Changelog for
python-django-1.6.11-2.1.i586.rpm :
Wed Sep 9 14:00:00 2015 bwiedemannAATTsuse.com
- Update to 1.6.11:
- various fixes
- Add 0001-1.6.x-Fixed-DoS-possiblity-in-contrib.auth.views.log.patch
(bnc#941587, CVE-2015-5963)
Fri Dec 20 13:00:00 2013 alexandreAATTexatati.com.br
- Update to 1.6.1:
- Bug fix release, please check all bugs on release notes:
https://docs.djangoproject.com/en/1.6/releases/1.6.1/
Tue Nov 5 13:00:00 2013 alexandreAATTexatati.com.br
- Update to 1.6:
- Please read the release notes
https://docs.djangoproject.com/en/1.6/releases/1.6
- Removed Patch2 as it is no needed anymore:
Django-1.4-CSRF_COOKIE_HTTPONLY-support.patch
Thu Oct 31 13:00:00 2013 mciharAATTsuse.cz
- Update to version 1.5.5:
+ Readdressed denial-of-service via password hashers
+ Properly rotate CSRF token on login
Tue Sep 17 14:00:00 2013 speilickeAATTsuse.com
- Update to version 1.5.4:
+ Fixed denial-of-service via large passwords
- Changes from version 1.5.3:
+ Fixed directory traversal with ssi template tag
Wed Aug 14 14:00:00 2013 alexandreAATTexatati.com.br
- Update to 1.5.2:
- Security release, please check release notes for details:
https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued
Thu Mar 28 13:00:00 2013 alexandreAATTexatati.com.br
- Update to 1.5.1:
- Memory leak fix, please read release announcement at
https://www.djangoproject.com/weblog/2013/mar/28/django-151.
Tue Feb 26 13:00:00 2013 alexandreAATTexatati.com.br
- Update to 1.5:
- Please read the release notes
https://docs.djangoproject.com/en/1.5/releases/1.5
Tue Dec 11 13:00:00 2012 alexandreAATTexatati.com.br
- Update to 1.4.3:
- Security release:
- Host header poisoning
- Redirect poisoning
- Please check release notes for details:
https://www.djangoproject.com/weblog/2012/dec/10/security
Sat Oct 20 14:00:00 2012 saschpeAATTsuse.de
- Add a symlink from /usr/bin/django-admin.py to /usr/bin/django-admin
Wed Oct 17 14:00:00 2012 alexandreAATTexatati.com.br
- Update to 1.4.2:
- Security release:
- Host header poisoning
- Please check release notes for details:
https://www.djangoproject.com/weblog/2012/oct/17/security
Mon Jul 30 14:00:00 2012 alexandreAATTexatati.com.br
- Update to 1.4.1:
- Security release:
- Cross-site scripting in authentication views
- Denial-of-service in image validation
- Denial-of-service via get_image_dimensions()
- Please check release notes for details:
https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
Tue Jun 19 14:00:00 2012 saschpeAATTsuse.de
- Add patch to support CSRF_COOKIE_HTTPONLY config
Fri Mar 23 13:00:00 2012 alexandreAATTexatati.com.br
- Update to 1.4:
- Please read the release notes
https://docs.djangoproject.com/en/dev/releases/1.4
- Removed Patch2, it was merged on upstream,
Thu Nov 24 13:00:00 2011 saschpeAATTsuse.de
- Set license to SDPX style (BSD-3-Clause)
- Package AUTHORS, LICENE and README files
- No CFLAGS for noarch package
- Drop runtime dependency on gettext-tools
Sat Sep 10 14:00:00 2011 alexandreAATTexatati.com.br
- Update to 1.3.1 to fix security issues, please read
https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued.
Thu Mar 31 14:00:00 2011 alexandreAATTexatati.com.br
- Fix build on SLES_9.
Wed Mar 23 13:00:00 2011 alexandreAATTexatati.com.br
- Update to 1.3 final;
- Refresh patch empty-ip-2.diff.
Fri Mar 18 13:00:00 2011 alexandreAATTexatati.com.br
- Update to 1.3-rc1;
- Regenerated spec file with py2pack;
- No more need to fix wrong line endings;
- Refresh patch empty-ip-2.diff with -p0.
