python-django: security bump to version 1.11.15

Bump to the latest release of the 1.11.x LTS series as 1.10.x is no longer supported upstream: https://www.djangoproject.com/download/ Fixes the following security issues: - CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page (1.11.5) - CVE-2018-6188: Information leakage in AuthenticationForm (1.11.10) - CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc template filters (1.11.11) - CVE-2018-7537: Denial-of-service possibility in truncatechars_html and truncatewords_html template filters (1.11.11) - CVE-2018-14574: Open redirect possibility in CommonMiddleware (1.11.15) Also add a hash for the license file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2026-01-04 06:10:16 +03:00 · 2018-08-17 16:47:36 +02:00
parent c48f8a6462
commit ae977e9428
2 changed files with 5 additions and 5 deletions
--- a/package/python-django/python-django.mk
+++ b/package/python-django/python-django.mk
@@ -4,10 +4,10 @@
 #
 ################################################################################

-PYTHON_DJANGO_VERSION = 1.10.7
+PYTHON_DJANGO_VERSION = 1.11.15
 PYTHON_DJANGO_SOURCE = Django-$(PYTHON_DJANGO_VERSION).tar.gz
 # The official Django site has an unpractical URL
-PYTHON_DJANGO_SITE = https://pypi.python.org/packages/15/b4/d4bb7313e02386bd23a60e1eb5670321313fb67289c6f36ec43bce747aff
+PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/43/b5/b44286e56a5211d37b4058dcd5e62835afa5ce5aa6a38b56bd04c0d01cbc
 PYTHON_DJANGO_LICENSE = BSD-3-Clause
 PYTHON_DJANGO_LICENSE_FILES = LICENSE
 PYTHON_DJANGO_SETUP_TYPE = setuptools