Subject: CVS commit: pkgsrc/www/py-django
From: Adam Ciarcinski
Date: 2024-02-08 23:43:53
Message id: 20240208224353.D651FFA42@cvs.NetBSD.org

Log Message:
py-django: updated to 5.0.2

Django 5.0.2 fixes a security issue with severity “moderate” and several \ 
bugs in 5.0.1. Also, the latest string translations from Transifex are \ 
incorporated.

CVE-2024-24680: Potential denial-of-service in intcomma template filter

The intcomma template filter was subject to a potential denial-of-service attack \ 
when used with very long strings.

Bugfixes

Reallowed, following a regression in Django 5.0.1, filtering against local \ 
foreign keys not included in ModelAdmin.list_filter
Fixed a regression in Django 5.0 where links in the admin had an incorrect color
Fixed a bug in Django 5.0 that caused a crash of Model.full_clean() on models \ 
with a GeneratedField
Fixed a regression in Django 5.0 that caused a crash of FilteredRelation() with \ 
querysets as right-hand sides
Fixed a regression in Django 5.0 that caused a crash of the dumpdata management \ 
command when a base queryset used prefetch_related()
Fixed a regression in Django 5.0 that caused the request_finished signal to \ 
sometimes not be fired when running Django through an ASGI server, resulting in \ 
potential resource leaks
Fixed a bug in Django 5.0 that caused a migration crash on MySQL when adding a \ 
BinaryField, TextField, JSONField, or GeometryField with a db_default
Fixed a bug in Django 5.0 that caused a migration crash on models with a literal \ 
db_default of a complex type such as dict instance of a JSONField. Running \ 
makemigrations might generate no-op AlterField operations for fields using \ 
db_default

Files:
RevisionActionfile
1.125modifypkgsrc/www/py-django/Makefile
1.49modifypkgsrc/www/py-django/PLIST
1.101modifypkgsrc/www/py-django/distinfo