |
| 2019-08-06 11:30:46 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.23 Django 1.11.23: * CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator * CVE-2019-14233: Denial-of-service possibility in strip_tags() * CVE-2019-14234: SQL injection possibility in key and index lookups for \ JSONField/HStoreField * CVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri() |
| 2019-07-01 20:23:53 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 1.11.22 Django 1.11.22: Fix CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS |
New packages: