Version: 1.11.28-bp152.1.14
* Tue Feb 04 2020 Ond?ej Súkup <mimi.vx@gmail.com>
- update to 1.11.28
- drop pyyaml53.patch
* fix boo#1161919 (CVE-2020-7471) Potential SQL injection via StringAgg(delimiter)
* Wed Jan 15 2020 Ond?ej Súkup <mimi.vx@gmail.com>
- add pyyaml53.patch - fix tests with new PyYAML 5.3
* Sun Dec 29 2019 Ond?ej Súkup <mimi.vx@gmail.com>
- Update to 1.11.27
* CVE-2019-19844: Potential account hijack via password reset form (bsc#1159447)
* Fixed a data loss possibility in SplitArrayField.
* Fri Nov 15 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 1.11.26:
* Fixed a crash when using a contains, contained_by, has_key,
has_keys, or has_any_keys lookup on JSONField, if the right
or left hand side of an expression is a key transform (#30826).
* Mon Oct 07 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 1.11.25:
* Fixed a crash when filtering with a Subquery() annotation of
a queryset containing JSONField or HStoreField (#30769).
* Mon Sep 16 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 1.11.24:
* Fixed crash of KeyTransform() for JSONField and HStoreField when using
on expressions with params (#30672).
* Thu Aug 01 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 1.11.23:
* CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235
bsc#1142883 bsc#1142885 bsc#1142882 bsc#1142880
* Just security fixes
* Fri Jul 19 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 1.11.22:
* CVE-2019-12781 (bsc#1139945): Incorrect HTTP detection with reverse-proxy connecting via HTTPS
* Mon Jun 03 2019 Ond?ej Súkup <mimi.vx@gmail.com>
- update to 1.11.21
* fix bnc#1136468 - CVE-2019-12308: AdminURLFieldWidget XSS
- drop pyyaml5.patch
Version: 1.11.20-bp151.2.1
* Tue Apr 02 2019 Bernhard Wiedemann <bwiedemann@suse.com>
- Add fix2028.patch to make tests pass until 2038
* Sat Mar 23 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to build with PyYAML >5:
* pyyaml5.patch
* Mon Mar 18 2019 Thomas Bechtold <tbechtold@suse.com>
- Enable python3 build for python versions <= 3.7
That's what in the support matrix from
https://docs.djangoproject.com/en/2.1/faq/install/#what-python-version-can-i-use-with-django
* Mon Feb 25 2019 Ond?ej Súkup <mimi.vx@gmail.com>
- Update to 1.11.20
* fix boo#1124991 - CVE-2019-6975
* Tue Jan 29 2019 Tomá? Chvátal <tchvatal@suse.com>
- Enable tests like on regular django to detect regressions for
the python2 based variant too
* Tue Jan 29 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to work well with sqlite 3.26 and newer:
* django-sqlite-326.patch
* Tue Jan 08 2019 kberger@suse.com
- Update to 1.11.18 (bsc#1120932, CVE-2019-3498)
* CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
* Pinned Pillow != 5.4.0 in test requirements.
* Fixed broken links to PyYAML page.
* Doc'd that mysqlclient 1.3.14 and later isn't supported.
* Mon Dec 10 2018 Ond?ej Súkup <mimi.vx@gmail.com>
- Update to 1.11.17
* Prevented repetitive calls to geos_version_tuple() in the WKBWriter class
in an attempt to fix a random crash involving LooseVersion
* Fixed a race condition in QuerySet.update_or_create() that could result
in data loss
* Wed Aug 08 2018 tchvatal@suse.com
- Build python3 variant on old Leaps
Version: 1.11.12-bp150.2.4
* Mon Apr 16 2018 tbechtold@suse.com
update to version 1.11.12 (CVE-2018-7537, CVE-2018-7536):
* Fixed #29273 -- Prevented initial selection of empty choice in multiple choice widgets.
* Fixed links to Sphinx docs.
* Fixed #29192 -- Removed inaccurate statement regarding overriding fields from abstract base classes.
* Added CVE-2018-7536,7 to the security release archive.
* Added release date for 1.11.12.
* Bumped version for 1.11.12 release.
* Fixed #29229 -- Fixed column mismatch crash when combining two annotated values_list() querysets with union(), difference(), or intersection().
* Added stub release notes for 1.11.12.
* Fixed typo in docs/releases/1.11.12.txt.
* Post-release version bump.
* Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
* Bumped version for 1.11.11 release.
* Post-release version bump.
* Removed blank lines per isort 4.3.0.
* Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in urlize and urlizetrunc template filters.
* Switched test requirement to new psycopg2-binary package.
* Added stub release notes for security releases.
* Corrected doc'd type of some parameters from string to str.
* Added CVE-2018-6188 to the security release archive.
* Wed Feb 07 2018 tbechtold@suse.com
- update to 1.11.10 (bsc#1077714, CVE-2018-6188):
* Fixed GeoIP test failure with the latest data.
* Bumped version for 1.11.9 release.
* Fixed #28890 -- Removed newlines between MultiWidget's subwidgets.
* Fixed #29016 -- Fixed incorrect foreign key nullification on related instance deletion.
* Fixed #29032 -- Fixed an example of using expressions in QuerySet.values().
* Added stub release notes for 1.11.10.
* Fixed typo in docs/topics/testing/advanced.txt.
* Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.
* Fixed #29017 -- Updated BaseCommand.leave_locale_alone doc per refs #24073.
* Refs #28876 -- Fixed incorrect class-based model index name generation for models with quoted db_table.
* Fixed location of spatialite_source label.
* Fixed #29002 -- Corrected cached template loader docs about when it's automatically enabled.
* Fixed #29094 -- Fixed crash when entering an invalid uuid in ModelAdmin.raw_id_fields.
* Added release date for 1.11.9.
* Refs #28876 -- Fixed incorrect foreign key constraint name for models with quoted db_table.
* Fixed a GeoIP2 test failure with the latest GeoIP2 database.
* Post-release version bump.
* Fixed typo in docs/topics/i18n/translation.txt.
* Bumped version for 1.11.10 release.
* Added stub release notes for 1.11.9.
* Fixed #29071 -- Fixed contrib.auth.authenticate() crash if a backend doesn't accept a request but a later one does.
* Fixed #25277 -- Restored test dependency to the original python-memcached.
* Refs #28856 -- Fixed caching of a GenericForeignKey pointing to a model that uses more than one level of MTI.
* Thu Dec 21 2017 mimi.vx@gmail.com
- build only for python2 - Python3 provided by Django-2.0
* Tue Dec 12 2017 tbechtold@suse.com
- update to 1.11.8:
* Fixed #28488 -- Reallowed error handlers to access CSRF tokens.
* Fixed #28856 -- Fixed a regression in caching of a GenericForeignKey
pointing to a MTI model.
* Fixed #28597 -- Fixed crash with the name of a model's autogenerated primary
key in an Index's fields.
* Added stub release notes for 1.11.7.
* Fixed #28305 -- Fixed "Cannot change column 'x': used in a foreign key constraint"
crash on MySQL with a sequence of AlterField or RenameField operations.
* Fixed #28689 -- Fixed unquoted table names in Subquery SQL when using OuterRef.
* Added assertion helpers for PostgreSQL's server-side cursor tests.
* Fixed #28729 -- Replaced a numbered list with unordered list in TemplatesSetting docs.
* Fixed #28786 -- Doc'd middleware ordering considerations due to
CommonMiddleware setting Content-Length.
* Added release date for 1.11.8.
* Fixed #28702 -- Made query lookups for CIText fields use citext.
* Added 2017-12794 to the security release archive.
* Fixed typo in docs/topics/cache.txt.
* Bumped version for 1.11.6 release.
* Added release date for 1.11.6.
* Fixed #28648 -- Corrected typo in docs/topics/db/queries.txt.
* Bumped version for 1.11.7 release.
* Added stub release notes for 1.11.8.
* Fixed #28848 -- Fixed SQLite/MySQL crash when ordering by a filtered
subquery that uses nulls_first/nulls_last.
* Fixed typo in docs/topics/db/aggregation.txt.
* Fixed #28802 -- Fixed typo in docs/topics/auth/default.txt.
* Fixed typo in docs/topics/forms/media.txt.
* Bumped version for 1.11.8 release.
* Fixed typo in docs/ref/models/querysets.txt.
* Fixed test failures due to ordering differences on PostgreSQL 10.
* Fixed #28710 -- Fixed the Basque DATE_FORMAT string
* Added stub release notes for 1.11.6.
* Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments.
* Fixed #28817 -- Made QuerySet.iterator() use server-side cursors after
values() and values_list().
* Post-release version bump.
* Fixed #28792 -- Fixed index name truncation of namespaced tables.
* Fixed #28781 -- Added QuerySet.values()/values_list() support for union(),
difference(), and intersection().
* Fixed #28722 -- Made QuerySet.reverse() affect nulls_first/nulls_last.
* Refs #28710 -- Simplified l10n format test
* Initialized CsrfViewMiddleware once in csrf_tests.
* Added release date for 1.11.7.
* Linked to prefetch_related_objects func in DB optimization docs.
* Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user
error when using ModelBackend.
* Fixed #28653 -- Added missing ForeignKey.on_delete argument in docs.
* Fixed #28561 -- Removed inaccurate docs about QuerySet.order_by() and joins.
* Fixed #28555 -- Made CharField convert whitespace-only values to the
empty_value when strip is enabled.
* Fixed #28601 -- Prevented cache.get_or_set() from caching None if default
is a callable that returns None.
* Wed Sep 20 2017 toddrme2178@gmail.com
- update to version 1.11.5
* CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page
* Fixed GEOS version parsing if the version has a commit hash at the end (new
in GEOS 3.6.2) (:ticket:`28441`).
* Added compatibility for ``cx_Oracle`` 6 (:ticket:`28498`).
* Fixed select widget rendering when option values are tuples (:ticket:`28502`).
* Django 1.11 inadvertently changed the sequence and trigger naming scheme on
Oracle. This causes errors on INSERTs for some tables if
``'use_returning_into': False`` is in the ``OPTIONS`` part of ``DATABASES``.
The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily
requires an update to Oracle tables created with Django 1.11.[1-4]. Use the
upgrade script in :ticket:`28451` comment 8 to update sequence and trigger
names to use the pre-1.11 naming scheme.
* Added POST request support to ``LogoutView``, for equivalence with the
function-based ``logout()`` view (:ticket:`28513`).
* Omitted ``pages_per_range`` from ``BrinIndex.deconstruct()`` if it's ``None``
(:ticket:`25809`).
* Fixed a regression where ``SelectDateWidget`` localized the years in the
select box (:ticket:`28530`).
* Fixed a regression in 1.11.4 where ``runserver`` crashed with non-Unicode
system encodings on Python 2 + Windows (:ticket:`28487`).
* Fixed a regression in Django 1.10 where changes to a ``ManyToManyField``
weren't logged in the admin change history (:ticket:`27998`) and prevented
``ManyToManyField`` initial data in model forms from being affected by
subsequent model changes (:ticket:`28543`).
* Fixed non-deterministic results or an ``AssertionError`` crash in some
queries with multiple joins (:ticket:`26522`).
* Fixed a regression in ``contrib.auth``'s ``login()`` and ``logout()`` views
where they ignored positional arguments (:ticket:`28550`).
* Thu Aug 10 2017 tbechtold@suse.com
- update to version 1.11.4:
* Fixed #27939 -- Updated OpenLayersWidget.map_srid for OpenLayers 3.
* Fixed #27956 -- Fixed display of errors in an {% extends %} child.
* Updated various links in docs to avoid redirects
* Fixed typo in docs/topics/auth/default.txt.
* Double quoted HTML attributes in widget docs
* Fixed #28303 -- Prevented localization of attribute values in the DTL attrs.html widget template.
* Added stub release notes for 1.11.3.
* Documented OSMWidget.default_lat/lon.
* Fixed #28101 -- Fixed a regression with nested __in subquery lookups and to_field.
* Bumped version for 1.11.4 release.
* Bumped version for 1.11.3 release.
* Updated translations from Transifex
* Fixed #28039 -- Fixed crash in BaseGeometryWidget.subwidgets().
* Fixed #28242 -- Moved ImageField file extension validation to the form field.
* Made docs/topics/migrations.txt use single quotes consistently.
* Fixed #28355 -- Fixed widget rendering of non-ASCII date/time formats on Python 2.
* Updated name of topics/db/queries link on index.
* Fixed #28025 -- Fixed typo in docs/ref/models/querysets.txt.
* Fixed #28043 -- Prevented AddIndex and RemoveIndex from mutating model state.
* Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request.
* Fixed #28361 -- Fixed possible time-related failure in was_published_recently() tutorial test.
* Fixed #28265 -- Prevented renderer warning on Widget.render() with **kwargs.
* Fixed typo in docs/topics/testing/advanced.txt.
* Fixed #28125 -- Clarified 1.11 release note about Template.render() prohibiting non-dict context.
* Refs #18974 -- Added stacklevel for permalink() deprecation.
* Fixed #28350 -- Fixed UnboundLocalError crash in RenameField with nonexistent field.
* Fixed #28051 -- Made migrations respect Index's name argument.
* Fixed #28420 -- Doc'd 'is' comparison restriction for User.is_authenticated/anonymous.
* Added release date for 1.11.4.
* Refs #28174 -- Fixed autoreload test crash on Python 2/non-ASCII path.
* Fixed #28389 -- Fixed pickling of LazyObject on Python 2 when wrapped object doesn't have __reduce__().
* Fixed #28148 -- Doc'd ImageField name validation concerns with the test client.
* Added stub release notes for 1.11.2.
* Fixed #27890 -- Fixed FileNotFoundError cleanup exception in runtests.py on Python 3.6+.
* Fixed #28138 -- Used output type handler instead of numbersAsStrings on Oracle cursor.
* Fixed widgets module path in docs/ref/contrib/gis/forms-api.txt.
* Fixed #27947 -- Doc'd that model Field.error_messages often don't propagate to forms.
* Fixed #28067 -- Clarified __str__() return type when using python_2_unicode_compatible().
* Fixed docstring typo in django/contrib/admin/actions.py.
* Fixed #28102 -- Doc'd how to compute path to built-in widget template directories.
* Fixed #28352 -- Corrected QuerySet.values_list() return type in docs examples.
* Fixed #28181 -- Added detection for GDAL 2.1 and 2.0.
* Refs #23853 -- Updated sql.query.Query.join() docstring.
* Added a test for Model._meta._property_names.
* Refs #27919 -- Changed Widget.get_context() attrs kwarg to an arg.
* Fixed #28415 -- Clarified what characters ASCII/UnicodeUsernameValidator accept.
* Fixed #28074 -- Doc'd template-based widget rendering changes for contrib.gis.
* Fixed #28278 -- Fixed invalid HTML for a required AdminFileWidget.
* Added content_type filtering in Permission querying example.
* Corrected FileExtensionValidator doc regarding the value being validated.
* Fixed #27960 -- Set errcheck=False for GDALAllRegister to prevent crash.
* Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget.
* Fixed #27969 -- Fixed models.Field.formfield() setting 'disabled' for fields with choices.
* Post-release version bump.
* Fixed #28298 -- Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False.
* Refs #28192 -- Fixed documentation of ChoiceField choices requirement
* Fixed #27966 -- Bumped required psycopg2 version to 2.5.4.
* Linked GIS QuerySet API docs to corresponding PostGIS docs.
* Fixed #27974 -- Kept resolved templates constant during one rendering cycle.
* Refs #28100 -- Fixed URL in el, es_MX, and pt auth translations
* Fixed typo in docs/ref/request-response.txt.
* Fixed #27963 -- Removed unneeded docstring example in contributing docs.
* Added stub release notes for security releases.
* Fixed #28349 -- Doc'd how to upgrade Django from LTS to LTS.
* Fixed typo in docs/ref/forms/fields.txt.
* Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve().
* Fixed #28170 -- Fixed file_move_safe() crash when moving files to a CIFS mount.
* Fixed broken links to Oracle docs.
* Fixed #27554 -- Fixed prefetch_related() crash when fetching relations in nested Prefetches.
* Added links and cosmetic edits to docs/ref/request-response.txt.
* Added stub release notes for 1.11.1.
* Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page.
* Removed incorrect "required" attribute in docs/ref/forms/fields.txt.
* Fixed #28176 -- Restored the uncasted option value in ChoiceWidget template context.
* Refs #24423 -- Readded inadvertently deleted i18n tests.
* Fixed #27965 -- Fixed precision comparison in a geoforms test (refs #27939).
* Corrected post-release version bump.
* Made runtests.py run gis_tests only when using a GIS database backend.
* Fixed #28230 -- Allowed DjangoJsonEncoder to serialize CallableBool.
* Fixed broken link to QUnit docs.
* Removed MySQL (unsupported) from Perimeter docs.
* Fixed #28266 -- Fixed typo in docs/ref/models/instances.txt.
* Fixed #28139 -- Added another level of headings in the topics index.
* Fixed #28003 -- Doc'd what an auto-created OneToOneField parent_link looks like.
* Fixed #28160 -- Prevented hiding GDAL exceptions when it's not installed.
* Updated man page for Django 1.11.
* Fixed #27988 -- Fixed typo in docs/ref/django-admin.txt.
* Fixed #28199 -- Fixed Subquery generating unnecessary/invalid CAST.
* Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template.
* Fixed AppRegistryNotReady error when running gis_tests in isolation on PostGIS.
* Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD.
* Fixed #28040 -- Updated SplitArrayWidget to use template-based widget rendering.
* Fixed #28269 -- Fixed Model.__init__() crash on models with a field that has an instance only descriptor.
* Tested EmailMessage(attachments=[MIMEText])
* Clarified return value of NumGeometries GIS function.
* Refs #27935 -- Fixed BrinIndex.max_name_length if a project's default database isn't PostgreSQL.
* Fixed #28058 -- Restored empty BoundFields evaluating to True.
* Replaced "not A== B" with "A != B" in docs/howto/writing-migrations.txt.
* Added CVE-2017-7233,4 to the security release archive.
* Fixed #28204 -- Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if InvalidPage message contains non-ASCII.
* Fixed #27935 -- Fixed crash with BrinIndex name > 30 characters.
* Fixed #28293 -- Fixed union(), intersection(), and difference() when combining with an EmptyQuerySet.
* Fixed #28222 -- Allowed settable properties in QuerySet.update_or_create()/get_or_create() defaults.
* Refs #27556, #27488 -- Updated support backends docs for isvalid lookup.
* Fixed nondeterministic ordering test failure in model_forms.
* Fixed #28345 -- Applied limit_choices_to during ModelForm.__init__().
* Fixed #27981 -- Doc'd date/time filter l10n changes in refs #25758.
* Made a few cosmetic updates to "Migrations that add unique fields".
* Bumped version for 1.11 release.
* Fixed #28004 -- Doc'd how to create migrations for an app without a migrations directory.
* Fixed #28202 -- Fixed FieldListFilter.get_queryset() crash on invalid input.
* Fixed #27949 -- Doc'd how OpenLayers 3 widgets work.
* Pass type to sql_alter_column_* where it was missing.
* Fixed #27866 -- Made ChoiceWidget.format_value() return a list
* Fixed #28308 -- Doc'd removal of Select.render_option() (refs #15667).
* Fixed #28178 -- Changed contrib.gis to raise ImproperlyConfigured if gdal isn't installed.
* Fixed #28284 -- Prevented Paginator's unordered object list warning from evaluating a QuerySet.
* Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date.
* Fixed #28161 -- Fixed return type of ArrayField(CITextField()).
* Corrected docs regarding MySQL support of Length GIS function.
* Fixed #28175 -- Fixed __in lookups on a foreign key when using the foreign key's parent model as the lookup value.
* Refs #18247 -- Fixed SQLite QuerySet filtering on decimal result of Least and Greatest.
* Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials.
* Fixed #27644 -- Doc'd FileSystemStorage.get_created_time().
* Added test for intersection() when combining with a queryset raising EmptyResultSet.
* Fixed #28197 -- Fixed introspection of index field ordering on PostgreSQL.
* Removed extra characters in docs header underlines.
* Fixed GEOSGeometry reference in GIS tutorial.
* Refs #28066 -- Fixed Python 2 failures in sessions_tests.
* Removed obsolete Widget.format_output() in tests.
* Fixed #28059 -- Restored class attribute in <ul> of widgets that use multiple_input.html.
* Fixed typo in docs/ref/contrib/postgres/fields.txt.
* Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6.
* Fixed #28031 -- Removed notes about old uWSGI/sentry versions (refs #20537).
* Removed unexpected initial attribute in data migration examples.
* Renamed "Mac OS X" to "macOS" in docs.
* Sorted imports per isort 4.2.9.
* Refs #28138 -- Added release notes for d52577b62b3138674807ac74251fab7faed48331.
* Back to the future.
* Fixed #27993 -- Fixed model form default fallback for SelectMultiple.
* Refs #27866 -- Adapted backport for Python 2 compatibility
* Removed unused links in docs/internals/contributing/triaging-tickets.txt.
* Clarified QuerySet.iterator()'s docs on server-side cursors.
* Fixed #28096 -- Allowed prefetch calls with ModelIterable subclasses
* Fixed #28414 -- Fixed ClearableFileInput rendering as a subwidget of MultiWidget.
* Corrected REPL example in forms docs for Python 3.
* Refs #28181 -- Corrected detection of GDAL 2.1 on Windows.
* Fixed #28075 -- Prevented ChoiceWidget from localizing option values.
* Fixed #28282 -- Fixed class-based indexes name for models that only inherit Model.
* Fixed #28038 -- Restored casting to text of builtin lookups on PostgreSQL.
* Fixed #28418 -- Fixed queryset crash when using a GenericRelation to a proxy model.
* Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL.
* Fixed #28105 -- Fixed crash in BaseGeometryWidget.get_context() when overriding existing attrs.
* Refs #28160 -- Skipped a GeoManager test if not using a GIS database backend.
* Fixed #28157 -- Fixed choice ordering in form fields with grouped and non-grouped options.
* Fixed #28095 -- Doc'd Widget.build_attrs() signature change in Django 1.11.
* Fixed a forms test after updated translations.
* Fixed 403 link in docs/ref/contrib/gis/install/spatialite.txt.
* Simplified schema.tests with assertForeignKeyExists()/assertForeignKeyNotExists().
* Fixed #28336 -- Fixed typo in docs/ref/settings.txt.
* Fixed #28378 -- Fixed union() and difference() when combining with a queryset raising EmptyResultSet.
* Refs #28052 -- Cleaned up some indexes in schema tests.
* Fixed #28047 -- Fixed QuerySet.filter() crash when it uses the name of a OneToOneField pk.
* Added release date for 1.11.1.
* Fixed #28327 -- Removed contradictory description of mod_wsgi docs.
* Clarified "newly-introduced features" in the supported versions policy.
* Fixed docs build with Sphinx 1.6.
* Fixed #28239 -- Removed docs for a removed arg of template.Context.
* Bumped version for 1.11.2 release.
* Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests.
* Updated postgis.net and gaia-gis.it links to https.
* Fixed typos in docs/topic/db/search.txt.
* Fixed #28174 -- Fixed crash in runserver's autoreload with Python 2 on Windows with non-str environment variables.
* Fixed typos in docs/howto/static-files/index.txt.
* Fixed #28294 -- Doc'd request/args/kwargs attributes of class-based views.
* Fixed #27967 -- Fixed KeyError in admin's inline form with inherited non-editable pk.
* Fixed db backend discovery in admin_scripts tests.
* Fixed outdated TIME_FORMAT in docs/ref/templates/builtins.txt.
* Fixed #26028 -- Added overriding templates howto.
* Updated was_published_recently() tutorial test to check boundary condition.
* Fix a typo in django/db/transaction.py
* Fixed #28109 -- Corrected the stack level of unordered queryset pagination warnings.
* Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs.
* Refs #22397 -- Removed model in test cleanup
* Fixed #28052 -- Prevented dropping Meta.indexes when changing db_index to False.
* Fixed #18485 -- Doc'd behavior of PostgreSQL when manually setting AutoField.
* Updated core translations from Transifex
* Fixed #28166 -- Fixed Model._state.db on MTI parent model after saving child model.
* Added missing import in docs/topics/db/queries.txt.
* Refs #27919 -- Passed ChoiceWidget.create_option() kwargs as expected.
* Fixed #28229 -- Fixed the value of LoginView's "next" template variable.
* Fixed #27975 -- Fixed crash if ModelChoiceField's queryset=None.
* Added release date for 1.11.2.
* Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs.
* Fixed #28159 -- Fixed BaseInlineFormSet._construct_form() crash when using save_as_new.
* Removed an obsolete temporal reference in docs/faq/general.txt.
* Fixed #28042 -- Fixed crash when using a two-tuple in EmailMessage's attachments arg.
* Fixed #27945 -- Clarified that RegexValidator searches with the regex.
* Linked GIS functions docs to corresponding PostGIS docs.
* Refs #17453 -- Fixed broken link to #django IRC logs.
* Fixed gis_tests.geoapp test with incorrect geodetic coordinates.
* Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data.
* Fixed #27730 -- Doc'd that template vars created outside a block can't be used in it.
* Fixed #28069 -- Moved setup_test_environment() warning in tutorial 5.
* Fixed #28130 -- Fixed formset min_num validation with initial, unchanged forms.
* Fixed #28091 -- Re-raised original exception when closing cursor cleanup fails
* Clarified backend support of Area GIS function.
* Fixed #28387 -- Fixed has_changed() for disabled form fields that subclass it.
* Fixed #27915 -- Allowed Meta.indexes to be defined in abstract models.
* Fixed #26755 -- Fixed test_middleware_classes_headers if Django source isn't writable.
* Fixed #28188 -- Fixed crash when pickling model fields.
* Fixed typo in docs/ref/models/querysets.txt.
* Pointed Dive into Python links to python3 site
* Refs #25240 -- Added ExtractWeek examples.
* Added some shell output in tutorial 2.
* Removed inappropriate highlighting in committing-code.txt.
* Fixed #28399 -- Fixed QuerySet.count() for union(), difference(), and intersection() queries.
* Fixed #28212 -- Allowed customizing the port that LiveServerTestCase uses.
* Fixed flake8 warning on Python 2.
* Clarified meaning of "Optional" in auth.models.User field docs.
* Clarified HStoreField model/form difference in 1.11 release notes.
* Removed self from method signatures in docs.
