[Python-modules-commits] [python-django] 06/06: Change version to 1.8.11-1~bpo8+1

Raphaël Hertzog hertzog at moszumanska.debian.org
Tue Mar 8 17:27:49 UTC 2016


This is an automated email from the git hooks/post-receive script.

hertzog pushed a commit to branch debian/jessie-backports
in repository python-django.

commit a3fdc770c28d89138f8316d8bacb8201fda78f8d
Merge: 556aaec 95072b1
Author: Raphaël Hertzog <hertzog at debian.org>
Date:   Tue Mar 8 17:51:46 2016 +0100

    Change version to 1.8.11-1~bpo8+1
    
    New upstream version

 Django.egg-info/PKG-INFO                           |   2 +-
 Django.egg-info/SOURCES.txt                        |   3 +
 PKG-INFO                                           |   2 +-
 debian/.git-dpm                                    |   6 +-
 debian/changelog                                   |   7 ++
 .../patches/02_disable-sources-in-sphinxdoc.diff   |   6 +-
 .../06_use_debian_geoip_database_as_default.diff   |   2 +-
 .../fix-25761-add-traceback-attribute.patch        |   2 +-
 django/__init__.py                                 |   2 +-
 django/contrib/admin/actions.py                    |   2 +-
 django/contrib/auth/context_processors.py          |   2 +-
 django/contrib/auth/hashers.py                     |  77 ++++++++++----
 django/contrib/contenttypes/models.py              |  20 ++--
 django/contrib/gis/db/backends/postgis/models.py   |   2 +-
 django/contrib/gis/db/models/query.py              |   2 +-
 django/contrib/gis/gdal/geomtype.py                |   2 +-
 django/contrib/gis/sitemaps/kml.py                 |   2 +-
 django/contrib/postgres/fields/array.py            |   7 +-
 django/contrib/postgres/fields/ranges.py           |   8 +-
 django/core/validators.py                          |   9 +-
 django/db/backends/postgresql_psycopg2/base.py     |   2 +-
 django/db/models/expressions.py                    |   2 +-
 django/db/models/fields/related.py                 |  19 ++--
 django/db/models/query_utils.py                    |   2 +-
 django/forms/forms.py                              |   2 +-
 django/template/defaultfilters.py                  |   2 +-
 django/template/defaulttags.py                     |   2 +-
 django/test/signals.py                             |   2 +-
 django/utils/http.py                               |  13 ++-
 django/utils/translation/__init__.py               |   7 ++
 docs/_theme/djangodocs/static/djangodocs.css       |   2 +-
 docs/conf.py                                       |  11 +-
 docs/howto/custom-model-fields.txt                 |   3 +-
 docs/howto/outputting-pdf.txt                      |   2 +-
 docs/internals/deprecation.txt                     |   3 +
 docs/intro/reusable-apps.txt                       |   4 +-
 docs/ref/contrib/gis/feeds.txt                     |   4 +-
 docs/ref/contrib/gis/testing.txt                   |   4 +-
 docs/ref/contrib/gis/tutorial.txt                  |   8 +-
 docs/ref/contrib/syndication.txt                   |   2 +-
 docs/ref/models/expressions.txt                    |   6 +-
 docs/ref/settings.txt                              |  27 ++---
 docs/ref/validators.txt                            |   6 +-
 docs/releases/1.6.txt                              |   4 +-
 docs/releases/1.8.10.txt                           |  80 +++++++++++++++
 docs/releases/1.8.11.txt                           |   8 ++
 docs/releases/1.8.txt                              |   7 +-
 docs/releases/index.txt                            |   2 +
 docs/releases/security.txt                         |  38 +++++++
 docs/spelling_wordlist                             |   2 +
 docs/topics/auth/customizing.txt                   |  61 +----------
 docs/topics/auth/default.txt                       |   2 +-
 docs/topics/auth/passwords.txt                     | 113 +++++++++++++++++++++
 docs/topics/db/multi-db.txt                        |   4 +-
 docs/topics/email.txt                              |   2 +
 docs/topics/testing/tools.txt                      |   1 -
 setup.cfg                                          |   2 +-
 tests/admin_changelist/tests.py                    |   2 +-
 tests/aggregation_regress/tests.py                 |   4 +-
 tests/auth_tests/test_forms.py                     |   2 +-
 tests/auth_tests/test_hashers.py                   |  58 ++++++++++-
 tests/auth_tests/test_views.py                     |  10 +-
 tests/backends/tests.py                            |   5 +
 tests/check_framework/test_security.py             |   6 +-
 tests/contenttypes_tests/test_models.py            |  14 ++-
 tests/expressions_case/tests.py                    |   2 +-
 tests/forms_tests/tests/test_fields.py             |   3 +
 tests/forms_tests/tests/test_forms.py              |  16 ++-
 tests/forms_tests/tests/tests.py                   |   2 +-
 tests/httpwrappers/tests.py                        |   2 +-
 tests/i18n/commands/__init__.py                    |   2 +-
 tests/i18n/tests.py                                |   8 ++
 tests/invalid_models_tests/test_models.py          |   2 +-
 tests/invalid_models_tests/test_relative_fields.py |  36 +++++--
 tests/m2m_through/tests.py                         |   8 +-
 tests/middleware/tests.py                          |   4 +-
 tests/migrations/test_writer.py                    |   8 +-
 tests/model_fields/models.py                       |   8 +-
 tests/model_options/test_default_related_name.py   |   2 +-
 tests/modeladmin/tests.py                          |   2 +-
 tests/null_fk_ordering/models.py                   |   4 +-
 tests/postgres_tests/test_array.py                 |   8 +-
 tests/postgres_tests/test_hstore.py                |   9 +-
 tests/postgres_tests/test_ranges.py                |  11 ++
 tests/proxy_models/tests.py                        |   2 +-
 tests/queries/models.py                            |   2 +-
 tests/queries/tests.py                             |   6 +-
 tests/queryset_pickle/tests.py                     |   2 +-
 tests/requests/tests.py                            |  14 +--
 tests/serializers_regress/tests.py                 |   2 +-
 tests/signals/tests.py                             |   2 +-
 tests/staticfiles_tests/test_liveserver.py         |   2 +-
 tests/template_tests/test_response.py              |   4 +-
 tests/template_tests/test_response_deprecations.py |  42 ++++++++
 tests/test_runner/test_discover_runner.py          |   6 +-
 tests/timezones/tests.py                           |   2 +-
 tests/unmanaged_models/models.py                   |   2 +-
 tests/utils_tests/files/strip_tags2.txt            |   2 +-
 tests/utils_tests/test_http.py                     |  28 ++++-
 tests/validators/invalid_urls.txt                  |   4 +-
 tests/validators/valid_urls.txt                    |   4 +
 101 files changed, 746 insertions(+), 244 deletions(-)

diff --cc debian/.git-dpm
index b21db02,0000000..50fe46f
mode 100644,000000..100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@@ -1,11 -1,0 +1,11 @@@
 +# see git-dpm(1) from git-dpm package
- 0b90dc60e48ae6176a297f6fd635b331d60951f7
- 0b90dc60e48ae6176a297f6fd635b331d60951f7
- 005755b3e573831af927ce66797168fa370332db
++95072b1f95039279050cd15f8bdbd607312df4a2
++95072b1f95039279050cd15f8bdbd607312df4a2
++8fea21d6d20c57d58d53c0df77531bb93883bfee
 +8fea21d6d20c57d58d53c0df77531bb93883bfee
 +python-django_1.8.11.orig.tar.gz
 +6d329aaacb8077d7f59eb796ec7edef6d5336888
 +7292193
 +debianTag="debian/%e%v"
 +patchedTag="debian/patches/%e%v"
 +upstreamTag="upstream/%e%u"
diff --cc debian/changelog
index c681e49,0000000..43c39cc
mode 100644,000000..100644
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,1167 -1,0 +1,1174 @@@
++python-django (1.8.11-1~bpo8+1) jessie-backports; urgency=medium
++
++  * New upstream release of Django 1.8.x (LTS version) fixing
++    security issues CVE-2016-2513 and CVE-2016-2512.
++
++ -- Raphaël Hertzog <hertzog at debian.org>  Tue, 08 Mar 2016 17:51:47 +0100
++
 +python-django (1.8.9-1~bpo8+1) jessie-backports; urgency=medium
 +
 +  * New upstream release of Django 1.8.x (LTS version).
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 02 Feb 2016 09:52:08 +0100
 +
 +python-django (1.8.8-1~bpo8+1) jessie-backports; urgency=medium
 +
 +  * New upstream release of Django 1.8.x (LTS version).
 +  * Add some DEP-8 tests testing "django-admin" and running the test suite
 +    against the installed package. In both cases, we do it with python2 and
 +    python3.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 05 Jan 2016 10:57:29 +0100
 +
 +python-django (1.8.7-2~bpo8+1) jessie-backports; urgency=medium
 +
 +  * Rebuild for jessie-backports. Django 1.8 is an LTS version that I'd like
 +    to maintain in jessie-backports (even though Django 1.9 is on its way to
 +    testing).
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 09 Dec 2015 22:18:48 +0100
 +
 +python-django (1.8.7-2) unstable; urgency=high
 +
 +  * Rely on C.UTF-8 to run the tests instead of building our locale ourselves.
 +  * Add debian/patches/fix-25761-add-traceback-attribute.patch:
 +    new patch to ensure exceptions registered in __cause__ attributes
 +    have a __traceback__ attribute. Closes: #802677
 +  * Extend lintian overrides to cover more false positives of
 +    source-is-missing.
 +  * Cleanup debian/copyright for dropped/renamed files.
 +  * Run tests for all supported Python versions.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 25 Nov 2015 16:16:10 +0100
 +
 +python-django (1.8.7-1) unstable; urgency=high
 +
 +  * New upstream security release:
 +    https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
 +    It fixes:
 +    - CVE-2015-8213: settings leak possibility in date template filter
 +
 + -- Luke Faraone <lfaraone at debian.org>  Wed, 25 Nov 2015 04:24:27 +0000
 +
 +python-django (1.8.6-1) unstable; urgency=medium
 +
 +  * New upstream bugfix release.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Sun, 15 Nov 2015 18:29:11 +0100
 +
 +python-django (1.8.5-2) unstable; urgency=medium
 +
 +  * Upload to unstable.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 02 Nov 2015 15:56:10 +0100
 +
 +python-django (1.8.5-1) experimental; urgency=medium
 +
 +  * New upstream bugfix release:
 +    https://www.djangoproject.com/weblog/2015/oct/03/bugfix-release-issued/
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 13 Oct 2015 11:37:24 +0200
 +
 +python-django (1.8.4-1) experimental; urgency=medium
 +
 +  * New upstream security release:
 +    https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
 +    It fixes:
 +    - CVE-2015-5964: possible denial-of-service in logout() view
 +  * Update debian/copyright to copyright-format 1.0.
 +
 + -- Luke Faraone <lfaraone at debian.org>  Wed, 19 Aug 2015 03:55:47 +0000
 +
 +python-django (1.8.3-1) experimental; urgency=medium
 +
 +  * New upstream security release:
 +    https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
 +    It fixes:
 +    - CVE-2015-5143: possible denial-of-service by filling session store
 +    - CVE-2015-5144: possible header injection since validators accept
 +      newlines in input
 +    - CVE-2015-5145: possible denial-of-service in URL validation
 +  * Drop fix-assertRaisesMessage.patch and
 +    fix-test-extended-length-storage.patch which have been merged upstream.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Thu, 09 Jul 2015 01:53:02 +0200
 +
 +python-django (1.8.2-1) experimental; urgency=medium
 +
 +  * New upstream security release:
 +    https://www.djangoproject.com/weblog/2015/may/20/security-release/
 +  * Install bash completion file into /usr/share/bash-completion/completions/
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Thu, 21 May 2015 15:59:36 +0200
 +
 +python-django (1.8.1-1) experimental; urgency=medium
 +
 +  * New major upstream release:
 +    https://docs.djangoproject.com/en/1.8/releases/1.8/
 +    https://docs.djangoproject.com/en/1.8/releases/1.8.1/
 +  * Refresh all patches.
 +  * Drop 03_manpage.diff, merged upstream.
 +  * Clean up rules since we can use the pristine docs directory, now
 +    that they refer to django-admin and not django-admin.py
 +  * Add jinja2 and mock as build dependencies required by the test
 +    suite.
 +  * Add fix-assertRaisesMessage.patch to make the package build with
 +    python 2.7.10~rc1 which is affected by
 +    https://bugs.python.org/issue24134
 +  * Add fix-test-extended-length-storage.patch to make the package build
 +    even when AUFS is in use (and when the max length of a filename is
 +    shorter than usual).
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 20 May 2015 09:54:47 +0200
 +
 +python-django (1.7.10-1) unstable; urgency=medium
 +
 +  * Fix Python 3.5 HTMLParseError issue. Closes: #800137.
 +  * New upstream version. Fixes CVE-2015-5963, CVE-2015-5964. Closes: #796104.
 +  * Add numpy 1.9 support. Closes: #801554.
 +
 + -- Brian May <bam at debian.org>  Mon, 12 Oct 2015 12:59:43 +1100
 +
 +python-django (1.7.9-1) unstable; urgency=medium
 +
 +  * New upstream security release:
 +    https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
 +    It fixes:
 +    - CVE-2015-5143: possible denial-of-service by filling session store
 +    - CVE-2015-5144: possible header injection since validators accept
 +      newlines in input
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Thu, 09 Jul 2015 01:33:31 +0200
 +
 +python-django (1.7.7-1) unstable; urgency=high
 +
 +  * New upstream security and bugfix release:
 +    https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
 +    It fixes:
 +    - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs
 +      Closes: #780873
 +    - CVE-2015-2316: Denial-of-service possibility with strip_tags()
 +      Closes: #780874
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 23 Mar 2015 20:41:13 +0100
 +
 +python-django (1.7.6-1) unstable; urgency=high
 +
 +  * New upstream security release:
 +    https://www.djangoproject.com/weblog/2015/mar/09/security-releases/
 +  * Fixes CVE-2015-2241: XSS attack via properties in
 +    ModelAdmin.readonly_fields
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 09 Mar 2015 21:40:34 +0100
 +
 +python-django (1.7.5-1) unstable; urgency=medium
 +
 +  [ Chris Lamb ]
 +  * Remove myself from Uploaders.
 +
 +  [ Raphaël Hertzog ]
 +  * New upstream bugfix release:
 +    https://docs.djangoproject.com/en/1.7/releases/1.7.5/
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Fri, 06 Mar 2015 21:13:54 +0100
 +
 +python-django (1.7.4-1) unstable; urgency=medium
 +
 +  * Release to unstable and hopefully to Jessie too.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 09 Feb 2015 10:39:15 +0100
 +
 +python-django (1.7.4-1~exp1) experimental; urgency=medium
 +
 +  * New upstream bugfix release.
 +  * Drop fix-24193-python34-test-failure.diff, merged upstream.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 28 Jan 2015 09:38:24 +0100
 +
 +python-django (1.7.3-1~exp1) experimental; urgency=high
 +
 +  [ Luke Faraone ]
 +  * New upstream security release.
 +    - WSGI header spoofing via underscore/dash conflation (CVE-2015-0219)
 +    - Possible XSS attack via user-supplied redirect URLs (CVE-2015-0220)
 +    - DoS attack against django.views.static.serve (CVE-2015-0221)
 +    - Database DoS with ModelMultipleChoiceField (CVE-2015-0222)
 +    Closes: #775375
 +
 +  [ Raphaël Hertzog ]
 +  * Add patch fix-24193-python34-test-failure.diff to fix a test failure with
 +    Python3.4.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 21 Jan 2015 09:56:19 +0100
 +
 +python-django (1.7.2-1) experimental; urgency=medium
 +
 +  [ Raphaël Hertzog ]
 +  * Add geoip-database-extra as an alternative to geoip-database-contrib.
 +
 +  [ Brian May ]
 +  * New upstream version.
 +
 + -- Brian May <bam at debian.org>  Mon, 05 Jan 2015 13:57:16 +1100
 +
 +python-django (1.7.1-1) unstable; urgency=medium
 +
 +  [ Raphaël Hertzog ]
 +  * New upstream bugfix release.
 +  * Drop 01_fix_test_loaddata_not_existant_fixture_file.patch, merged
 +    upstream.
 +  * Update Standards-Version to 3.9.6.
 +  * Add lintian overrides for package-contains-timestamped-gzip (false
 +    positive).
 +
 +  [ Brian May ]
 +  * Fix django-admin wrapper to not even consider using python 2.6 as
 +    that version is unsupported with Django 1.7.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 27 Oct 2014 16:37:41 +0100
 +
 +python-django (1.7-3) unstable; urgency=medium
 +
 +  * Add 01_fix_test_loaddata_not_existant_fixture_file.patch
 +    to fix FTBFS with Python 3.4.2. Closes: #765117
 +  * Improve migrate-south script to look for Python files in the current dir.
 +    ./manage.py implicitely has the current directory but when we use
 +    django-admin it's not the case. Thanks to Uwe Kleine-Koenig for the
 +    report.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 15 Oct 2014 10:45:27 +0200
 +
 +python-django (1.7-2) unstable; urgency=medium
 +
 +  * Release to unstable.
 +  * Add a migrate-south sample script to help users apply their South
 +    migrations. Thanks to Brian May.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 17 Sep 2014 14:15:11 +0200
 +
 +python-django (1.7-1) experimental; urgency=medium
 +
 +  * New major upstream release.
 +  * Add a NEWS file to document the incompatibility with South.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 08 Sep 2014 10:19:12 +0200
 +
 +python-django (1.7~c3-1) experimental; urgency=medium
 +
 +  * New upstream release candidate with security fixes:
 +    https://www.djangoproject.com/weblog/2014/aug/20/security/
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Fri, 22 Aug 2014 22:50:32 +0200
 +
 +python-django (1.7~c2-2) experimental; urgency=medium
 +
 +  * Merge changes from 1.6.5-4:
 +    * Don't output stuff to stdout in django-admin. Closes: #757145
 +    * Update Vcs-* fields since the packaging repository moved to git.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Fri, 08 Aug 2014 14:26:47 +0200
 +
 +python-django (1.7~c2-1) experimental; urgency=medium
 +
 +  * New upstream release candidate.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 30 Jul 2014 20:47:10 +0200
 +
 +python-django (1.7~c1+20140722-2) experimental; urgency=medium
 +
 +  * Move django-admin manual page in python-django-common. Bump version
 +    constraint in Breaks/Replaces accordingly.
 +  * Drop conflicting django-admin in python-django and python3-django that
 +    were not removed as usual because upstream stopped installing them as
 +    django-admin.py.
 +  * Drop extra license files.
 +  * Fix shebang lines in python3-django.
 +  * Drop empty left-over /usr/bin directories in python-django/python3-django.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 22 Jul 2014 23:29:30 +0200
 +
 +python-django (1.7~c1+20140722-1) experimental; urgency=medium
 +
 +  * New upstream release candidate. We want this version in jessie so we
 +    should prepare now.
 +  * Snapshot tarball generated with "python setup.py sdist" after having
 +    applied fix submitted in https://code.djangoproject.com/ticket/23072
 +  * Added python-sqlparse, python-tz to Recommends
 +  * Added other optional dependencies (python-memcache, python-pil,
 +    python-bcrypt) to Suggests
 +  * Add all those dependencies in Build-Depends for the benefit of the
 +    test suite.
 +  * Run the test suite for python2 and python3.
 +  * Differentiate descriptions of python2 and python3 packages. 
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 21 Jul 2014 21:57:07 +0200
 +
 +python-django (1.6.6-1) unstable; urgency=high
 +
 +  * New upstream security release.
 +    - reverse() can generate URLs pointing to other hosts (CVE-2014-0480)
 +    - file upload denial of service (CVE-2014-0481)
 +    - RemoteUserMiddleware session hijacking (CVE-2014-0482)
 +    - data leakage via querystring manipulation in admin (CVE-2014-0483)
 +
 +  [ Brian May ]
 +  * Don't output stuff to stdout in django-admin. Closes: #757145
 +
 +  [ Raphaël Hertzog ]
 +  * Update Vcs-* fields since the packaging repository moved to git.
 +
 + -- Luke Faraone <lfaraone at debian.org>  Wed, 20 Aug 2014 19:30:21 -0700
 +
 +python-django (1.6.5-3) unstable; urgency=low
 +
 +  * Replace django-admin with script that can be run as python and shell.
 +
 +    This means we can autodetect which python version to use when run as
 +    shell, while maintaining compatability with processes that try to run it
 +    with a specific python version.
 +
 +    e.g. See bugs #755341 and #755321.
 +
 + -- Brian May <bam at debian.org>  Mon, 21 Jul 2014 10:18:39 +1000
 +
 +python-django (1.6.5-2) unstable; urgency=low
 +
 +  * python3-django package. Closes: #736878.
 +
 + -- Brian May <bam at debian.org>  Tue, 24 Jun 2014 10:51:47 +1000
 +
 +python-django (1.6.5-1) unstable; urgency=high
 +
 +  * New upstream security release.
 +   - Caches may be allowed to store and serve private data (CVE-2014-1418)
 +   - Malformed URLs from user input incorrectly validated
 +  * Drop partial_functions_reverse.patch (merged upstream).
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 14 May 2014 22:49:59 +0200
 +
 +python-django (1.6.3-2) unstable; urgency=high
 +
 +  * Fix regression of reverse() and partial views. (LP: #1311433)
 +    Thanks Preston Timmons.
 +
 + -- Luke Faraone <lfaraone at debian.org>  Tue, 22 Apr 2014 20:44:18 -0700
 +
 +python-django (1.6.3-1) unstable; urgency=high
 +
 +  * New upstream security release.
 +    - Unexpected code execution using ``reverse()``
 +    - CVE-2014-0472
 +    - Caching of anonymous pages could reveal CSRF token
 +    - CVE-2014-0473
 +    - MySQL typecasting could result in unexpected matches
 +    - CVE-2014-0474
 +  * Drop patches 07_translation_encoding_fix and ticket21869.diff; merged
 +    upstream
 +
 + -- Luke Faraone <lfaraone at debian.org>  Mon, 21 Apr 2014 16:47:14 -0700
 +
 +python-django (1.6.1-2) unstable; urgency=medium
 +
 +  * Team upload.
 +  * d/patches/ticket21869.diff: Cherry pick upstream fix for building 
 +    documentation against Sphinx 1.2.1.
 +
 + -- Barry Warsaw <barry at debian.org>  Wed, 29 Jan 2014 18:37:51 +0000
 +
 +python-django (1.6.1-1) unstable; urgency=medium
 +
 +  * New upstream version.
 +  * Fix broken encoding in translations attribution. (Closes: #729194)
 +
 + -- Luke Faraone <lfaraone at debian.org>  Thu, 12 Dec 2013 15:46:01 -0500
 +
 +python-django (1.6-1) unstable; urgency=low
 +
 +  * New upstream version. Closes: #557474, #724637.
 +  * python-django now also suggests the installation of ipython,
 +    bpython, python-django-doc, and libgdal1.
 +    Closes: #636511, #686333, #704203
 +  * Set package maintainer to Debian Python Modules Team.
 +  * Bump standards version to 3.9.5, no changes needed.
 +
 + -- Luke Faraone <lfaraone at debian.org>  Thu, 07 Nov 2013 15:33:49 -0500
 +
 +python-django (1.5.4-1) unstable; urgency=high
 +
 +  * New upstream security release. Fixes CVE-2013-1443. Closes: #723043.
 +    https://www.djangoproject.com/weblog/2013/sep/15/security/
 +    - Denial-of-service via large passwords. CVE-2013-1443
 +
 + -- Luke Faraone <lfaraone at debian.org>  Sun, 15 Sep 2013 15:50:10 -0400
 +
 +python-django (1.5.3-1) unstable; urgency=high
 +
 +  * New upstream security release. Fixes CVE-2013-4315. Closes: #722605
 +    https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/
 +    - Directory traversal with ssi template tag
 +  * Update doc-base file to drop some removed directory in the HTML doc.
 +  * Update Standards-Version to 3.9.4.
 +  * Bump debhelper compat level to 9.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Fri, 13 Sep 2013 00:05:19 +0200
 +
 +python-django (1.5.2-1) unstable; urgency=high
 +
 +  * New upstream security release.
 +    https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/
 +    - Cross-site scripting (XSS) in admin interface
 +    - Possible XSS via is_safe_url
 +
 + -- Luke Faraone <lfaraone at debian.org>  Tue, 13 Aug 2013 16:49:39 -0400
 +
 +python-django (1.5.1-2) unstable; urgency=low
 +
 +  [ Jakub Wilk ]
 +  * Use canonical URIs for Vcs-* fields.
 +
 +  [ Luke Faraone ]
 +  * Upload to unstable.
 +
 + -- Luke Faraone <lfaraone at debian.org>  Thu, 09 May 2013 15:10:47 -0400
 +
 +python-django (1.5.1-1) experimental; urgency=low
 +
 +  * New upstream release.
 +  * Add self to uploaders field.
 +
 + -- Luke Faraone <lfaraone at debian.org>  Thu, 28 Mar 2013 17:17:10 -0400
 +
 +python-django (1.5-1) experimental; urgency=low
 +
 +  * New upstream release. Closes: #646634, #663230, #436983
 +
 + -- Luke Faraone <lfaraone at debian.org>  Fri, 22 Mar 2013 17:52:30 -0400
 +
 +python-django (1.4.5-1) unstable; urgency=high
 +
 +  * New upstream maintenance release dropping some undesired .pyc files
 +    and fixing a documentation link.
 +  * High urgency due to former security updates.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Sun, 24 Feb 2013 10:28:08 +0100
 +
 +python-django (1.4.4-1) unstable; urgency=low
 +
 +  * New upstream security and maintenance release. Closes: #701186 
 +    https://www.djangoproject.com/weblog/2013/feb/19/security/
 +    Fixes mulptiple security issues:
 +    - Further fixes for Host header poisoning. CVE-2012-4520
 +    - XML attacks via entity expansion. CVE-2013-1665
 +    - Data leakage via admin history log. CVE-2013-0305
 +    - Formset denial-of-service. CVE-2013-0306
 +  * Add gettext to Suggests since it's required for django-admin
 +    compilemessages / makemessages. Closes: #700483
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Sat, 23 Feb 2013 09:33:13 +0100
 +
 +python-django (1.4.3-1) unstable; urgency=high
 +
 +  * New upstream security and maintenance release. Closes: #696535
 +    https://www.djangoproject.com/weblog/2012/dec/10/security/
 +  * Drop debian/patches/01_fix-self-tests.diff, merged upstream.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 26 Dec 2012 15:49:32 +0100
 +
 +python-django (1.4.2-2) unstable; urgency=low
 +
 +  * Don't fail self-tests if MANAGERS or ADMINS is defined in settings.py.
 +    Add upstream patch debian/patches/01_fix-self-tests.diff.
 +    Thanks to Jamie Strandboge <jamie at ubuntu.com> for the report.
 +    Closes: #693752 LP: #1080204
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 20 Nov 2012 08:28:37 +0100
 +
 +python-django (1.4.2-1) unstable; urgency=high
 +
 +  * New upstream security and maintenance release. Closes: #691145
 +    Fixes: CVE-2012-4520
 +  * Drop 01_use_stdlib_htmlparser_when_possible.diff which has been
 +    merged upstream.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 22 Oct 2012 10:53:30 +0200
 +
 +python-django (1.4.1-2) unstable; urgency=low
 +
 +  * New patch 01_use_stdlib_htmlparser_when_possible.diff to not override
 +    Python stdlib's HTMLParser with Python versions which are unaffected by
 +    http://bugs.python.org/issue670664 Closes: #683648
 +    Thanks to David Watson <david at planetwatson.co.uk> for the patch.
