Navigation:
Browse pkgsrc
(this page)
www py-djang..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2021-03-01 13:43:26 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: py-django3: updated to 3.1.7 Django 3.1.7 fixes a security issue and a bug in 3.1.6. CVE-2021-23336: Web cache poisoning via django.utils.http.limited_parse_qsl() Django contains a copy of urllib.parse.parse_qsl() which was added to backport \ some security fixes. A further security fix has been issued recently such that \ parse_qsl() no longer allows using ; as a query parameter separator by default. \ Django now includes this fix. See bpo-42967 for further details. Bugfixes Fixed a regression in Django 3.1 that caused RuntimeError instead of connection \ errors when using only the 'postgres' database |
| 2021-02-05 08:55:02 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.1.6 Django 3.1.6 fixes a security issue with severity “low” and a bug in 3.1.5. CVE-2021-3281: Potential directory-traversal via archive.extract() The django.utils.archive.extract() function, used by startapp --template and \ startproject --template, allowed directory-traversal via an archive with \ absolute paths or relative paths with dot segments. Bugfixes Fixed an admin layout issue in Django 3.1 where changelist filter controls would \ become squashed |
| 2021-01-06 13:17:15 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.1.5 Django 3.1.5 fixes several bugs in 3.1.4. Fixed __isnull=True lookup on key transforms for JSONField with Oracle and SQLite. Fixed a bug in Django 3.1 that caused a crash when processing middlewares in an \ async context with a middleware that raises a MiddlewareNotUsed exception. Fixed a regression in Django 3.1 that caused the incorrect prefixing of \ STATIC_URL and MEDIA_URL settings, by the server-provided value of SCRIPT_NAME \ (or / if not set), when set to a URL specifying the protocol but without a \ top-level domain, e.g. http://myhost/ |
| 2020-12-03 19:10:48 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django: updated to 3.1.4 Django 3.1.4 fixes several bugs in 3.1.3. Bugfixes Fixed setting the Content-Length HTTP header in AsyncRequestFactory. Fixed passing extra HTTP headers to AsyncRequestFactory request methods. Fixed crash of key transforms for JSONField on PostgreSQL when using on a \ Subquery() annotation. Fixed a regression in Django 3.1 that caused a crash of auto-reloader for \ certain invocations of runserver on Windows with Python 3.7 and below. Fixed a regression in Django 3.1 that caused the incorrect grouping by a Q \ object annotation. Fixed a regression in Django 3.1 that caused suppressing connection errors when \ JSONField is used on SQLite. Fixed a crash on SQLite, when QuerySet.values()/values_list() contained key \ transforms for JSONField returning non-string primitive values |
| 2020-11-02 12:12:01 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.1.3 Django 3.1.3 fixes several bugs in 3.1.2 and adds compatibility with Python 3.9. Bugfixes Fixed a regression in Django 3.1.2 that caused the incorrect height of the admin \ changelist search bar Fixed a regression in Django 3.1.2 that caused the incorrect width of the admin \ changelist search bar on a filtered page Fixed displaying Unicode characters in forms.JSONField and read-only \ models.JSONField values in the admin Fixed a regression in Django 3.1 that caused a crash of ArrayAgg and StringAgg \ with ordering on key transforms for JSONField Fixed a regression in Django 3.1 that caused a crash of __in lookup when using \ key transforms for JSONField in the lookup value Fixed a regression in Django 3.1 that caused a crash of ExpressionWrapper with \ key transforms for JSONField Fixed a regression in Django 3.1 that caused a migrations crash on PostgreSQL \ when adding an ExclusionConstraint with key transforms for JSONField in \ expressions Fixed a regression in Django 3.1 where ProtectedError.protected_objects and \ RestrictedError.restricted_objects attributes returned iterators instead of set \ of objects Fixed a regression in Django 3.1.2 that caused incorrect form input layout on \ small screens in the admin change form view Fixed a regression in Django 3.1 that invalidated pre-Django 3.1 password reset \ tokens Added support for asgiref 3.3 Fixed a regression in Django 3.1 that caused incorrect textarea layout on \ medium-sized screens in the admin change form view with the sidebar open Fixed a regression in Django 3.0.7 that didn’t use Subquery() aliases in the \ GROUP BY clause |
| 2020-10-02 04:14:03 by Wen Heping | Files touched by this commit (2) | |
Log message:
Update to 3.1.2
Upstream changes:
Django 3.1.2 release notes¶
October 1, 2020
Django 3.1.2 fixes several bugs in 3.1.1.
