--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-5ad2149e99
2019-03-20 21:17:00.935171
--------------------------------------------------------------------------------
Name : python2-django1.11
Product : Fedora 28
Version : 1.11.20
Release : 1.fc28
URL :
http://www.djangoproject.com/
Summary : Version 1.11 LTS of Django, a high-level Python Web framework
Description :
This package provides Django in version 1.11 LTS, the last release
to support Python 2.
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.
--------------------------------------------------------------------------------
Update Information:
- CVE-2019-3498: Content spoofing possibility in the default 404 page -
CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format() - Fixed a
race condition in QuerySet.update_or_create() that could result in data loss -
geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 18 2019 Petr Viktorin <pviktori(a)redhat.com> - 1.11.20-1
- Update to the 1.11.20 security fix release
- CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.18-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 8 2019 Petr Viktorin <pviktori(a)redhat.com> - 1.11.18-1
- Update to the 1.11.18 security fix release
- CVE-2019-3498: Content spoofing possibility in the default 404 page
- geo: Prevented repetitive calls to geos_version_tuple() in the WKBWriter class
- Officially supports Python 3.7
* Thu Nov 8 2018 Petr Viktorin <pviktori(a)redhat.com> - 1.11.16-2
- Switch locale from en_US.utf-8 to C.utf-8 for tests
* Fri Aug 3 2018 Petr Viktorin <pviktori(a)redhat.com> - 1.11.16-1
- Update to 1.11.16 release -- data loss bug fix
Fixed a race condition in QuerySet.update_or_create() that could result in data loss
- Remove optional test dependencies
- Exclude templates from shebang mangling
* Fri Aug 3 2018 Petr Viktorin <pviktori(a)redhat.com> - 1.11.15-2
- Update to 1.11.15 security release (CVE-2018-14574)
CVE-2018-14574: Open redirect possibility in CommonMiddleware
https://docs.djangoproject.com/en/2.0/releases/1.11.15/
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.14-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jun 4 2018 Petr Viktorin <pviktori(a)redhat.com> - 1.11.14-1
- update to 1.11.14, fixing a memory usage regression and a GIS bug
https://docs.djangoproject.com/en/2.0/releases/1.11.14/
* Thu May 3 2018 Matthias Runge <mrunge(a)redhat.com> - 1.11.13-1
- update to 1.11.13, fixing regressions and a crash
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-5ad2149e99' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------