 +  * Update the above patch to use the version committed upstream (commit
 +    57d9ccc).
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 21 Aug 2012 08:42:10 +0200
 +
 +python-django (1.4.1-1) unstable; urgency=low
 +
 +  * New upstream security and maintenance release. Closes: #683364
 +    Fixes: CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
 +  * Drop 01_disable_broken_test.diff and 04_hyphen-manpage.diff which
 +    have been merged upstream.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Thu, 02 Aug 2012 10:44:02 +0200
 +
 +python-django (1.4-1) unstable; urgency=low
 +
 +  * New upstream release. Closes: #666003
 +  * Fix watch file to correctly extract the version number from the URL.
 +  * Updated Standards-Version to 3.9.3 (no change needed).
 +  * Drop 01_disable_url_verify_regression_tests.diff since upstream test
 +    suite has been modified to work even without internet connection.
 +  * Update 04_hyphen-manpage.diff to apply again.
 +  * Drop 05_fix_djangodocs_sphinx_ext.diff which has been merged
 +    upstream.
 +  * Update 06_use_debian_geoip_database_as_default.diff to apply on
 +    renamed file.
 +  * Drop 07_fix_for_sphinx1.1.2.diff merged upstream.
 +  * Drop 08_fix_test_week_view_allow_future.diff, merged upstream.
 +  * Add 01_disable_broken_test.diff to disable a test that fails with
 +    the current python 2.7 version in Debian.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Sat, 31 Mar 2012 14:48:00 +0200
 +
 +python-django (1.3.1-4) unstable; urgency=medium
 +
 +  * Add 08_fix_test_week_view_allow_future.diff to fix a regression test that
 +    only worked in 2011. Closes: #655666
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Tue, 17 Jan 2012 08:55:58 +0100
 +
 +python-django (1.3.1-3) unstable; urgency=low
 +
 +  * Add 06_use_debian_geoip_database_as_default.diff to use the default
 +    location of the GeoIP database used by the Debian package
 +    geoip-database-contrib. Closes: #645094
 +    Add this package to suggests. Thanks to Tapio Rantala
 +    <tapio.rantala at iki.fi> for the patch.
 +  * Bump build-dep on python-sphinx to 1.0.8 to ensure we have a version
 +    where #641710 is fixed. Closes: #647134
 +  * Add 07_fix_for_sphinx1.1.2.diff to fix build with Sphinx 1.1.2. Thanks to
 +    Jakub Wilk for the advance warning. Closes: #649624
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Mon, 28 Nov 2011 09:03:13 +0100
 +
 +python-django (1.3.1-2) unstable; urgency=low
 +
 +  * Update Build-Depends on locales to included a version requirement
 +    so that locales-all cannot satisfy it with its Provides: locales.
 +    Thanks to Jakub Wilk for the suggestion.
 +  * Enable 02_disable-sources-in-sphinxdoc.diff since #641710 has been
 +    fixed.
 +  * Add 05_fix_djangodocs_sphinx_ext.diff to support Sphinx 1.0.8.
 +    Closes: #643758
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Wed, 12 Oct 2011 08:45:26 +0200
 +
 +python-django (1.3.1-1) unstable; urgency=low
 +
 +  * New upstream release. It includes security updates described here:
 +    https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
 +    Closes: #641405
 +  * Update 01_disable_url_verify_regression_tests.diff and merge
 +    07_disable_url_verify_model_tests.diff into it.
 +  * Update patch headers to conform to DEP-3.
 +  * Apply patch from Steve Langasek to dynamically build the UTF-8
 +    locale required by the test-suite instead of build-depending on
 +    locales-all. Closes: #630421
 +  * Use "dh --with sphinxdoc" to clean up the Sphinx generated documentation
 +    and avoid the embedded-javascript-library lintian warning. Build-Depends
 +    on python-sphinx >= 1.0.7+dfsg-1 for this and also add
 +    ${sphinxdoc:Depends} to python-django-doc Depends field.
 +  * Cleanup build-dependencies now that even oldstable has python 2.5.
 +  * Switch to dh_python2 as python helper tool. Drop legacy files
 +    debian/pyversions and debian/pycompat.
 +  * New patch 02_disable-sources-in-sphinxdoc.diff to not generate
 +    the _sources directory that we used to remove manually within the rules
 +    file. But must be kept disabled until #641710 is fixed.
 +  * Properly support DEB_BUILD_OPTIONS=nocheck despite the override
 +    of dh_auto_test.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Thu, 15 Sep 2011 12:43:51 +0200
 +
 +python-django (1.3-2) unstable; urgency=low
 +
 +  * Team upload.
 +
 +  [ Chris Lamb ]
 +  * Don't remove "backup~" test file - upstream did ship it; we were just
 +    removing it with dh_clean.
 +
 +  [ Piotr Ożarowski ]
 +  * Fix builds with non-default Python versions installed
 +  * Bump Standards-Version to 3.9.2 (no changes needed)
 +
 + -- Piotr Ożarowski <piotr at debian.org>  Mon, 02 May 2011 22:23:37 +0200
 +
 +python-django (1.3-1) unstable; urgency=low
 +
 +  * New upstream release.
 +    - Update 01_disable_url_verify_regression_tests.diff.
 +    - Update 07_disable_url_verify_model_tests.diff.
 +    - Merge patch from Krzysztof Klimonda to disable more network access tests.
 +      (Closes: #598674)
 +  * Add workaround for missing "backup~" file in release tarball. See
 +    <http://code.djangoproject.com/ticket/15677>.