Thu Mar 3 13:00:00 2011 saschpeAATTsuse.de
- Spec file cleanup:
* Removed empty lines, package authors from description
* Cleanup duplicates
* Corrected wrong file endings
* Added zero-length rpmlint filter
- Added AUTHORS, LICENSE and doc files
Wed Feb 9 13:00:00 2011 alexandreAATTexatati.com.br
- Update to 1.2.5:
- This is a security update that fix:
- Flaw in CSRF handling;
- Potential XSS in file field rendering.
Thu Dec 23 13:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2.4:
- Information leakage in Django administrative interface;
- Denial-of-service attack in password-reset mechanism.
- This is a mandatory security update.
Sat Sep 11 14:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2.3:
- The patch applied for the security issue covered in Django
1.2.2 caused issues with non-ASCII responses using CSRF
tokens. This has been remedied;
- The patch also caused issues with some forms, most notably
the user-editing forms in the Django administrative interface.
This has been remedied.
- The packaging manifest did not contain the full list of
required files. This has been remedied.
Thu Sep 9 14:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2.2.
- This is a ciritical security update fixing a default XSS bug!
Fri Jul 9 14:00:00 2010 jfunkAATTfunktronics.ca
- Added patch to fix upstream bug 5622: Empty ipaddress raises an error
Mon May 17 14:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2.1.
Mon May 17 14:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2.
Thu May 6 14:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2-rc-1.
Mon Apr 5 14:00:00 2010 alexandreAATTexatati.com.br
- Spec file cleaned with spec-cleaner;
- Minor manual adjusts on spec file.
Thu Mar 18 13:00:00 2010 alexandreAATTexatati.com.br
- Moved autocomplete file path from /etc/profile.d to
/etc/bash_completion.d. Then it works with konsole too.
Mon Mar 15 13:00:00 2010 alexandreAATTexatati.com.br
- Update to 1.2-beta-1;
- Using -q option on prep section of spec file;
- Using INSTALLED_FILES instead of declaring files;
- Removed dummy changelog section of spec file;
- Update completion bash patch.
Sun Oct 11 14:00:00 2009 nixAATTopensuse.org
- Update to 1.1.1 due to security issue described at
http://www.djangoproject.com/weblog/2009/oct/09/security/
Sat Oct 10 14:00:00 2009 alexandreAATTexatati.com.br
- Removed old tarball file (Django-1.1.tar.bz2).
Tue Aug 25 14:00:00 2009 garloffAATTsuse.de
- Fix python version check.
Sat Aug 22 14:00:00 2009 garloffAATTsuse.de
- Don\'t require python-sqlite2 for python >= 2.6.
Fri Aug 21 14:00:00 2009 garloffAATTsuse.de
- Build as noarch on factory.
Wed Aug 19 14:00:00 2009 poemlAATTsuse.de
- don\'t run bash completion on shells other than bash. Avoiding
error messages produced at login when using other shells.
Fri Aug 14 14:00:00 2009 alexandreAATTexatati.com.br
- Added bash auto-complete to openSUSE.
Tue Jul 28 14:00:00 2009 listuserAATTpeternixon.net
- update to version 1.1
- add python-django-rpmlintrc to quiet rpmlint complaints about -lang
Wed Jul 1 14:00:00 2009 poemlAATTsuse.de
- add python-xml to the Requires (./manage.py syncdb crashes
otherwise)
Sat Sep 13 14:00:00 2008 listuserAATTpeternixon.net
- update to version 1.0
- Fix build on SLES9
Thu Sep 4 14:00:00 2008 crrodriguezAATTsuse.de
- update to version 1.0 final
Wed May 14 14:00:00 2008 listuserAATTpeternixon.net
- update to version 0.96.2
Thu Feb 21 13:00:00 2008 jfunkAATTfunktronics.ca
- The way simplejson is included in this package is not useful to other
packages. Removed from provides
Fri Oct 26 14:00:00 2007 crrodriguezAATTsuse.de
- verion 0.96.1 fixes D.o.S attack in the i18n module
Fri Mar 23 13:00:00 2007 crrodriguezAATTsuse.de
- update to version 0.96
see http://www.djangoproject.com/documentation/release_notes_0.96 for details
- this package provides python-simplejson too.