[SECURITY] Fedora 28 Update: python2-django1.11-1.11.20-1.fc28

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-5ad2149e99 2019-03-20 21:17:00.935171 -------------------------------------------------------------------------------- Name : python2-django1.11 Product : Fedora 28 Version : 1.11.20 Release : 1.fc28 URL : http://www.djangoproject.com/ Summary : Version 1.11 LTS of Django, a high-level Python Web framework Description : This package provides Django in version 1.11 LTS, the last release to support Python 2. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. -------------------------------------------------------------------------------- Update Information: - CVE-2019-3498: Content spoofing possibility in the default 404 page - CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format() - Fixed a race condition in QuerySet.update_or_create() that could result in data loss - geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 18 2019 Petr Viktorin <pviktori(a)redhat.com&gt; - 1.11.20-1 - Update to the 1.11.20 security fix release - CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format() * Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.11.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Jan 8 2019 Petr Viktorin <pviktori(a)redhat.com&gt; - 1.11.18-1 - Update to the 1.11.18 security fix release - CVE-2019-3498: Content spoofing possibility in the default 404 page - geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class - Officially supports Python 3.7 * Thu Nov 8 2018 Petr Viktorin <pviktori(a)redhat.com&gt; - 1.11.16-2 - Switch locale from en_US.utf-8 to C.utf-8 for tests * Fri Aug 3 2018 Petr Viktorin <pviktori(a)redhat.com&gt; - 1.11.16-1 - Update to 1.11.16 release -- data loss bug fix Fixed a race condition in QuerySet.update_or_create() that could result in data loss - Remove optional test dependencies - Exclude templates from shebang mangling * Fri Aug 3 2018 Petr Viktorin <pviktori(a)redhat.com&gt; - 1.11.15-2 - Update to 1.11.15 security release (CVE-2018-14574) CVE-2018-14574: Open redirect possibility in CommonMiddleware https://docs.djangoproject.com/en/2.0/releases/1.11.15/ * Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 1.11.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jun 4 2018 Petr Viktorin <pviktori(a)redhat.com&gt; - 1.11.14-1 - update to 1.11.14, fixing a memory usage regression and a GIS bug https://docs.djangoproject.com/en/2.0/releases/1.11.14/ * Thu May 3 2018 Matthias Runge <mrunge(a)redhat.com&gt; - 1.11.13-1 - update to 1.11.13, fixing regressions and a crash -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-5ad2149e99' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------