 +
 + -- Chris Lamb <lamby at debian.org>  Thu, 24 Mar 2011 15:04:53 +0000
 +
 +python-django (1.2.5-1) unstable; urgency=low
 +
 +  * New upstream release.
 +  * Do not compress objects.inv used by Sphinx generated documentation.
 +    Thanks to Michael Fladischer for the report. Closes: #608769 
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Sat, 12 Feb 2011 08:59:33 +0100
 +
 +python-django (1.2.4-1) unstable; urgency=high
 +
 +  * New bugfix-only upstream release. It includes security fixes.
 +    http://www.djangoproject.com/weblog/2010/dec/22/security/
 +  * Drop patches merged upstream:
 +    - debian/patches/05_fix_regression_tests.diff
 +    - debian/patches/06_fix_regression_tests.diff
 +  * Update 01_disable_url_verify_regression_tests.diff to cope with the
 +    updated regressions tests.
 +  * Update 03_manpage.diff and 04_hyphen-manpage.diff to cope with changes in
 +    the manual page.
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Fri, 31 Dec 2010 11:40:28 +0100
 +
 +python-django (1.2.3-2) unstable; urgency=low
 +
 +  * Team upload.
 +  * Disable model tests that require an internet connection.
 +    Closes: #601070
 +  * Include python.mk conditionally as explained in its header.
 +    Helps backports to Lenny which has no python.mk.
 +    Closes: #601608
 +
 + -- Evgeni Golov <evgeni at debian.org>  Thu, 28 Oct 2010 12:37:15 +0200
 +
 +python-django (1.2.3-1) unstable; urgency=low
 +
 +  [ Krzysztof Klimonda ]
 +  * New upstream release. Closes: #596893 LP: #636482
 +  * Fixes both a XSS vulnerability introduced in 1.2 series and
 +    the regressions caused by 1.2.2 release. Closes: #596205
 +  * debian/control:
 +    - depend on language packs for en_US.utf8 locales required for unit tests.
 +  * debian/rules:
 +    - re-enable build time tests.
 +    - set LC_ALL to en_US.utf8 for test suite.
 +  * debian/patches/series:
 +    - two new patches: 05_fix_regression_tests.diff and
 +      06_fix_regression_tests.diff backported from 1.2.x branch to fix
 +      test suite failures.
 +
 +  [ Raphaël Hertzog ]
 +  * Update Standards-Version to 3.9.1.
 +  * Drop "--with quilt" and quilt build-dependency since the package is
 +    already using source format "3.0 (quilt)".
 +
 + -- Raphaël Hertzog <hertzog at debian.org>  Sat, 18 Sep 2010 19:37:03 +0200
 +
 +python-django (1.2.1-1) unstable; urgency=low
 +
 +  * New upstream bugfix release.
 +
 + -- Chris Lamb <lamby at debian.org>  Mon, 24 May 2010 22:44:32 +0100
 +
 +python-django (1.2-1) unstable; urgency=low
 +
 +  * New upstream stable release.
 +
 + -- Chris Lamb <lamby at debian.org>  Fri, 21 May 2010 07:52:55 +0100
 +
 +python-django (1.2~rc1-1) experimental; urgency=low
 +
 +  * New upstream release candidate.
 +  * Remove "02-embedded_code_copies.diff" - not needed anymore.
 +  * Refresh "01_disable_url_verify_regression_tests.diff".
 +  * Refresh "04_hyphen-manpage.diff".
 +  * Temporarily disable test runner due to failing date-related tests.
 +
 + -- Chris Lamb <lamby at debian.org>  Thu, 06 May 2010 10:25:10 +0100
 +
 +python-django (1.2~beta1-1) experimental; urgency=low
 +
 +  * New upstream development release.
 +  * Switch to dpkg-source 3.0 (quilt) format
 +  * Bump Standards-Version to 3.8.4.
 +  * Remove "0.96 -> 1.x" NEWS entry.
 +  * jQuery added to admin system upstream:
 +    - Add libjs-jquery to python-django's Recommends
 +    - Use symlinks so we use the version from libjs-query over an embedded code
 +      copy.
 +
 + -- Chris Lamb <lamby at debian.org>  Tue, 09 Feb 2010 13:47:34 +0000
 +
 +python-django (1.2~alpha1-1) experimental; urgency=low
 +
 +  * New upstream development release:
 +
 +     This is the first in a series of preview/development releases leading up
 +     to the eventual release of Django 1.2, currently scheduled to take place
 +     in March 2010. 
 +
 +     <http://docs.djangoproject.com/en/dev//releases/1.2-alpha-1/>
 +
 +  * Update "01_disable_url_verify_regression_tests.diff" - tests now use the
 +    unittest module instead of doctests.
 +  * Update "02-embedded_code_copies.diff".
 +  * Remove "05_ftbfs_in_november.diff" - applied upstream.
 +  * Remove "06_python_2.6.3_regression.diff" - applied upstream.
 +  * Update dh_auto_test - database engine is set differently in 1.2.
 +  * Remove useless ._DS_Store files.
 +
 + -- Chris Lamb <lamby at debian.org>  Wed, 06 Jan 2010 14:34:37 +0000
 +
 +python-django (1.1.1-2) unstable; urgency=low
 +
 +  * Remove embedded "decimal" code copy and use system version instead. The
 +    "doctest" code copy cannot be removed as parts of Django depend on modified
 +    behaviour. (Closes: #555419)
 +  * Fix FTBFS in November by applying patch from upstream bug #12125.
 +    (Closes: #555931)
 +  * Fix FTBFS under Python 2.6.3 by applying patch from upstream bug #11993.
