deleted file mode 100644
@@ -1,45 +0,0 @@
-From d294b7679f2cb51c7231d6a7fb22e76eb74e49ec Mon Sep 17 00:00:00 2001
-From: Mariusz Felisiak <felisiak.mariusz@gmail.com>
-Date: Sat, 17 Feb 2024 08:15:59 +0100
-Subject: [PATCH] Fixed #35187 -- Fixed
- @sensitive_variables/sensitive_post_parameters decorators crash with
- .pyc-only builds.
-
-Thanks Jon Janzen for the implementation idea.
-
-Thanks Marcus Hoffmann for the report.
-
-Regression in 38e391e95fe5258bc6d2467332dc9cd44ce6ba52.
-Backport of d1be05b3e9209fd0787841c71a95819d81061187 from main
-
-Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
-Upstream: https://github.com/django/django/commit/41a4bba817f139f3cfd94f04e728e046560c9a18
----
- django/views/decorators/debug.py | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/django/views/decorators/debug.py b/django/views/decorators/debug.py
-index 7ea8a540de..6540fc0651 100644
---- a/django/views/decorators/debug.py
-+++ b/django/views/decorators/debug.py
-@@ -47,7 +47,6 @@ def sensitive_variables(*variables):
-
- try:
- file_path = inspect.getfile(wrapped_func)
-- _, first_file_line = inspect.getsourcelines(wrapped_func)
- except TypeError: # Raises for builtins or native functions.
- raise ValueError(
- f"{func.__name__} cannot safely be wrapped by "
-@@ -55,7 +54,8 @@ def sensitive_variables(*variables):
- "Python file (not a builtin or from a native extension)."
- )
- else:
-- key = hash(f"{file_path}:{first_file_line}")
-+ first_line_number = wrapped_func.__code__.co_firstlineno
-+ key = hash(f"{file_path}:{first_line_number}")
-
- if variables:
- coroutine_functions_to_sensitive_variables[key] = variables
-2.34.1
-
@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.org/pypi/django/json
-md5 5d0df847e1b751a4a5d2bde1563c75fc Django-5.0.2.tar.gz
-sha256 b5bb1d11b2518a5f91372a282f24662f58f66749666b0a286ab057029f728080 Django-5.0.2.tar.gz
+md5 1009c48d70060cadb40000cc15a8058a Django-5.0.3.tar.gz
+sha256 5fb37580dcf4a262f9258c1f4373819aacca906431f505e4688e37f3a99195df Django-5.0.3.tar.gz
# