On Wed, Feb 09, 2011 at 07:39:20PM -0800, Ryan Boggs wrote: > Hi, > > Attached is the diff that applies the necessary change sets (15465, > 15471, & 15468) from django to fix the issues mentioned in the > security announcement released yesterday. Details can be found here: > "http://www.djangoproject.com/weblog/2011/feb/08/security/";. I tested > this diff on i386 using the Feb 8 snapshot. > > I understand that ports is currently locked but since this is a > security update, I thought it was important to get this in as soon as > possible. I chose to patch 1.2.4 instead of upgrading to 1.2.5 > because I am under the impression that this is the preferred method of > submitting security updates when ports is locked. Please let me know > if I am mistaken. > > I plan on upgrading to 1.2.5 once the ports tree is unlocked. > > Please let me know if there are any questions/comments/suggestions.
there are some changes there that are not really needed (15349). can you restrict the changes to the security bits please? f.-
