Sat Aug 23 12:16:45 2014 UTC ()
Changes 1.4.14:
Security fixes:
* Issue: reverse() can generate URLs pointing to other hosts (CVE-2014-0480)
* Issue: file upload denial of service (CVE-2014-0481)
* Issue: RemoteUserMiddleware session hijacking (CVE-2014-0482)
* Issue: data leakage via querystring manipulation in admin (CVE-2014-0483)


(adam)
diff -r1.7 -r1.8 pkgsrc/www/py-django14/Makefile
diff -r1.1 -r1.2 pkgsrc/www/py-django14/PLIST
diff -r1.3 -r1.4 pkgsrc/www/py-django14/distinfo
cvs diff -r1.7 -r1.8 pkgsrc/www/py-django14/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/py-django14/Attic/Makefile 2014/06/10 12:01:56 1.7
+++ pkgsrc/www/py-django14/Attic/Makefile 2014/08/23 12:16:45 1.8
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.7 2014/06/10 12:01:56 joerg Exp $ 1# $NetBSD: Makefile,v 1.8 2014/08/23 12:16:45 adam Exp $
2 2
3DISTNAME= Django-1.4.13 3DISTNAME= Django-1.4.14
4PKGNAME= ${PYPKGPREFIX}-${DISTNAME:tl} 4PKGNAME= ${PYPKGPREFIX}-${DISTNAME:tl}
5CATEGORIES= www python 5CATEGORIES= www python
6MASTER_SITES= http://www.djangoproject.com/m/releases/${PKGVERSION_NOREV:R}/ 6MASTER_SITES= http://www.djangoproject.com/m/releases/${PKGVERSION_NOREV:R}/
7 7
8MAINTAINER= joerg@NetBSD.org 8MAINTAINER= joerg@NetBSD.org
9HOMEPAGE= http://www.djangoproject.com/ 9HOMEPAGE= http://www.djangoproject.com/
10COMMENT= Django, a high-level Python Web framework (LTS version) 10COMMENT= Django, a high-level Python Web framework (LTS version)
11LICENSE= modified-bsd 11LICENSE= modified-bsd
12 12
13PLIST_SUBST+= PYVERSSUFFIX=${PYVERSSUFFIX:Q} 13PLIST_SUBST+= PYVERSSUFFIX=${PYVERSSUFFIX:Q}
14 14
15USE_LANGUAGES= # empty 15USE_LANGUAGES= # empty
16REPLACE_PYTHON= ${WRKSRC}/django/bin/*.py 16REPLACE_PYTHON= ${WRKSRC}/django/bin/*.py
cvs diff -r1.1 -r1.2 pkgsrc/www/py-django14/Attic/PLIST (expand / switch to unified diff)

--- pkgsrc/www/py-django14/Attic/PLIST 2013/11/14 21:27:01 1.1
+++ pkgsrc/www/py-django14/Attic/PLIST 2014/08/23 12:16:45 1.2
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.1 2013/11/14 21:27:01 joerg Exp $ 1@comment $NetBSD: PLIST,v 1.2 2014/08/23 12:16:45 adam Exp $
2bin/django-admin.py 2bin/django-admin.py
3${PYSITELIB}/${EGG_FILE} 3${PYSITELIB}/${EGG_FILE}
4${PYSITELIB}/django/__init__.py 4${PYSITELIB}/django/__init__.py
5${PYSITELIB}/django/__init__.pyc 5${PYSITELIB}/django/__init__.pyc
6${PYSITELIB}/django/__init__.pyo 6${PYSITELIB}/django/__init__.pyo
7${PYSITELIB}/django/bin/__init__.py 7${PYSITELIB}/django/bin/__init__.py
8${PYSITELIB}/django/bin/__init__.pyc 8${PYSITELIB}/django/bin/__init__.pyc
9${PYSITELIB}/django/bin/__init__.pyo 9${PYSITELIB}/django/bin/__init__.pyo
10${PYSITELIB}/django/bin/daily_cleanup.py 10${PYSITELIB}/django/bin/daily_cleanup.py
11${PYSITELIB}/django/bin/daily_cleanup.pyc 11${PYSITELIB}/django/bin/daily_cleanup.pyc
12${PYSITELIB}/django/bin/daily_cleanup.pyo 12${PYSITELIB}/django/bin/daily_cleanup.pyo
13${PYSITELIB}/django/bin/django-admin.py 13${PYSITELIB}/django/bin/django-admin.py
14${PYSITELIB}/django/bin/django-admin.pyc 14${PYSITELIB}/django/bin/django-admin.pyc
@@ -588,26 +588,29 @@ ${PYSITELIB}/django/conf/urls/shortcut.p @@ -588,26 +588,29 @@ ${PYSITELIB}/django/conf/urls/shortcut.p
588${PYSITELIB}/django/conf/urls/shortcut.pyo 588${PYSITELIB}/django/conf/urls/shortcut.pyo
589${PYSITELIB}/django/conf/urls/static.py 589${PYSITELIB}/django/conf/urls/static.py
590${PYSITELIB}/django/conf/urls/static.pyc 590${PYSITELIB}/django/conf/urls/static.pyc
591${PYSITELIB}/django/conf/urls/static.pyo 591${PYSITELIB}/django/conf/urls/static.pyo
592${PYSITELIB}/django/contrib/__init__.py 592${PYSITELIB}/django/contrib/__init__.py
593${PYSITELIB}/django/contrib/__init__.pyc 593${PYSITELIB}/django/contrib/__init__.pyc
594${PYSITELIB}/django/contrib/__init__.pyo 594${PYSITELIB}/django/contrib/__init__.pyo
595${PYSITELIB}/django/contrib/admin/__init__.py 595${PYSITELIB}/django/contrib/admin/__init__.py
596${PYSITELIB}/django/contrib/admin/__init__.pyc 596${PYSITELIB}/django/contrib/admin/__init__.pyc
597${PYSITELIB}/django/contrib/admin/__init__.pyo 597${PYSITELIB}/django/contrib/admin/__init__.pyo
598${PYSITELIB}/django/contrib/admin/actions.py 598${PYSITELIB}/django/contrib/admin/actions.py
599${PYSITELIB}/django/contrib/admin/actions.pyc 599${PYSITELIB}/django/contrib/admin/actions.pyc
600${PYSITELIB}/django/contrib/admin/actions.pyo 600${PYSITELIB}/django/contrib/admin/actions.pyo
 601${PYSITELIB}/django/contrib/admin/exceptions.py
 602${PYSITELIB}/django/contrib/admin/exceptions.pyc
 603${PYSITELIB}/django/contrib/admin/exceptions.pyo
601${PYSITELIB}/django/contrib/admin/filters.py 604${PYSITELIB}/django/contrib/admin/filters.py
602${PYSITELIB}/django/contrib/admin/filters.pyc 605${PYSITELIB}/django/contrib/admin/filters.pyc
603${PYSITELIB}/django/contrib/admin/filters.pyo 606${PYSITELIB}/django/contrib/admin/filters.pyo
604${PYSITELIB}/django/contrib/admin/forms.py 607${PYSITELIB}/django/contrib/admin/forms.py
605${PYSITELIB}/django/contrib/admin/forms.pyc 608${PYSITELIB}/django/contrib/admin/forms.pyc
606${PYSITELIB}/django/contrib/admin/forms.pyo 609${PYSITELIB}/django/contrib/admin/forms.pyo
607${PYSITELIB}/django/contrib/admin/helpers.py 610${PYSITELIB}/django/contrib/admin/helpers.py
608${PYSITELIB}/django/contrib/admin/helpers.pyc 611${PYSITELIB}/django/contrib/admin/helpers.pyc
609${PYSITELIB}/django/contrib/admin/helpers.pyo 612${PYSITELIB}/django/contrib/admin/helpers.pyo
610${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/django.mo 613${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/django.mo
611${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/django.po 614${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/django.po
612${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/djangojs.mo 615${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/djangojs.mo
613${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/djangojs.po 616${PYSITELIB}/django/contrib/admin/locale/ar/LC_MESSAGES/djangojs.po
cvs diff -r1.3 -r1.4 pkgsrc/www/py-django14/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/py-django14/Attic/distinfo 2014/06/10 11:58:10 1.3
+++ pkgsrc/www/py-django14/Attic/distinfo 2014/08/23 12:16:45 1.4
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.3 2014/06/10 11:58:10 joerg Exp $ 1$NetBSD: distinfo,v 1.4 2014/08/23 12:16:45 adam Exp $
2 2
3SHA1 (Django-1.4.13.tar.gz) = f9df618fc07628a0caffc46ecfb0ead65220665d 3SHA1 (Django-1.4.14.tar.gz) = ce1db876daceea9f9252b3a886e70ebda8978d6c
4RMD160 (Django-1.4.13.tar.gz) = 3fa6bca9e8d16414143f398cec974930544034fb 4RMD160 (Django-1.4.14.tar.gz) = 7ba597bc413ce855d881b6aecb5f2e7d9068104d
5Size (Django-1.4.13.tar.gz) = 7753532 bytes 5Size (Django-1.4.14.tar.gz) = 7754876 bytes