master

分支 (56)

标签 (17)

管理

管理

master

openEuler-24.03-LTS-SP1

openEuler-24.03-LTS-SP2

openEuler-24.03-LTS-SP3

openEuler-24.03-LTS

openEuler-22.03-LTS-SP4

openEuler-22.03-LTS-SP3

openEuler-24.03-LTS-Next

openEuler-20.03-LTS-SP4

openEuler-25.09

openEuler-25.03

openEuler-22.03-LTS-SP1

Multi-Version_OpenStack-Antelope_openEuler-24.03-LTS-Next

Multi-Version_OpenStack-Antelope_openEuler-24.03-LTS-SP1

Multi-Version_OpenStack-Antelope_openEuler-24.03-LTS-SP2

Multi-Version_OpenStack-Antelope_openEuler-25.03

openEuler-24.09

Multi-Version_OpenStack-Antelope_openEuler-24.03-LTS

openEuler-22.03-LTS

openEuler-20.03-LTS-SP1

openEuler-24.03-LTS-SP2-release

openEuler-24.03-LTS-update-20250124

openEuler-24.03-LTS-SP1-release

openEuler-24.03-LTS-update-20241213

openEuler-22.03-LTS-SP4-release

openEuler-24.09-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round4

openEuler-20.03-LTS-SP3-release

python-django
/
python-django.spec

%global _empty_manifest_terminate_build 0
Name:		python-django
Version:	5.2.9
Release:	1
Summary:	A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
License:	CC-BY-4.0 and OFL-1.1 and MIT and Python-2.0 and BSD-3-Clause
URL:		https://www.djangoproject.com/
Source0:	https://files.pythonhosted.org/packages/source/d/django/django-%{version}.tar.gz

BuildArch:	noarch
%description
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.


%package -n python3-Django
Summary:	A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
Provides:	python-Django, python3-django
BuildRequires:	python3-devel
BuildRequires:	python3-setuptools
BuildRequires:	python3-pip
BuildRequires:	python3-wheel
BuildRequires:	pyproject-rpm-macros
Requires:	python3-pytz
Requires:	python3-sqlparse
Requires:	python3-argon2-cffi
Requires:	python3-bcrypt
Obsoletes:	%{name}-help < %{version}-%{release}
%description -n python3-Django
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.


%prep
%autosetup -n django-%{version} -p1

%build
%pyproject_wheel

%install
%pyproject3_install
%pyproject_save_files -l django

%files -n python3-Django -f %{pyproject_files}
%license LICENSE LICENSE.python
%doc README.rst CONTRIBUTING.rst
%{_bindir}/django-admin

%changelog
* Wed Dec 03 2025 yaoxin <1024769339@qq.com> - 5.2.9-1
- Update to 5.2.9 for fix CVE-2025-64460 and CVE-2025-13372

* Thu Nov 06 2025 yaoxin <1024769339@qq.com> - 5.2.8-1
- Update to 5.2.8 for fix CVE-2025-64458 and CVE-2025-64458

* Thu Oct 09 2025 yaoxin <1024769339@qq.com> - 5.2.7-1
- Update to 5.2.7 for fix CVE-2025-59681 and CVE-2025-59682

* Thu Sep 04 2025 yaoxin <1024769339@qq.com> - 5.2.5-2
- Fix CVE-2025-57833

* Wed Aug 20 2025 zhang_wenyu <zhang_wenyu@hoperun.com> - 5.2.5-1
- update python-django to 5.2.5
  * Fixed a regression in Django 5.2.1 that prevented the usage of ``UNNEST`` PostgreSQL strategy of ``QuerySet.bulk_create()`` with foreign keys
  * Fixed a crash in Django 5.2 when filtering against a composite primary key using a tuple containing expressions
  * Fixed a crash in Django 5.2 when validating a model that uses ``GeneratedField`` or constraints composed of ``Q`` and ``Case`` lookups
  * Added compatibility for ``docutils`` 0.22
  * Fixed a crash in Django 5.2 when using a ``ManyToManyField`` on a model with a composite primary key, by extending the ``fields.E347`` system check

* Tue Jun 10 2025  openeuler_bot <infra@openeuler.sh> - 5.2.3-1
- update python-django to 5.2.3


* Thu Jun 05 2025 yaoxin <1024769339@qq.com> - 5.2.2-1
- Update to 5.2.2 for fix CVE-2025-48432

* Fri May 09 2025 yaoxin <1024769339@qq.com> - 5.1.5-3
- Fix CVE-2025-32873

* Mon Mar 10 2025 changtao <changtao@kylinos.cn> - 5.1.5-2
- Type:CVE
- CVE:CVE-2025-26699
- SUG:NA
- DESC:fix CVE-2025-26699

* Fri Jan 17 2025 yaoxin <1024769339@qq.com> - 5.1.5-1
- Update to 5.1.5:
  * CVE-2024-56374: Potential denial-of-service vulnerability in IPv6 validation
  * Fixed a crash when applying migrations with references to the removed Meta.index_together option

* Mon Dec 09 2024 wangkai <13474090681@163.com> - 5.1-3
- Fix CVE-2024-53907 CVE-2024-53908

* Thu Oct 10 2024 zhangxianting <zhangxianting@uniontech.com> - 5.1-2
- Fix CVE-2024-45230 CVE-2024-45231

* Mon Aug 19 2024 lilu <lilu@kylinos.cn> - 5.1-1
- Update package to version 5.1:
  - Easier guardrails for authentication
  - A more inclusive framework
  - Provides the long awaited querystring template tag

* Thu Aug 08 2024 yaoxin <yao_xin001@hoperun.com> - 5.0.8-1
- Update to 5.0.8
  * CVE-2024-41989: Memory exhaustion in ``django.utils.numberformat.floatformat()``
  * CVE-2024-41990: Potential denial-of-service vulnerability in ``django.utils.html.urlize()``
  * CVE-2024-41991: Potential denial-of-service vulnerability in ``django.utils.html.urlize()`` and ``AdminURLFieldWidget``
  * CVE-2024-42005: Potential SQL injection in ``QuerySet.values()`` and ``values_list()``
  * Added missing validation for ``UniqueConstraint(nulls_distinct=False)`` when using ``*expressions``
  * Fixed a regression in Django 5.0 where ``ModelAdmin.action_checkbox`` could break the admin changelist
    HTML page when rendering a model instance with a ``__html__`` method
  * Fixed a crash when creating a model with a ``Field.db_default`` and a ``Meta.constraints`` constraint composed
    of ``__endswith``, ``__startswith``, or ``__contains`` lookups (:ticket:`35625`).
  * Fixed a regression in Django 5.0.7 that caused a crash in ``LocaleMiddleware`` when processing a language code over 500 characters

* Fri Jul 12 2024 yaoxin <yao_xin001@hoperun.com> - 5.0.7-1
- Update to 5.0.7
  * CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize()
  * CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords
  * CVE-2024-39330: Potential directory-traversal via Storage.save()
  * CVE-2024-39614: Potential denial-of-service vulnerability in get_supported_language_variant()
  * Fixed a bug in Django 5.0 that caused a crash of Model.full_clean() on unsaved model instances
    with a GeneratedField and certain defined Meta.constraints

* Mon Jun 03 2024 xu_ping <707078654@qq.com> - 4.2.13-1
- Upgrade version to 4.2.13

* Tue Mar 05 2024 yaoxin <yao_xin001@hoperun.com> - 4.2.3-7
- Fix CVE-2024-27351

* Wed Feb 07 2024 yaoxin <yao_xin001@hoperun.com> - 4.2.3-6
- Fix CVE-2024-24680

* Fri Dec 15 2023 xu_ping <707078654@qq.com> - 4.2.3-5
- Fix changelog bad date

* Mon Nov 06 2023 yaoxin <yao_xin001@hoperun.com> - 4.2.3-4
- Fix CVE-2023-46695

* Sun Oct 08 2023 yaoxin <yao_xin001@hoperun.com> - 4.2.3-3
- Fix CVE-2023-43665

* Thu Sep 14 2023 wangkai <13474090681@163.com> - 4.2.3-2
- Fix CVE-2023-41164

* Tue Jul 11 2023 chenzixuan <chenzixuan@kylinos.cn> - 4.2.3-1
- Update to 4.2.3

* Tue May 16 2023 yaoxin <yao_xin001@hoperun.com> - 4.1.7-2
- Fix CVE-2023-31047

* Tue Apr 11 2023 yaoxin <yao_xin001@hoperun.com> - 4.1.7-1
- Update to 4.1.7

* Sat Feb 25 2023 yaoxin <yaoxin30@h-partners.com> - 4.1.4-3
- Fix CVE-2023-24580

* Mon Feb 13 2023 yaoxin <yaoxin30@h-partners.com> - 4.1.4-2
- Fix CVE-2023-23969

* Fri Dec 09 2022 chendexi <chendexi@kylinos.cn> - 4.1.4-1
- Upgrade package to version 4.1.4

* Tue Aug 09 2022 huangduirong <huangduirong@huawei.com> - 3.2.12-3
- Type: bugfix
- CVE: CVE-2022-36359
- SUG: NA
- DESC: Fix CVE-2022-36359

* Tue Jul 05 2022 yaoxin <yaoxin30@h-partners.com> - 3.2.12-2
- Fix CVE-2022-34265

* Wed May 18 2022 xigaoxinyan <xigaoxinyan@h-partners.com> - 3.2.12-1
- Update to 3.2.12

* Thu Apr 21 2022 yaoxin <yaoxin30@h-partners.com> - 2.2.27-2
- Fix CVE-2022-28346 CVE-2022-28347

* Thu Feb 10 2022 houyingchao <houyingchao@huawei.com> - 2.2.27-1
- Upgrade to 2.2.27
- Fix CVE-2021-45115 CVE-2021-45116 CVE-2021-45452 CVE-2022-22818 CVE-2022-23833

* Fri Jul 09 2021 openstack-sig <openstack@openeuler.org>
- Update to 2.2.19

* Tue Feb 09 2021 wangxiyuan <wangxiyuan1007@gmail.com> - 2.2.3-2
- Add python3-django for correct package name. Due to backward compatibility, the python3-Django is kept and it should be removed in the future.

* Fri Jan 08 2021 Python_Bot <Python_Bot@openeuler.org> - 2.2.3-1
- Package Spec generated