代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/python-django 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
%global _empty_manifest_terminate_build 0
Name: python-django
Version: 4.2.15
Release: 4
Summary: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
License: Apache-2.0 and Python-2.0 and BSD-3-Clause
URL: https://www.djangoproject.com/
Source0: https://files.pythonhosted.org/packages/source/d/Django/Django-%{version}.tar.gz
Patch0: CVE-2024-45230.patch
Patch1: CVE-2024-45231.patch
Patch2: CVE-2024-53907.patch
Patch3: CVE-2024-53908.patch
Patch4: CVE-2025-26699.patch
BuildArch: noarch
%description
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
%package -n python3-Django
Summary: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
Provides: python-Django, python3-django
BuildRequires: python3-devel
BuildRequires: python3-setuptools
Requires: python3-pytz
Requires: python3-sqlparse
Requires: python3-argon2-cffi
Requires: python3-bcrypt
%description -n python3-Django
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
%package help
Summary: Development documents and examples for Django
Provides: python3-Django-doc
%description help
Development documents and examples for Django
%prep
%autosetup -n Django-%{version} -p1
%build
%py3_build
%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .
%files -n python3-Django -f filelist.lst
%dir %{python3_sitelib}/*
%files help -f doclist.lst
%{_docdir}/*
%changelog
* Tue Mar 11 2025 changtao <changtao@kylinos.cn> - 4.2.15-4
- Type:CVE
- CVE:CVE-2025-26699
- SUG:NA
- DESC:fix CVE-2025-26699
* Mon Dec 09 2024 wangkai <13474090681@163.com> - 4.2.15-3
- Fix CVE-2024-53907 CVE-2024-53908
* Thu Oct 10 2024 zhangxianting <zhangxianting@uniontech.com> - 4.2.15-2
- Fix CVE-2024-45230 CVE-2024-45231
* Thu Aug 08 2024 yaoxin <yao_xin001@hoperun.com> - 4.2.15-1
- Update to 4.2.15
* CVE-2024-41989: Memory exhaustion in ``django.utils.numberformat.floatformat()``
* CVE-2024-41990: Potential denial-of-service vulnerability in ``django.utils.html.urlize()``
* CVE-2024-41991: Potential denial-of-service vulnerability in ``django.utils.html.urlize()`` and ``AdminURLFieldWidget``
* CVE-2024-42005: Potential SQL injection in ``QuerySet.values()`` and ``values_list()``
* Fixed a regression in Django 4.2.14 that caused a crash in ``LocaleMiddleware`` when processing a language code over 500 characters
* CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize()
* CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords
* CVE-2024-39330: Potential directory-traversal via Storage.save()
* CVE-2024-39614: Potential denial-of-service vulnerability in get_supported_language_variant()
* Fixed a crash in Django 4.2 when validating email max line lengths with content decoded using the surrogateescape error handling scheme
* Tue Mar 05 2024 yaoxin <yao_xin001@hoperun.com> - 3.2.12-10
- Fix CVE-2024-27351
* Wed Feb 07 2024 yaoxin <yao_xin001@hoperun.com> - 3.2.12-9
- Fix CVE-2024-24680
* Mon Nov 06 2023 yaoxin <yao_xin001@hoperun.com> - 3.2.12-8
- Fix CVE-2023-46695
* Sun Oct 08 2023 yaoxin <yao_xin001@hoperun.com> - 3.2.12-7
- Fix CVE-2023-43665
* Thu Sep 14 2023 wangkai <13474090681@163.com> - 3.2.12-6
- Fix CVE-2023-41164
* Mon Jul 17 2023 yaoxin <yao_xin001@hoperun.com> - 3.2.12-5
- Fix CVE-2023-36053
* Tue May 16 2023 yaoxin <yao_xin001@hoperun.com> - 3.2.12-4
- Fix CVE-2023-31047
* Sat Feb 25 2023 yaoxin <yaoxin30@h-partners.com> - 3.2.12-3
- Fix CVE-2023-24580
* Mon Feb 13 2023 yaoxin <yaoxin30@h-partners.com> - 3.2.12-2
- Fix CVE-2023-23969
* Thu Oct 20 2022 Ge Wang <wangge20@h-partners.com> - 3.2.12-1
- Update to version 3.2.12 and fix CVE-2022-34265, CVE-2022-36359
* Thu Apr 21 2022 yaoxin <yaoxin30@h-partners.com> - 2.2.27-2
- Fix CVE-2022-28346 CVE-2022-28347
* Thu Feb 10 2022 houyingchao <houyingchao@huawei.com> - 2.2.27-1
- Upgrade to 2.2.27
- Fix CVE-2021-45115 CVE-2021-45116 CVE-2021-45452 CVE-2022-22818 CVE-2022-23833
* Fri Jul 09 2021 openstack-sig <openstack@openeuler.org>
- Update to 2.2.19
* Tus Feb 09 2021 wangxiyuan <wangxiyuan1007@gmail.com>
- Add python3-django for correct package name. Due to backward compatibility, the python3-Django is kept and it should be removed in the future.
* Fri Jan 08 2021 Python_Bot <Python_Bot@openeuler.org>
- Package Spec generated
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手