[ubuntu/vivid-proposed] python-django 1.7.4-1ubuntu1 (Accepted)

Matthias Klose doko at ubuntu.com
Tue Mar 3 20:06:23 UTC 2015 

python-django (1.7.4-1ubuntu1) vivid; urgency=medium

  * Merge with Debian; remaining changes:
    - debian/patches/99_fix_multipart_base64_decoding_large_files.patch:
      Fix Multipart base64 file decoding with large files ensuring that the
      actual base64 content has a length a multiple of 4.

python-django (1.7.4-1) unstable; urgency=medium

  * Release to unstable and hopefully to Jessie too.

python-django (1.7.4-1~exp1) experimental; urgency=medium

  * New upstream bugfix release.
  * Drop fix-24193-python34-test-failure.diff, merged upstream.

python-django (1.7.3-1~exp1) experimental; urgency=high

  [ Luke Faraone ]
  * New upstream security release.
    - WSGI header spoofing via underscore/dash conflation (CVE-2015-0219)
    - Possible XSS attack via user-supplied redirect URLs (CVE-2015-0220)
    - DoS attack against django.views.static.serve (CVE-2015-0221)
    - Database DoS with ModelMultipleChoiceField (CVE-2015-0222)
    Closes: #775375

  [ Raphaël Hertzog ]
  * Add patch fix-24193-python34-test-failure.diff to fix a test failure with
    Python3.4.

python-django (1.7.2-1) experimental; urgency=medium

  [ Raphaël Hertzog ]
  * Add geoip-database-extra as an alternative to geoip-database-contrib.

  [ Brian May ]
  * New upstream version.

python-django (1.7.1-1) unstable; urgency=medium

  [ Raphaël Hertzog ]
  * New upstream bugfix release.
  * Drop 01_fix_test_loaddata_not_existant_fixture_file.patch, merged
    upstream.
  * Update Standards-Version to 3.9.6.
  * Add lintian overrides for package-contains-timestamped-gzip (false
    positive).

  [ Brian May ]
  * Fix django-admin wrapper to not even consider using python 2.6 as
    that version is unsupported with Django 1.7.

python-django (1.7-3) unstable; urgency=medium

  * Add 01_fix_test_loaddata_not_existant_fixture_file.patch
    to fix FTBFS with Python 3.4.2. Closes: #765117
  * Improve migrate-south script to look for Python files in the current dir.
    ./manage.py implicitely has the current directory but when we use
    django-admin it's not the case. Thanks to Uwe Kleine-Koenig for the
    report.

python-django (1.7-2) unstable; urgency=medium

  * Release to unstable.
  * Add a migrate-south sample script to help users apply their South
    migrations. Thanks to Brian May.

python-django (1.7-1) experimental; urgency=medium

  * New major upstream release.
  * Add a NEWS file to document the incompatibility with South.

python-django (1.7~c3-1) experimental; urgency=medium

  * New upstream release candidate with security fixes:
    https://www.djangoproject.com/weblog/2014/aug/20/security/

python-django (1.7~c2-2) experimental; urgency=medium

  * Merge changes from 1.6.5-4:
    * Don't output stuff to stdout in django-admin. Closes: #757145
    * Update Vcs-* fields since the packaging repository moved to git.

python-django (1.7~c2-1) experimental; urgency=medium

  * New upstream release candidate.

python-django (1.7~c1+20140722-2) experimental; urgency=medium

  * Move django-admin manual page in python-django-common. Bump version
    constraint in Breaks/Replaces accordingly.
  * Drop conflicting django-admin in python-django and python3-django that
    were not removed as usual because upstream stopped installing them as
    django-admin.py.
  * Drop extra license files.
  * Fix shebang lines in python3-django.
  * Drop empty left-over /usr/bin directories in python-django/python3-django.

python-django (1.7~c1+20140722-1) experimental; urgency=medium

  * New upstream release candidate. We want this version in jessie so we
    should prepare now.
  * Snapshot tarball generated with "python setup.py sdist" after having
    applied fix submitted in https://code.djangoproject.com/ticket/23072
  * Added python-sqlparse, python-tz to Recommends
  * Added other optional dependencies (python-memcache, python-pil,
    python-bcrypt) to Suggests
  * Add all those dependencies in Build-Depends for the benefit of the
    test suite.
  * Run the test suite for python2 and python3.
  * Differentiate descriptions of python2 and python3 packages.

Date: Tue, 03 Mar 2015 20:34:47 +0100
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-django/1.7.4-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 03 Mar 2015 20:34:47 +0100
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source
Version: 1.7.4-1ubuntu1
Distribution: vivid
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 757145 765117 775375
Changes:
 python-django (1.7.4-1ubuntu1) vivid; urgency=medium
 .
   * Merge with Debian; remaining changes:
     - debian/patches/99_fix_multipart_base64_decoding_large_files.patch:
       Fix Multipart base64 file decoding with large files ensuring that the
       actual base64 content has a length a multiple of 4.
 .
 python-django (1.7.4-1) unstable; urgency=medium
 .
   * Release to unstable and hopefully to Jessie too.
 .
 python-django (1.7.4-1~exp1) experimental; urgency=medium
 .
   * New upstream bugfix release.
   * Drop fix-24193-python34-test-failure.diff, merged upstream.
 .
 python-django (1.7.3-1~exp1) experimental; urgency=high
 .
   [ Luke Faraone ]
   * New upstream security release.
     - WSGI header spoofing via underscore/dash conflation (CVE-2015-0219)
     - Possible XSS attack via user-supplied redirect URLs (CVE-2015-0220)
     - DoS attack against django.views.static.serve (CVE-2015-0221)
     - Database DoS with ModelMultipleChoiceField (CVE-2015-0222)
     Closes: #775375
 .
   [ Raphaël Hertzog ]
   * Add patch fix-24193-python34-test-failure.diff to fix a test failure with
     Python3.4.
 .
 python-django (1.7.2-1) experimental; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Add geoip-database-extra as an alternative to geoip-database-contrib.
 .
   [ Brian May ]
   * New upstream version.
 .
 python-django (1.7.1-1) unstable; urgency=medium
 .
   [ Raphaël Hertzog ]
   * New upstream bugfix release.
   * Drop 01_fix_test_loaddata_not_existant_fixture_file.patch, merged
     upstream.
   * Update Standards-Version to 3.9.6.
   * Add lintian overrides for package-contains-timestamped-gzip (false
     positive).
 .
   [ Brian May ]
   * Fix django-admin wrapper to not even consider using python 2.6 as
     that version is unsupported with Django 1.7.
 .
 python-django (1.7-3) unstable; urgency=medium
 .
   * Add 01_fix_test_loaddata_not_existant_fixture_file.patch
     to fix FTBFS with Python 3.4.2. Closes: #765117
   * Improve migrate-south script to look for Python files in the current dir.
     ./manage.py implicitely has the current directory but when we use
     django-admin it's not the case. Thanks to Uwe Kleine-Koenig for the
     report.
 .
 python-django (1.7-2) unstable; urgency=medium
 .
   * Release to unstable.
   * Add a migrate-south sample script to help users apply their South
     migrations. Thanks to Brian May.
 .
 python-django (1.7-1) experimental; urgency=medium
 .
   * New major upstream release.
   * Add a NEWS file to document the incompatibility with South.
 .
 python-django (1.7~c3-1) experimental; urgency=medium
 .
   * New upstream release candidate with security fixes:
     https://www.djangoproject.com/weblog/2014/aug/20/security/
 .
 python-django (1.7~c2-2) experimental; urgency=medium
 .
   * Merge changes from 1.6.5-4:
