From 58d2cb969c8c1d392150a6bc45bb57e831f368d5 Mon Sep 17 00:00:00 2001 From: Trevor Gamblin Date: Wed, 23 Mar 2022 13:33:31 -0400 Subject: python3-django: upgrade 2.2.24 -> 2.2.27 The delta between 2.2.24 and 2.2.27 contain numerous CVE and other bugfixes. git log --oneline 2.2.24..2.2.27 shows: e541f2d05b (tag: 2.2.27) [2.2.x] Bumped version for 2.2.27 release. c477b76180 [2.2.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads. c27a7eb9f4 [2.2.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 4cafd3aacb [2.2.x] Added stub release notes 2.2.27. 77d0fe5868 [2.2.x] Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security archive. e085d46e4b [2.2.x] Post-release version bump. 44e7cca623 (tag: 2.2.26) 2.2.x] Bumped version for 2.2.26 release. 4cb35b384c [2.2.x] Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem. c9f648ccfa [2.2.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. 2135637fdd [2.2.x] Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator. 03b733d8a8 [2.2.x] Added stub release notes for 2.2.26 release. b87820668e [2.2.x] Refs #33365, Refs #30530 -- Doc'd re_path() behavior change in Django 2.2.25, 3.1.14, and 3.2.10. 573e70ea48 [2.2.x] Added CVE-2021-44420 to security archive. 8439938602 [2.2.x] Post-release version bump. 79d8dcefb2 (tag: 2.2.25) [2.2.x] Bumped version for 2.2.25 release. 7cf7d74e8a [2.2.x] Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths. 0007a5f9fa [2.2.x] Added requirements.txt to files ignored by Sphinx builds. fac0fdd95d [2.2.x] Added stub release notes for 2.2.25. 4bc10b7955 [2.2.x] Fixed crash building HTML docs since Sphinx 4.3. 5289fcfffe [2.2.x] Configured Read The Docs to build all formats. 9a4a2b2089 [2.2.x] Refs #33247 -- Corrected configuration for Read The Docs. 029c830b71 [2.2.x] Fixed #33247 -- Added configuration for Read The Docs. 12141e3116 [2.2.x] Refs #32856 -- Clarified that psycopg2 < 2.9 is required. cf63dd5c1b [2.2.x] Added 'formatter' to spelling wordlist. 05bc1c81aa [2.2.x] Fixed #33082 -- Fixed CommandTests.test_subparser_invalid_option on Python 3.9.7+. a9c0aa11e7 [2.2.x] Refs #31676 -- Updated technical board description in organization docs. 66008c2af0 [2.2.x] Refs #31676 -- Added Mergers and Releasers to organization docs. d4d1c2b3db [2.2.x] Refs #31676 -- Removed Core team from organization docs. 8f59f72a20 [2.2.x] Refs #31676 -- Removed Django Core-Mentorship mailing list references in docs. 837ffcfa68 [2.2.x] Refs #32856 -- Doc'd that psycopg2 < 2.9 is required. dc43667eab [2.2.x] Fixed docs header underlines in security archive. 3e7bb564be [2.2.x] Added CVE-2021-33203 and CVE-2021-33571 to security archive. 48bde7cab4 [2.2.x] Post-release version bump. Signed-off-by: Trevor Gamblin Signed-off-by: Armin Kuster --- meta-python/recipes-devtools/python/python3-django_2.2.24.bb | 9 --------- meta-python/recipes-devtools/python/python3-django_2.2.27.bb | 9 +++++++++ 2 files changed, 9 insertions(+), 9 deletions(-) delete mode 100644 meta-python/recipes-devtools/python/python3-django_2.2.24.bb create mode 100644 meta-python/recipes-devtools/python/python3-django_2.2.27.bb (limited to 'meta-python/recipes-devtools') diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.24.bb b/meta-python/recipes-devtools/python/python3-django_2.2.24.bb deleted file mode 100644 index 964ca6ba03..0000000000 --- a/meta-python/recipes-devtools/python/python3-django_2.2.24.bb +++ /dev/null @@ -1,9 +0,0 @@ -require python-django.inc -inherit setuptools3 - -SRC_URI[md5sum] = "ebf3bbb7716a7b11029e860475b9a122" -SRC_URI[sha256sum] = "3339ff0e03dee13045aef6ae7b523edff75b6d726adf7a7a48f53d5a501f7db7" - -RDEPENDS_${PN} += "\ - ${PYTHON_PN}-sqlparse \ -" diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.27.bb b/meta-python/recipes-devtools/python/python3-django_2.2.27.bb new file mode 100644 index 0000000000..7a50a69288 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-django_2.2.27.bb @@ -0,0 +1,9 @@ +require python-django.inc +inherit setuptools3 + +SRC_URI[md5sum] = "4af3aeed9e515ccde107ae6a9804c31f" +SRC_URI[sha256sum] = "1ee37046b0bf2b61e83b3a01d067323516ec3b6f2b17cd49b1326dd4ba9dc913" + +RDEPENDS_${PN} += "\ + ${PYTHON_PN}-sqlparse \ +" -- cgit v1.2.3-54-g00ecf