innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

[1.5.x] Update for 1.5.6 security release.

This commit is contained in:
James Bennett 2014-04-21 17:51:51 -05:00
parent cebfbcdb86
commit 486b6f398b
4 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/__init__.py
View File

@ -1,4 +1,4 @@
VERSION = (1, 5, 6, 'alpha', 0)
VERSION = (1, 5, 6, 'final', 0)
def get_version(*args, **kwargs):
# Don't litter django/__init__.py with all the get_version stuff.

2
docs/conf.py
View File

@ -52,7 +52,7 @@ copyright = 'Django Software Foundation and contributors'
# built documents.
#
# The short X.Y version.
version = '1.5.5'
version = '1.5.6'
# The full version, including alpha/beta/rc tags.
release = version
# The next version to be released

17
docs/releases/security.txt
View File

@ -448,3 +448,20 @@ Versions affected
* Django 1.4 `(patch <https://github.com/django/django/commit/3f3d887a6844ec2db743fee64c9e53e04d39a368>`__ and `Python compatibility fix) <https://github.com/django/django/commit/6903d1690a92aa040adfb0c8eb37cf62e4206714>`__
* Django 1.5 `(patch) <https://github.com/django/django/commit/22b74fa09d7ccbc8c52270d648a0da7f3f0fa2bc>`__
April 21, 2014 - CVE-2014-2014-0472
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
`CVE-2014-0472 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0472&cid=2>`_: Unexpected code execution using ``reverse()``. `Full description <https://www.djangoproject.com/weblog/2014/apr/21/security/>`_
Versions affected
-----------------
* Django 1.4 `(patch <https://github.com/django/django/commit/c1a8c420fe4b27fb2caf5e46d23b5712fc0ac535>`_)
* Django 1.5 `(patch <https://github.com/django/django/commit/2a5bcb69f42b84464b24b5c835dca6467b6aa7f1>`_)
* Django 1.6 `(patch <https://github.com/django/django/commit/4352a50871e239ebcdf64eee6f0b88e714015c1b>`_)
* Django 1.7 `(patch <https://github.com/django/django/commit/546740544d7f69254a67b06a3fc7fa0c43512958>`_)

2
setup.py
View File

@ -85,7 +85,7 @@ setup(
author_email='foundation@djangoproject.com',
description=('A high-level Python Web framework that encourages '
'rapid development and clean, pragmatic design.'),
download_url='https://www.djangoproject.com/m/releases/1.5/Django-1.5.5.tar.gz',
download_url='https://www.djangoproject.com/m/releases/1.5/Django-1.5.6.tar.gz',
license='BSD',
packages=packages,
package_data=package_data,