     * Don't output stuff to stdout in django-admin. Closes: #757145
     * Update Vcs-* fields since the packaging repository moved to git.
 .
 python-django (1.7~c2-1) experimental; urgency=medium
 .
   * New upstream release candidate.
 .
 python-django (1.7~c1+20140722-2) experimental; urgency=medium
 .
   * Move django-admin manual page in python-django-common. Bump version
     constraint in Breaks/Replaces accordingly.
   * Drop conflicting django-admin in python-django and python3-django that
     were not removed as usual because upstream stopped installing them as
     django-admin.py.
   * Drop extra license files.
   * Fix shebang lines in python3-django.
   * Drop empty left-over /usr/bin directories in python-django/python3-django.
 .
 python-django (1.7~c1+20140722-1) experimental; urgency=medium
 .
   * New upstream release candidate. We want this version in jessie so we
     should prepare now.
   * Snapshot tarball generated with "python setup.py sdist" after having
     applied fix submitted in https://code.djangoproject.com/ticket/23072
   * Added python-sqlparse, python-tz to Recommends
   * Added other optional dependencies (python-memcache, python-pil,
     python-bcrypt) to Suggests
   * Add all those dependencies in Build-Depends for the benefit of the
     test suite.
   * Run the test suite for python2 and python3.
   * Differentiate descriptions of python2 and python3 packages.
Checksums-Sha1:
 947cd662f8b4fda16b34ddac90b028396f45b502 2760 python-django_1.7.4-1ubuntu1.dsc
 4b06c77f10d4a34bacfb54023b6bdfd6961505a4 7592584 python-django_1.7.4.orig.tar.gz
 2d688cebbfab90f4ce436790463fb650f49873a7 23072 python-django_1.7.4-1ubuntu1.debian.tar.xz
Checksums-Sha256:
 2ba35634e02ad0fb424243831dfcbc463b5ec3c48802a23741ab6f0cc04cfdc5 2760 python-django_1.7.4-1ubuntu1.dsc
 f33255afbb9ee0977d9095ab0b50fde1f8ddff4220b57e8d19c6620b3e316170 7592584 python-django_1.7.4.orig.tar.gz
 e971d0bd24a3f714b2d584a87c2fcb14f50426502752dfa3792db669521e0c5f 23072 python-django_1.7.4-1ubuntu1.debian.tar.xz
Files:
 d17e44b985d09b1582729250ca93689d 2760 python optional python-django_1.7.4-1ubuntu1.dsc
 f8db10520f0268747d402a47a1a4b191 7592584 python optional python-django_1.7.4.orig.tar.gz
 21f7edf20563e203dce0f12297a97a18 23072 python optional python-django_1.7.4-1ubuntu1.debian.tar.xz
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJU9g9bAAoJEL1+qmB3j6b1ob0P/A0mzRwvhlsn7gnPfM3Xz2EP
ST/eexSAvq/mPHI2ABrZmLYNimxLjrPKs+nfao9c9qub+TnUNNyoUF0HKx4IrP2/
YXSAqHxxDH+OizOiVbjWslcanETPk0NpCDLnYT4zZpCrvEpJtIaAkHU62Sn0NAB2
/0OsJ6b09Dyr5pPW8nx1IyTKtLAhKIPcyKHo5lAeFz5aI73nH6bJQsMyqwWBpPnB
N8VWtMSIxZBBKpZ/+2fHdYT8IwzBFvXslpNXNUVUWmLo/34NY7UWlziPWNZcaCUi
4Aum64tUBKPWsmj7RJRwZYVbGUoPBQBsHxPkA2FusKqy0PycVz5nmYe0C6q9z9R1
rcK5ldAk3RiMx0u0nKMa5NvN8haxASivYWyx50NkGmGS+VNOcW3hLU5yIoNBRPME
IKwuqFCDSccdt1ECES6qNW+f/8vcwDVwMsoSy2SuuQHfLoULgDVmBB/puHPjUGua
YPTr/7rdogPKWLxcYXCBKTF+AsQtjhjWB0rFm897Wo+J93gZ3T0xD5eLHFJ5nWNT
bePJAhd+xqZ8clOFSjMLRQW4DnQde7tmA0hLHi3Q2e3CtRkCc/ZR3FwR7AllhOSM
AkZLGkwzLUa5xrscgJXNTMe4hOvZAMhI9kEqS+5IJuvfnQ9S4VlzJC5oSuO0kYmP
3thk6S94/RfBfMCsFtBZ
=XKXB
-----END PGP SIGNATURE-----

More information about the Vivid-changes mailing list