[Security Update] www/django

wen heping Mon, 23 Dec 2019 15:32:24 -0800

Hi, ports@:

     Here is a patch for www/py-django to update stable to 2.2.9
and update lts to 1.11.27. This update would fix some security isues:
     CVE-2019-14232
     CVE-2019-14233
     CVE-2019-14234
     CVE-2019-14235
     CVE-2019-19118
     CVE-2019-19844



    Would anyone have a look of devel/py-tblib and devel/py-asgiref which I send
patch before? If we import these 2 ports,we can do more regression tests and
import latest version of Django3.

Comments? OK?

Regards,
wen

Index: lts/Makefile
===================================================================
RCS file: /cvs/ports/www/py-django/lts/Makefile,v
retrieving revision 1.38
diff -u -p -r1.38 Makefile
--- lts/Makefile        3 Jul 2019 09:41:45 -0000       1.38
+++ lts/Makefile        20 Dec 2019 01:10:42 -0000
@@ -4,7 +4,7 @@ PORTROACH =     limit:^1\.11
 
 COMMENT =      high-level Python web framework (LTS version)
 
-MODPY_EGG_VERSION =    1.11.22
+MODPY_EGG_VERSION =    1.11.27
 LNAME =                        django-lts
 
 post-install:
Index: lts/distinfo
===================================================================
RCS file: /cvs/ports/www/py-django/lts/distinfo,v
retrieving revision 1.32
diff -u -p -r1.32 distinfo
--- lts/distinfo        3 Jul 2019 09:41:45 -0000       1.32
+++ lts/distinfo        20 Dec 2019 01:10:42 -0000
@@ -1,2 +1,2 @@
-SHA256 (Django-1.11.22.tar.gz) = gw1dQKFwUIlQK7pwYFqzJGgxRA/8FtFQHf7u9fS5yEU=
-SIZE (Django-1.11.22.tar.gz) = 7972885
+SHA256 (Django-1.11.27.tar.gz) = IBETg4aa0bEUAMlLDBnUqxKXUxbNBY6r0XRS4FRhabg=
+SIZE (Django-1.11.27.tar.gz) = 7976980
Index: lts/pkg/PLIST
===================================================================
RCS file: /cvs/ports/www/py-django/lts/pkg/PLIST,v
retrieving revision 1.35
diff -u -p -r1.35 PLIST
--- lts/pkg/PLIST       3 Jul 2019 09:41:46 -0000       1.35
+++ lts/pkg/PLIST       20 Dec 2019 01:10:44 -0000
@@ -6830,6 +6830,11 @@ share/doc/${MODPY_PY_PREFIX}-${LNAME}-${
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.19.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.20.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.21.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.22.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.23.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.24.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.25.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.26.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.2.txt
 
share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/${MODPY_EGG_VERSION}.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.3.txt
Index: stable/Makefile
===================================================================
RCS file: /cvs/ports/www/py-django/stable/Makefile,v
retrieving revision 1.28
diff -u -p -r1.28 Makefile
--- stable/Makefile     3 Jul 2019 09:41:46 -0000       1.28
+++ stable/Makefile     20 Dec 2019 01:10:44 -0000
@@ -2,7 +2,7 @@
 
 COMMENT =      high-level Python web framework
 
-MODPY_EGG_VERSION =    2.2.3
+MODPY_EGG_VERSION =    2.2.9
 
 LNAME =                        django
 
Index: stable/distinfo
===================================================================
RCS file: /cvs/ports/www/py-django/stable/distinfo,v
retrieving revision 1.24
diff -u -p -r1.24 distinfo
--- stable/distinfo     3 Jul 2019 09:41:46 -0000       1.24
+++ stable/distinfo     20 Dec 2019 01:10:44 -0000
@@ -1,2 +1,2 @@
-SHA256 (Django-2.2.3.tar.gz) = TSP2GyaJK6x4XwdAG8OMv4+kzsmT9ADpzZ3fKP1RwOo=
-SIZE (Django-2.2.3.tar.gz) = 8992109
+SHA256 (Django-2.2.9.tar.gz) = Ziof94eS4/138W9xsfMRSUiUNN5LYqdIlb1dZTTmNaU=
+SIZE (Django-2.2.9.tar.gz) = 9006404
Index: stable/pkg/PLIST
===================================================================
RCS file: /cvs/ports/www/py-django/stable/pkg/PLIST,v
retrieving revision 1.25
diff -u -p -r1.25 PLIST
--- stable/pkg/PLIST    3 Jul 2019 09:41:46 -0000       1.25
+++ stable/pkg/PLIST    20 Dec 2019 01:10:46 -0000
@@ -6977,6 +6977,11 @@ share/doc/${MODPY_PY_PREFIX}-${LNAME}-${
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.20.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.21.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.22.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.23.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.24.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.25.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.26.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.27.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.3.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.4.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/1.11.5.txt
@@ -7111,6 +7116,11 @@ share/doc/${MODPY_PY_PREFIX}-${LNAME}-${
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.0.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.1.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.10.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.11.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.12.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.13.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.14.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.15.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.2.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.3.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.4.txt
@@ -7122,6 +7132,12 @@ share/doc/${MODPY_PY_PREFIX}-${LNAME}-${
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.1.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.1.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.2.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.3.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.4.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.5.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.6.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.7.txt
+share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.8.txt
 
share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/${MODPY_EGG_VERSION}.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/2.2.txt
 share/doc/${MODPY_PY_PREFIX}-${LNAME}-${MODPY_EGG_VERSION}/releases/index.txt

[Security Update] www/django

Reply via email to