CVS commit: pkgsrc/www/py-django3

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/py-django3
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Mon, 4 Mar 2024 15:47:29 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Mon Mar  4 15:47:29 UTC 2024

Modified Files:
        pkgsrc/www/py-django3: Makefile distinfo

Log Message:
py-django3: updated to 3.2.25

Django 3.2.25 fixes a security issue with severity “moderate” and a regression in 3.2.24.

CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a suitably crafted 
string (follow up to CVE-2019-14232 and CVE-2023-43665).

Bugfixes

Fixed a regression in Django 3.2.24 where intcomma template filter could return a leading comma for string representation of floats.


To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.38 pkgsrc/www/py-django3/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/www/py-django3/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/py-django3/Makefile
diff -u pkgsrc/www/py-django3/Makefile:1.37 pkgsrc/www/py-django3/Makefile:1.38
--- pkgsrc/www/py-django3/Makefile:1.37 Thu Feb  8 22:46:48 2024
+++ pkgsrc/www/py-django3/Makefile      Mon Mar  4 15:47:29 2024
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.37 2024/02/08 22:46:48 adam Exp $
+# $NetBSD: Makefile,v 1.38 2024/03/04 15:47:29 adam Exp $
 
-DISTNAME=      Django-3.2.24
+DISTNAME=      Django-3.2.25
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:tl}
 CATEGORIES=    www python
 MASTER_SITES=  https://www.djangoproject.com/m/releases/${PKGVERSION_NOREV:R}/

Index: pkgsrc/www/py-django3/distinfo
diff -u pkgsrc/www/py-django3/distinfo:1.36 pkgsrc/www/py-django3/distinfo:1.37
--- pkgsrc/www/py-django3/distinfo:1.36 Thu Feb  8 22:46:48 2024
+++ pkgsrc/www/py-django3/distinfo      Mon Mar  4 15:47:29 2024
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.36 2024/02/08 22:46:48 adam Exp $
+$NetBSD: distinfo,v 1.37 2024/03/04 15:47:29 adam Exp $
 
-BLAKE2s (Django-3.2.24.tar.gz) = e8b9dcaf3ee03aa69ed676e8911073158834a35e48c2f239c22997abc1eddb8c
-SHA512 (Django-3.2.24.tar.gz) = 840b4c87e159d9714ac816fffb09faba76d3b130a76caffff68b7edd59e9488832ccd8c5ffaa8f0d066f0faa029f6ef2395f6a8e9351eaa1bcbd316d50965fc8
-Size (Django-3.2.24.tar.gz) = 9833004 bytes
+BLAKE2s (Django-3.2.25.tar.gz) = afb7912dbcb330b2d50ad85ffb26111f18b8c5cfc141c562c1ac8f59d466c65e
+SHA512 (Django-3.2.25.tar.gz) = ccba83abd1777123186d685e21b96f41abf216a692d18ffe764d2e519eb9d1f6011d08c86b3affdd891591ca4ed7fee27ffa4750d19b486ca775ee680fdb0cb1
+Size (Django-3.2.25.tar.gz) = 9836336 bytes

Prev by Date: CVS commit: pkgsrc/lang
Next by Date: CVS commit: pkgsrc/www/py-django4
Previous by Thread: CVS commit: pkgsrc/lang
Next by Thread: CVS commit: pkgsrc/www/py-django4
Indexes:

Home | Main Index | Thread Index | Old Index