| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- Add CVE-2023-24580-DOS_file_upload.patch (CVE-2023-24580, bsc#1208082) to prevent DOS in file uploads. - .sig file is actually not available (and https://www.djangoproject.com/download/1.7.11/checksum/ is not it), so stop pretending we can cryptographically verify the tarball.
- update to 2.0.8
* CVE-2018-14574: Open redirect possibility in CommonMiddleware boo#1102680
* Fixed a regression in Django 2.0.7 that broke the regex lookup on MariaD
* Fixed a regression where django.template.Template crashed if
the template_string argument is lazy
* Fixed __regex and __iregex lookups with MySQL
* Fixed admin check crash when using a query expression in ModelAdmin.ordering
* Fixed admin changelist crash when using a query expression without asc()
or desc() in the page?s ordering
* Fixed a regression that broke custom template filters that use decorators
* Fixed detection of custom URL converters in included pattern
* Fixed a regression that added an unnecessary subquery to the GROUP BY clause
on MySQL when using a RawSQL annotation
* Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS 3.6.1+
* Fixed a regression in Django 1.10 that could result in large memory usage
when making edits using ModelAdmin.list_editable
* Corrected the import paths that inspectdb generates for django.contrib.postgres fields
* Fixed crashes in django.contrib.admindocs when a view is a callable object,
such as django.contrib.syndication.views.Feed
* Fixed a regression in Django 1.11.12 where QuerySet.values() or values_list()
after combining an annotated and unannotated queryset with union(),
difference(), or intersection() crashed due to mismatching columns
- Update to 1.11.11 * Fixes CVE-2018-7536, CVE-2018-7537
- Update to 1.11.10 LTS
* Fixes CVE-2018-6188 bsc#1077714, CVE-2017-7234, CVE-2017-7233,
CVE-2017-12794