Bugfixes¶
Fixed a bug in Django 3.1 where FileField instances with a callable storage \
were not correctly deconstructed (#31941).
Fixed a regression in Django 3.1 where the QuerySet.ordered attribute \
returned incorrectly True for GROUP BY queries (e.g. .annotate().values()) on \
models with Meta.ordering. A model’s Meta.ordering doesn’t affect such \
queries (#31990).
Fixed a regression in Django 3.1 where a queryset would crash if it \
contained an aggregation and a Q object annotation (#32007).
Fixed a bug in Django 3.1 where a test database was not synced during \
creation when using the MIGRATE test database setting (#32012).
Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on a \
GenericRelation (#32038).
Fixed a regression in Django 3.1.1 where the admin changelist filter sidebar \
would not scroll for a long list of available filters (#31986).
|
| 2020-09-10 11:37:17 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: py-django3: updated to 3.1.1 Django 3.1.1 fixes two security issues and several bugs in 3.1. CVE-2020-24583: Incorrect permissions on intermediate-level directories on \ Python 3.7+ On Python 3.7+, FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to \ intermediate-level directories created in the process of uploading files and to \ intermediate-level collected static directories when using the collectstatic \ management command. You should review and manually fix permissions on existing intermediate-level \ directories. CVE-2020-24584: Permission escalation in intermediate-level directories of the \ file system cache on Python 3.7+ On Python 3.7+, the intermediate-level directories of the file system cache had \ the system’s standard umask rather than 0o077 (no group or others \ permissions). Bugfixes Fixed wrapping of translated action labels in the admin’s navigation sidebar \ for East Asian languages. Fixed wrapping of long model names in the admin’s navigation sidebar. Fixed encoding session data while upgrading multiple instances of the same \ project to Django 3.1. Adjusted admin’s navigation sidebar template to reduce debug logging when \ rendering. Fixed a data loss possibility in the select_for_update(). When using related \ fields pointing to a proxy model in the of argument, the corresponding model was \ not locked. Fixed a data loss possibility, following a regression in Django 2.0, when \ copying model instances with a cached fields value. Fixed a regression in Django 3.1 that caused a crash when decoding an invalid \ session data. Reverted a deprecation in Django 3.1 that caused a crash when passing deprecated \ keyword arguments to a queryset in TemplateView.get_context_data(). Enforced thread sensitivity of the MiddlewareMixin.process_request() and \ process_response() hooks when in an async context. Fixed __in lookup on key transforms for JSONField with MariaDB, MySQL, Oracle, \ and SQLite. Fixed a regression in Django 3.1 that caused permission errors in \ CommonPasswordValidator and settings.py generated by the startproject command, \ when user didn’t have permissions to all intermediate directories in a Django \ installation path. Fixed detecting an async get_response callable in various builtin middlewares. Fixed a QuerySet.order_by() crash on PostgreSQL when ordering and grouping by \ JSONField with a custom decoder. Fixed a QuerySet.delete() crash on MySQL, following a performance regression in \ Django 3.1 on MariaDB 10.3.2+, when filtering against an aggregate function. Fixed a django.contrib.admin.EmptyFieldListFilter crash when using on reverse \ relations. Prevented content overflowing in the admin changelist view when the navigation \ sidebar is enabled What’s new in Django 3.1 Asynchronous views and middleware support JSONField for all supported database backends DEFAULT_HASHING_ALGORITHM settings |
| 2020-07-08 17:08:31 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django3: updated to 3.0.8 Django 3.0.8 fixes several bugs in 3.0.7. Bugfixes Fixed messages of InvalidCacheKey exceptions and CacheKeyWarning warnings raised \ by cache key validation. Fixed a regression in Django 3.0.7 that caused a queryset crash when grouping by \ a many-to-one relationship. Reallowed, following a regression in Django 3.0, non-expressions having a \ filterable attribute to be used as the right-hand side in queryset filters. Fixed a regression in Django 3.0.2 that caused a migration crash on PostgreSQL \ when adding a foreign key to a model with a namespaced db_table. Added compatibility for cx_Oracle 8 |
New packages: