Fedora 28: python2-django1.11 Security Update
Summary
This package provides Django in version 1.11 LTS, the last release
to support Python 2.
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.
- CVE-2019-3498: Content spoofing possibility in the default 404 page -CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format() - Fixed a
race condition in QuerySet.update_or_create() that could result in data loss -geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class
* Mon Feb 18 2019 Petr Viktorin
- Update to the 1.11.20 security fix release
- CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()
* Sat Feb 2 2019 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 8 2019 Petr Viktorin
- Update to the 1.11.18 security fix release
- CVE-2019-3498: Content spoofing possibility in the default 404 page
- geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class
- Officially supports Python 3.7
* Thu Nov 8 2018 Petr Viktorin
- Switch locale from en_US.utf-8 to C.utf-8 for tests
* Fri Aug 3 2018 Petr Viktorin
- Update to 1.11.16 release -- data loss bug fix
Fixed a race condition in QuerySet.update_or_create() that could result in data loss
- Remove optional test dependencies
- Exclude templates from shebang mangling
* Fri Aug 3 2018 Petr Viktorin
- Update to 1.11.15 security release (CVE-2018-14574)
CVE-2018-14574: Open redirect possibility in CommonMiddleware
https://docs.djangoproject.com/en/2.0/releases/1.11.15/
* Sat Jul 14 2018 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jun 4 2018 Petr Viktorin
- update to 1.11.14, fixing a memory usage regression and a GIS bug
https://docs.djangoproject.com/en/2.0/releases/1.11.14/
* Thu May 3 2018 Matthias Runge
- update to 1.11.13, fixing regressions and a crash
su -c 'dnf upgrade --advisory FEDORA-2019-5ad2149e99' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2019-5ad2149e99 2019-03-20 21:17:00.935171 Product : Fedora 28 Version : 1.11.20 Release : 1.fc28 URL : http://www.djangoproject.com/ Summary : Version 1.11 LTS of Django, a high-level Python Web framework Description : This package provides Django in version 1.11 LTS, the last release to support Python 2. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. - CVE-2019-3498: Content spoofing possibility in the default 404 page -CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format() - Fixed a race condition in QuerySet.update_or_create() that could result in data loss -geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class * Mon Feb 18 2019 Petr Viktorin - 1.11.20-1 - Update to the 1.11.20 security fix release - CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format() * Sat Feb 2 2019 Fedora Release Engineering - 1.11.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Jan 8 2019 Petr Viktorin - 1.11.18-1 - Update to the 1.11.18 security fix release - CVE-2019-3498: Content spoofing possibility in the default 404 page - geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class - Officially supports Python 3.7 * Thu Nov 8 2018 Petr Viktorin - 1.11.16-2 - Switch locale from en_US.utf-8 to C.utf-8 for tests * Fri Aug 3 2018 Petr Viktorin - 1.11.16-1 - Update to 1.11.16 release -- data loss bug fix Fixed a race condition in QuerySet.update_or_create() that could result in data loss - Remove optional test dependencies - Exclude templates from shebang mangling * Fri Aug 3 2018 Petr Viktorin - 1.11.15-2 - Update to 1.11.15 security release (CVE-2018-14574) CVE-2018-14574: Open redirect possibility in CommonMiddleware https://docs.djangoproject.com/en/2.0/releases/1.11.15/ * Sat Jul 14 2018 Fedora Release Engineering - 1.11.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jun 4 2018 Petr Viktorin - 1.11.14-1 - update to 1.11.14, fixing a memory usage regression and a GIS bug https://docs.djangoproject.com/en/2.0/releases/1.11.14/ * Thu May 3 2018 Matthias Runge - 1.11.13-1 - update to 1.11.13, fixing regressions and a crash su -c 'dnf upgrade --advisory FEDORA-2019-5ad2149e99' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References
Update Instructions