 +    (Closes: #555969)
 +
 + -- Chris Lamb <lamby at debian.org>  Tue, 01 Dec 2009 23:46:22 +0000
 +
 +python-django (1.1.1-1) unstable; urgency=high
 +
 +  * New upstream security release - fixes pathological regular expression
 +    backtracking performance in URL and email fields which can be used as part
 +    of a denial of service attack.
 +  * Set Maintainer: to myself with thanks to Brett Parker.
 +  * Bump versioned build dependency on quilt to help backporters.
 +    (Closes: #547955)
 +
 + -- Chris Lamb <lamby at debian.org>  Sat, 10 Oct 2009 10:17:52 +0100
 +
 +python-django (1.1-4) unstable; urgency=low
 +
 +  * Sourceful upload to drop dependency on Python 2.4.
 +
 + -- Chris Lamb <lamby at debian.org>  Mon, 24 Aug 2009 08:16:11 +0100
 +
 +python-django (1.1-3) unstable; urgency=low
 +
 +  * Disable regression tests that require an internet connection. Patch by
 +    Krzysztof Klimonda <kklimonda at syntaxhighlighted.com>. (Closes: #542996)
 +  * Bump Standards-Version to 3.8.3.
 +
 + -- Chris Lamb <lamby at debian.org>  Sun, 23 Aug 2009 18:13:18 +0100
 +
 +python-django (1.1-2) unstable; urgency=low
 +
 +  * Run testsuite on build.
 +  * Use "--with quilt" over specifying $(QUILT_STAMPFN)/unpatch dependencies.
 +  * Override clean target correctly.
 +
 + -- Chris Lamb <lamby at debian.org>  Fri, 14 Aug 2009 08:06:29 +0100
 +
 +python-django (1.1-1) unstable; urgency=low
 +
 +  * New upstream release.
 +  * Merge from experimental:
 +    - Ship FastCGI initscript and /etc/default file in python-django's examples
 +      directory (Closes: #538863)
 +    - Drop "05_10539-sphinx06-compatibility.diff"; it has been applied
 +      upstream.
 +    - Bump Standards-Version to 3.8.2.
 +
 + -- Chris Lamb <lamby at debian.org>  Wed, 29 Jul 2009 11:26:28 +0200
 +
 +python-django (1.0.2-7) unstable; urgency=low
 +
 +  * Fix compatibility with Python 2.6 and Python transitions in general.
 +    Thanks to Krzysztof Klimonda <kklimonda at syntaxhighlighted.com>.
 +
 + -- Chris Lamb <lamby at debian.org>  Sat, 16 May 2009 00:09:47 +0100
 +
 +python-django (1.0.2-6) unstable; urgency=low
 +
 +  * Backport patch from <http://code.djangoproject.com/ticket/10539> to fix
 +    FTBFS when using python-sphinx >= 0.6. (Closes: #527492)
 +
 + -- Chris Lamb <lamby at debian.org>  Sun, 10 May 2009 22:11:09 +0100
 +
 +python-django (1.0.2-5) unstable; urgency=low
 +
 +  * Fix issue where newly created projects do not have their manage.py file
 +    executable.
 +
 + -- Chris Lamb <lamby at debian.org>  Thu, 26 Mar 2009 23:42:14 +0000
 +
 +python-django (1.0.2-4) unstable; urgency=low
 +
 +  * Programatically replace most references to "django-admin.py" with
 +    "django-admin" in the generated documentation. (Closes: #519937)
 +  * Bump Standards-Version to 3.8.1; no changes.
 +
 + -- Chris Lamb <lamby at debian.org>  Tue, 24 Mar 2009 00:50:26 +0000
 +
 +python-django (1.0.2-3) unstable; urgency=low
 +
 +  * Split documentation into a separate python-django-doc package due to size
 +    (approximately 6Mb).
 +
 + -- Chris Lamb <lamby at debian.org>  Tue, 10 Mar 2009 21:13:57 +0000
 +
 +python-django (1.0.2-2) unstable; urgency=low
 +
 +  * Don't rely on the internal layout of python-support. (Closes: #517052)
 +  * Move to debhelper-based packaging for operational clarity:
 +    - Remove bashisms from binary-post-install.
 +    - Use quilt instead of simple-patchsys.mk and adjust existing patches so
 +      that we can apply with -p1 for the "quilt" source package type.
 +  * Adjust Build-Depends:
 +    - Bump debhelper requirement 7.0.50 for override_* feature.
 +    - Drop cdbs, python-dev and python-setuptools requirement.
 +    - Just Build-Depend on `python', not `python-dev'.
 +    - Drop versions on Build-Depends where they are satisfied in current
 +      oldstable (ie. etch).
 +  * debian/control:
 +    - Add python-sqlite to Suggests.
 +    - Remove repeated 'Priority' line in binary package stanza.
 +    - Update crufty long and short descriptions.
 +    - Add ${misc:Depends} in binary stanza for debhelper-using package.
 +
 + -- Chris Lamb <lamby at debian.org>  Sun, 08 Mar 2009 06:01:59 +0000
 +
 +python-django (1.0.2-1) unstable; urgency=low
 +
 +  [ Chris Lamb ]
 +  * New upstream bugfix release. Closes: #505783
 +  * Add myself to Uploaders with ACK from Brett.
 +
 +  [ David Spreen ]
 +  * Remove python-pysqlite2 from Recommends because Python 2.5 includes
 +    sqlite library used by Django. Closes: 497886
 +
 +  [ Sandro Tosi ]
 +  * debian/control
 +    - switch Vcs-Browser field to viewsvn
 +
 + -- Chris Lamb <lamby at debian.org>  Wed, 19 Nov 2008 21:31:00 +0000
 +
 +python-django (1.0-1) unstable; urgency=low
 +
 +  [ David Spreen ]
... 519 lines suppressed ...

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git



More information about the Python-modules-commits mailing list