CVS commit: pkgsrc/www/py-django

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/py-django
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Tue, 19 Jul 2016 07:32:42 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Tue Jul 19 07:32:42 UTC 2016

Modified Files:
        pkgsrc/www/py-django: Makefile PLIST distinfo

Log Message:
Django 1.9.8 fixes a security issue and several bugs in 1.9.7.

Unsafe usage of JavaScript’s Element.innerHTML could result in XSS in the admin’s add/change related popup. Element.textContent is now used to prevent execution of the data.

The debug view also used innerHTML. Although a security issue wasn’t identified there, out of an abundance of caution it’s also updated to use textContent.

Bugfixes:

* Fixed missing varchar/text_pattern_ops index on CharField and TextField respectively when using AddField on PostgreSQL.
* Fixed makemessages crash on Python 2 with non-ASCII file names.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/www/py-django/Makefile
cvs rdiff -u -r1.39 -r1.40 pkgsrc/www/py-django/PLIST
cvs rdiff -u -r1.56 -r1.57 pkgsrc/www/py-django/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/py-django/Makefile
diff -u pkgsrc/www/py-django/Makefile:1.73 pkgsrc/www/py-django/Makefile:1.74
--- pkgsrc/www/py-django/Makefile:1.73  Mon Jun  6 09:34:59 2016
+++ pkgsrc/www/py-django/Makefile       Tue Jul 19 07:32:42 2016
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.73 2016/06/06 09:34:59 adam Exp $
+# $NetBSD: Makefile,v 1.74 2016/07/19 07:32:42 adam Exp $
 
-DISTNAME=      Django-1.9.7
+DISTNAME=      Django-1.9.8
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:tl}
 CATEGORIES=    www python
 MASTER_SITES=  http://www.djangoproject.com/m/releases/${PKGVERSION_NOREV:R}/

Index: pkgsrc/www/py-django/PLIST
diff -u pkgsrc/www/py-django/PLIST:1.39 pkgsrc/www/py-django/PLIST:1.40
--- pkgsrc/www/py-django/PLIST:1.39     Sat May  7 07:51:52 2016
+++ pkgsrc/www/py-django/PLIST  Tue Jul 19 07:32:42 2016
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.39 2016/05/07 07:51:52 adam Exp $
+@comment $NetBSD: PLIST,v 1.40 2016/07/19 07:32:42 adam Exp $
 bin/django-admin${PYVERSSUFFIX}
 bin/django-admin${PYVERSSUFFIX}.py
 ${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
@@ -1091,6 +1091,7 @@ ${PYSITELIB}/django/contrib/admin/static
 ${PYSITELIB}/django/contrib/admin/static/admin/js/vendor/jquery/jquery.js
 ${PYSITELIB}/django/contrib/admin/static/admin/js/vendor/jquery/jquery.min.js
 ${PYSITELIB}/django/contrib/admin/static/admin/js/vendor/xregexp/LICENSE-XREGEXP.txt
+${PYSITELIB}/django/contrib/admin/static/admin/js/vendor/xregexp/xregexp.js
 ${PYSITELIB}/django/contrib/admin/static/admin/js/vendor/xregexp/xregexp.min.js
 ${PYSITELIB}/django/contrib/admin/templates/admin/404.html
 ${PYSITELIB}/django/contrib/admin/templates/admin/500.html
@@ -2226,9 +2227,6 @@ ${PYSITELIB}/django/contrib/gis/db/model
 ${PYSITELIB}/django/contrib/gis/db/models/sql/__init__.py
 ${PYSITELIB}/django/contrib/gis/db/models/sql/__init__.pyc
 ${PYSITELIB}/django/contrib/gis/db/models/sql/__init__.pyo
-${PYSITELIB}/django/contrib/gis/db/models/sql/aggregates.py
-${PYSITELIB}/django/contrib/gis/db/models/sql/aggregates.pyc
-${PYSITELIB}/django/contrib/gis/db/models/sql/aggregates.pyo
 ${PYSITELIB}/django/contrib/gis/db/models/sql/conversion.py
 ${PYSITELIB}/django/contrib/gis/db/models/sql/conversion.pyc
 ${PYSITELIB}/django/contrib/gis/db/models/sql/conversion.pyo

Index: pkgsrc/www/py-django/distinfo
diff -u pkgsrc/www/py-django/distinfo:1.56 pkgsrc/www/py-django/distinfo:1.57
--- pkgsrc/www/py-django/distinfo:1.56  Mon Jun  6 09:34:59 2016
+++ pkgsrc/www/py-django/distinfo       Tue Jul 19 07:32:42 2016
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.56 2016/06/06 09:34:59 adam Exp $
+$NetBSD: distinfo,v 1.57 2016/07/19 07:32:42 adam Exp $
 
-SHA1 (Django-1.9.7.tar.gz) = ea27c185acaf9ea39c692beca4c07ecf8974e72e
-RMD160 (Django-1.9.7.tar.gz) = 5271da31b90677332e124b98dde9d5bca2a9d9c4
-SHA512 (Django-1.9.7.tar.gz) = 4ace73b57496fac917e455e76aec6b9873949dc95bf84177e7db8f507de1656eee9cb7ae1040643b681e6f57a796147ffce8f6b9ff3ce81fc3e21aecaee2b11a
-Size (Django-1.9.7.tar.gz) = 7442680 bytes
+SHA1 (Django-1.9.8.tar.gz) = a3617f4007255fc69df5152741446ebeee7e0a82
+RMD160 (Django-1.9.8.tar.gz) = 5e1e56280a5877b85c6ca1d0ac47b9f3c70c9537
+SHA512 (Django-1.9.8.tar.gz) = a0784b60ccb0d89fe0abe9dde78a64873939edbdb17a7ae77e3ee7c31fae5cdfc87d98d070def3043bdaac2e73b82eeb019b30cd85994ea1e30803ac04d8fda1
+Size (Django-1.9.8.tar.gz) = 7494012 bytes

Prev by Date: CVS commit: pkgsrc/sysutils/cdrtools
Next by Date: CVS commit: pkgsrc/sysutils/cdrtools
Previous by Thread: CVS commit: pkgsrc/sysutils/cdrtools
Next by Thread: CVS commit: pkgsrc/sysutils/cdrtools
Indexes:

Home | Main Index | Thread Index | Old Index