Package: python-django / 3:3.2.19-1+deb12u1

Metadata

Package Version Patches format
python-django 3:3.2.19-1+deb12u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 disable sources in sphinxdoc.diff | (download)

docs/conf.py | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

 
 disable creation of _sources directory by sphinx

 We do this to save some space as the sources of the documentation
 are not really useful in a binary package.
 .
 This is a Debian specific patch.
0002 use_debian_geoip_database_as_default.diff | (download)

django/contrib/gis/geoip2/base.py | 9 6 + 3 - 0 !
1 file changed, 6 insertions(+), 3 deletions(-)

 
 use debian geoip database path as default

 Default to Debian standard path for GeoIP directory and for GeoIP city
 file. Avoids the need to declare them in each project.
 .
 This is a Debian specific patch.
Bug-Debian: http://bugs.debian.org/645094
0004 Use locally installed documentation sources.patch | (download)

docs/conf.py | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 
 use locally installed documentation sources
0004 Set the default shebang to new projects to use Pytho.patch | (download)

django/conf/project_template/manage.py-tpl | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 set the default shebang to new projects to use python 3.
0005 Use usr bin env python3 shebang for django admin.py.patch | (download)

django/bin/django-admin.py | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 use #!/usr/bin/env python3 shebang for django-admin.py.
0006 Fixed 32690 Fixed __in lookup crash when combining w.patch | (download)

django/db/models/lookups.py | 9 9 + 0 - 0 !
tests/aggregation_regress/tests.py | 8 8 + 0 - 0 !
2 files changed, 17 insertions(+)

 
 fixed #32690 -- fixed __in lookup crash when combining with filtered
 aggregates.

Having lookups group by subquery right-hand-sides is likely unnecessary
in the first place but relatively large amount of work would be needed
to achieve that such as making Lookup instances proper resolvable
expressions.

Regression in 35431298226165986ad07e91f9d3aca721ff38ec.

Thanks James A. Munsch for the report.

(cherry picked from commit 136ff592ad8aa8b7fa1e61435e5501cc98ce8573)
0007 Refs 32786 Made Query.clear_ordering not to cause si.patch | (download)

django/db/models/query.py | 8 4 + 4 - 0 !
django/db/models/sql/compiler.py | 2 1 + 1 - 0 !
django/db/models/sql/query.py | 29 16 + 13 - 0 !
3 files changed, 21 insertions(+), 18 deletions(-)

 
 refs #32786 -- made query.clear_ordering() not to cause side effects
 by default.

(cherry picked from commit 053141d31fe5aef1c255a1be183383860e0ccce9)
0008 Refs 32690 Altered lookups Query rhs alterations dur.patch | (download)

django/db/models/fields/related_lookups.py | 58 32 + 26 - 0 !
django/db/models/lookups.py | 30 13 + 17 - 0 !
2 files changed, 45 insertions(+), 43 deletions(-)

 
 refs #32690 -- altered lookups query rhs alterations during
 initialization.

Having it happen at the lookup creation time ensures entry points
called before the compilation phase (e.g. get_group_by_cols) don't have
to duplicate the logic in charge of altering Query instances used as
rhs.

It also has the nice effect of reducing the amount of time the
alteration logic to once as opposed to multiple times if the queryset
is compiled more than once.

(cherry picked from commit e3bde71676a704e27d62e5f96dd967f7305db7f2)
0009 Fixed 33282 Fixed a crash when OR ing subquery and a.patch | (download)

django/db/models/expressions.py | 9 5 + 4 - 0 !
django/db/models/sql/query.py | 8 8 + 0 - 0 !
tests/aggregation/tests.py | 35 31 + 4 - 0 !
3 files changed, 44 insertions(+), 8 deletions(-)

 
 fixed #33282 -- fixed a crash when or'ing subquery and aggregation
 lookups.

As a QuerySet resolves to Query the outer column references grouping logic
should be defined on the latter and proxied from Subquery for the cases where
get_group_by_cols is called on unresolved expressions.

Thanks Antonio Terceiro for the report and initial patch.

(cherry picked from commit e5a92d400acb4ca6a8e1375d1ab8121f2c7220be)
0011 Moved RequestSite import to the toplevel.patch | (download)

django/contrib/sites/shortcuts.py | 7 4 + 3 - 0 !
1 file changed, 4 insertions(+), 3 deletions(-)

 
 moved requestsite import to the toplevel.

Via https://github.com/django/django/commit/78163d1ac4407d59bfc5fdf1f84f2dbbb2ed3443
0012 Add Python 3.11 support for tests.patch | (download)

django/utils/version.py | 1 1 + 0 - 0 !
tests/test_runner/test_debug_sql.py | 14 9 + 5 - 0 !
tests/test_runner/test_parallel.py | 8 6 + 2 - 0 !
tests/test_utils/tests.py | 9 7 + 2 - 0 !
4 files changed, 23 insertions(+), 9 deletions(-)

 
 fix test_runner/test_utils tests on python 3.11+.
0013 fix url validator.patch | (download)

django/core/validators.py | 13 7 + 6 - 0 !
1 file changed, 7 insertions(+), 6 deletions(-)

 
 fixed urlvalidator crash in some edge cases
CVE 2023 36053.patch | (download)

django/core/validators.py | 7 5 + 2 - 0 !
django/forms/fields.py | 3 3 + 0 - 0 !
docs/ref/forms/fields.txt | 7 6 + 1 - 0 !
docs/ref/validators.txt | 25 24 + 1 - 0 !
tests/forms_tests/field_tests/test_emailfield.py | 5 4 + 1 - 0 !
tests/forms_tests/tests/test_forms.py | 19 13 + 6 - 0 !
tests/validators/tests.py | 11 11 + 0 - 0 !
7 files changed, 66 insertions(+), 11 deletions(-)

 
 [patch] [3.2.x] fixed cve-2023-36053 -- prevented potential redos in
  EmailValidator and URLValidator.

Thanks Seokchan Yoon for reports.