diff options
| author |   Tim Orling <ticotimo@gmail.com> | 2019-12-02 21:25:16 -0800 |
|---|---|---|
| committer | Tim Orling <ticotimo@gmail.com> | 2019-12-10 21:16:19 -0800 |
| commit | baebf7a014b04d616eba345bffefbb3298daba4a (patch) | |
| tree | f67be2b12ad3401cb69254de13ce972de2a61c30 /recipes-devtools/python/python-django_1.11.26.bb | |
| parent | 3b8cd5eacf82b28757b0237ce804172dd4940662 (diff) | |
| download | meta-python2-baebf7a014b04d616eba345bffefbb3298daba4a.tar.gz | |
python-django: upgrade 1.11.14 => 1.11.26
See upstream release notes for details of bugfixes.
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.26/
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.25/
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.24/
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.23/
CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator
CVE-2019-14233: Denial-of-service possibility in strip_tags()
CVE-2019-14234: SQL injection possibility in key and index lookups for JSONField/HStoreField
CVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri()
Bufixes: https://docs.djangoproject.com/en/3.0/releases/1.11.22/
CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.21/
CVE-2019-12308: AdminURLFieldWidget XSS
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.20/
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.19/
CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.18/
CVE-2019-3498: Content spoofing possibility in the default 404 page
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.17/
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.16/
Bugfixes: https://docs.djangoproject.com/en/3.0/releases/1.11.15/
CVE-2018-14574: Open redirect possibility in CommonMiddleware
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Diffstat (limited to 'recipes-devtools/python/python-django_1.11.26.bb')
| -rw-r--r-- | recipes-devtools/python/python-django_1.11.26.bb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/recipes-devtools/python/python-django_1.11.26.bb b/recipes-devtools/python/python-django_1.11.26.bb new file mode 100644 index 0000000..94a9884 --- /dev/null +++ b/recipes-devtools/python/python-django_1.11.26.bb @@ -0,0 +1,42 @@ +SUMMARY = "A high-level Python Web framework" +DESCRIPTION = "A high-level Python Web framework that encourages rapid \ +development and clean, pragmatic design." +HOMEPAGE = "http://www.djangoproject.com/" +SECTION = "devel/python" + +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=f09eb47206614a4954c51db8a94840fa" + +SRC_URI[md5sum] = "858e5417a10ce565a15d6e4a2ea0ee37" +SRC_URI[sha256sum] = "861db7f82436ab43e1411832ed8dca81fc5fc0f7c2039c7e07a080a63092fb44" + +PYPI_PACKAGE = "Django" + +UPSTREAM_CHECK_REGEX = "(?P<pver>1(\.\d+)+)" + +FILES_${PN} += "${datadir}/django" + +inherit pypi setuptools + +RDEPENDS_${PN} += "\ + ${PYTHON_PN}-argparse \ + ${PYTHON_PN}-compression \ + ${PYTHON_PN}-ctypes \ + ${PYTHON_PN}-datetime \ + ${PYTHON_PN}-email \ + ${PYTHON_PN}-html \ + ${PYTHON_PN}-json \ + ${PYTHON_PN}-logging \ + ${PYTHON_PN}-multiprocessing \ + ${PYTHON_PN}-netserver \ + ${PYTHON_PN}-numbers \ + ${PYTHON_PN}-pkgutil \ + ${PYTHON_PN}-pytz \ + ${PYTHON_PN}-subprocess \ + ${PYTHON_PN}-threading \ + ${PYTHON_PN}-unixadmin \ + ${PYTHON_PN}-xml \ + ${PYTHON_PN}-zlib \ +" + +BBCLASSEXTEND = "native nativesdk" |