* Added stub release notes for 1.11.4.
* Updated tests after French translation update
* Fixed #27603 -- Fixed AsKML when queryset is evaluated more than once.
* Fixed #28262 -- Fixed incorrect DisallowedModelAdminLookup when a nested reverse relation is in list_filter.
* Fixed #27434 -- Doc'd how to raise a model validation error for a field not in a model form.
* Refs #21415 -- Fixed contrib.humanize translations for es_AR
* Fixed #27655 -- Added some guidelines to the coding style docs.
* Updated contrib translations from Transifex
* Removed nonexistent methods from File's docs.
* Doc'd the need to remove default ordering on Subquery aggregates.
* Fixed broken link to mysqlclient docs.
* Fixed #28210 -- Fixed Model._state.adding on MTI parent model after saving child model.
* Removed usage of deprecated sphinx.util.compat.Directive.
* Refs #28100 -- Added 1.11.1 release note for e6bfd3d751278d7cfd09af1120c4bbce509c05da.
* Fixed #28190 -- Clarifed how include/extends treat template names.
* Refs #26294 -- Fixed typo in docs/ref/django-admin.txt.
* Refs #28091 -- Fixed typo and rephrased 1.11.1 release note.
* Fixed typo in docs/ref/class-based-views/mixins-single-object.txt.
* Bumped version for 1.11.1 release.
* Added release date for 1.11.3.
* Bumped version for 1.11 release candidate 1.
* Simplified tutorial's test names and docstrings.
* Fixed typo in django/db/backends/base/schema.py comment.
* Fixed #28233 -- Used a simpler example in the aggregation "cheat sheet" docs.
- Require python-pytz and Recommend python-bcrypt
* Wed Aug 09 2017 toddrme2178@gmail.com
- Fix building on older Python versions.
* Mon Jul 10 2017 toddrme2178@gmail.com
- Fix wrong-script-interpreter rpmlint error.
* Mon May 08 2017 toddrme2178@gmail.com
- django-admin.py should be the master, not django-admin.
* Sat May 06 2017 toddrme2178@gmail.com
- Don't provide python2-django or python2-South, singlespec
packages should use correct name.
* Thu May 04 2017 toddrme2178@gmail.com
- Implement single-spec version.
* Tue Apr 04 2017 appleonkel@opensuse.org
- Update to 1.10.7
Bugfixes
* Made admin?s RelatedFieldWidgetWrapper use the wrapped widget?s
value_omitted_from_data() method (#27905)
* Fixed model form default fallback for SelectMultiple (#27993)
* Wed Mar 01 2017 appleonkel@opensuse.org
- Update to 1.10.6
Bugfixes
* Fixed ClearableFileInput?s ?Clear? checkbox on model form fields where the
model field has a default
* Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing rather than
generating a bad request response
* Fixed a crash on Oracle and PostgreSQL when subtracting DurationField or
IntegerField from DateField
* Fixed query expression date subtraction accuracy on PostgreSQL for differences
large an a month
* Fixed a GDALException raised by GDALClose on GDAL >= 2.0
* Tue Jan 31 2017 michal@cihar.com
- Update to 1.10.5
* See https://docs.djangoproject.com/en/1.10/releases/1.10/
* Full text search for PostgreSQL
* New-style middleware
* Official support for Unicode usernames
* Fri Dec 02 2016 appleonkel@opensuse.org
- Update to 1.9.12
Bugfixes
* Quoted the Oracle test user?s password in queries to fix the ?ORA-00922: missing
or invalid option? error when the password starts with a number or
special character (#27420)
* DNS rebinding vulnerability when DEBUG=True
* CSRF protection bypass on a site with Google Analytics
* Sat Sep 24 2016 sbahling@suse.com
- Change Requires: python-Pillow to python-imaging for compatibility
with SLE-12 which provides PIL instead of Pillow.
* Tue Aug 09 2016 aplanas@suse.com
- Update to 1.9.9
Bugfixes
* Fixed invalid HTML in template postmortem on the debug page
(#26938).
* Fixed some GIS database function crashes on MySQL 5.7 (#26657).
- Update to 1.9.8
Fix XSS in admin?s add/change related popup (bsc#988420)
Unsafe usage of JavaScript?s Element.innerHTML could result in XSS
in the admin?s add/change related popup. Element.textContent is now
used to prevent execution of the data.
The debug view also used innerHTML. Although a security issue wasn?t
identified there, out of an abundance of caution it?s also updated
to use textContent.
Bugfixes
* Fixed missing varchar/text_pattern_ops index on CharField and
TextField respectively when using AddField on PostgreSQL (#26889).
* Fixed makemessages crash on Python 2 with non-ASCII file names
(#26897).
- Update to 1.9.7
Bugfixes
* Removed the need for the request context processor on the admin
login page to fix a regression in 1.9 (#26558).
* Fixed translation of password validators? help_text in forms
(#26544).
* Fixed a regression causing the cached template loader to crash
when using lazy template names (#26603).
* Fixed on_commit callbacks execution order when callbacks make
transactions (#26627).
* Fixed HStoreField to raise a ValidationError instead of crashing
on non-dictionary JSON input (#26672).
* Fixed dbshell crash on PostgreSQL with an empty database name
(#26698).
* Fixed a regression in queries on a OneToOneField that has to_field
and primary_key=True (#26667).
* Tue May 03 2016 aplanas@suse.com
- Update to 1.9.6
Bugfixes
* Added support for relative path redirects to the test client and
to SimpleTestCase.assertRedirects() because Django 1.9 no longer
converts redirects to absolute URIs (#26428).
* Fixed TimeField microseconds round-tripping on MySQL and SQLite
(#26498).
* Prevented makemigrations from generating infinite migrations for a
model field that references a functools.partial (#26475).
* Fixed a regression where SessionBase.pop() returned None rather
than raising a KeyError for nonexistent values (#26520).
* Fixed a regression causing the cached template loader to crash
when using template names starting with a dash (#26536).
* Restored conversion of an empty string to null when saving values
of GenericIPAddressField on SQLite and MySQL (#26557).
* Fixed a makemessages regression where temporary .py extensions
were leaked in source file paths (#26341).
* Sun May 01 2016 michael@stroeder.com
- Update to 1.9.5
* Tue Feb 02 2016 aplanas@suse.com
- Update to 1.9.2
Security issue
* User with "change" but not "add" permission can create objects for
ModelAdmin's with save_as=True
Backwards incompatible change
* .py-tpl files rewritten in project/app templates
Bugfixes
* Fixed a regression in ConditionalGetMiddleware causing
If-None-Match checks to always return HTTP 200 (#26024).
* Fixed a regression that caused the "user-tools" items to display
on the admin's logout page (#26035).
* Fixed a crash in the translations system when the current language
has no translations (#26046).
* Fixed a regression that caused the incorrect day to be selected
when opening the admin calendar widget for timezones from GMT+0100
to GMT+1200 (#24980).
* Fixed a regression in the admin's edit related model popup that
caused an escaped value to be displayed in the select dropdown of
the parent window (#25997).
* Fixed a regression in 1.8.8 causing incorrect index handling in
migrations on PostgreSQL when adding db_index=True or unique=True
to a CharField or TextField that already had the other specified,
or when removing one of them from a field that had both, or when
adding unique=True to a field already listed in unique_together
(#26034).
* Fixed a regression where defining a relation on an abstract
model's field using a string model name without an app_label no
longer resolved that reference to the abstract model's app if
using that model in another application (#25858).
* Fixed a crash when destroying an existing test database on MySQL
or PostgreSQL (#26096).
* Fixed CSRF cookie check on POST requests when
USE_X_FORWARDED_PORT=True (#26094).
* Fixed a QuerySet.order_by() crash when ordering by a relational
field of a ManyToManyField through model (#26092).
* Fixed a regression that caused an exception when making database
queries on SQLite with more than 2000 parameters when DEBUG is
True on distributions that increase the SQLITE_MAX_VARIABLE_NUMBER
compile-time limit to over 2000, such as Debian (#26063).
* Fixed a crash when using a reverse OneToOneField in
ModelAdmin.readonly_fields (#26060).
* Fixed a crash when calling the migrate command in a test case with
the available_apps attribute pointing to an application with
migrations disabled using the MIGRATION_MODULES setting (#26135).
* Restored the ability for testing and debugging tools to determine
the template from which a node came from, even during template
inheritance or inclusion. Prior to Django 1.9, debugging tools
could access the template origin from the node via
Node.token.source[0]. This was an undocumented, private API. The
origin is now available directly on each node using the
Node.origin attribute (#25848).
* Fixed a regression in Django 1.8.5 that broke copying a
SimpleLazyObject with copy.copy() (#26122).
* Always included geometry_field in the GeoJSON serializer output
regardless of the fields parameter (#26138).
* Fixed the contrib.gis map widgets when using
USE_THOUSAND_SEPARATOR=True (#20415).
* Made invalid forms display the initial of values of their disabled
fields (#26129).