python-django (0.96-1ubuntu0.1) gutsy-security; urgency=low

  * SECURITY UPDATE: Denial of service in i18n middleware.
  * debian/patches/03_CVE-2007-5712.diff: Add upstream fix. (LP: #157903)
  * References:
    CVE-2007-5712

 -- William Grant <william.grant@ubuntu.org.au>  Fri, 09 Nov 2007 23:36:03 +1100

python-django (0.96-1) unstable; urgency=low

  [ Brett Parker ]
  * New upstream release - introduces some backwards incompatible changes, see
    README.Debian or the backwards incompatible changes page at
    http://code.djangoproject.com/wiki/BackwardsIncompatibleChanges
  * Add documentation from upstream to /usr/share/doc/python-django
    Closes: #411249
  * Install the bash completion file from extras in to
    /etc/bash_completion.d/django_bash_completion
    Closes: #414399
  * Egg support dropped as it's been dropped by upstream.

 -- Brett Parker <iDunno@sommitrealweird.co.uk>  Sun, 25 Mar 2007 19:18:39 +0100

python-django (0.95.1-1) unstable; urgency=low

  [ Brett Parker ]
  * New upstream minor release for security bugs:
    - http://www.djangoproject.com/weblog/2007/jan/21/0951/
      - Fixes a small security vulnerability in the script Django's
        internationalization system uses to compile translation files
        (changeset 4360 in the "0.95-bugfixes" branch).
      - fix for a bug in Django's authentication middleware which could cause
        apparent "caching" of a logged-in user (changeset 4361).
      - patch which disables debugging mode in the flup FastCGI package Django
        uses to launch its FastCGI server, which prevents tracebacks from
        bubbling up during production use (changeset 4363).
    Closes: #407786, #407607
  * Sets Recommends to python-psycopg and moves other database engines to
    the Suggests field.

  [ Raphael Hertzog ]
  * Use python-pysqlite2 as default database engine in Recommends. Others are
    in Suggests. Closes: #403761
  * Add python-psycopg2 in Suggests. Closes: #407489

 -- Raphael Hertzog <hertzog@debian.org>  Sun, 21 Jan 2007 17:45:50 +0100

python-django (0.95-3) unstable; urgency=low

  * Integrate 2 upstream changesets:
    - http://code.djangoproject.com/changeset/3754 as
      debian/patches/04_sec_fix_auth.diff
      Fixes a possible case of mis-authentication due to bad caching.
      Closes: #407521
    - http://code.djangoproject.com/changeset/3592 as
      debian/patches/03_sec_fix_compile-messages.diff
      Fixes an (unlikely) arbitrary command execution if the user is blindly
      running compile-messages.py on a untrusted set of *.po files.
      Closes: #407519

 -- Raphael Hertzog <hertzog@debian.org>  Sat, 16 Dec 2006 15:13:29 +0100

python-django (0.95-2) unstable; urgency=low

  [ Piotr Ozarowski ]
  * Added XS-Vcs-Svn field

  [ Brett Parker ]
  * Made manage.py get a shebang with the version of python
    used when running django-admin (closes: #401616)
  * Created a convenience /usr/lib/python-django/bin symlink.

  [ Raphael Hertzog ]
  * Adapted Brett's work to better fit my views of the packaging.

 -- Raphael Hertzog <hertzog@debian.org>  Sat, 16 Dec 2006 11:03:20 +0100

python-django (0.95-1) unstable; urgency=low

  [ Brett Parker ]
  * 0.95 release - initial packaging

  [ Raphael Hertzog ]
  * Fix recommends: s/python-sqlite/python-pysqlite2/
  * Add debian/pyversions to ensure that we have at least python 2.3 (and to
    work around bug #391689 of python-support).

 -- Raphael Hertzog <hertzog@debian.org>  Mon,  9 Oct 2006 12:10:27 +0200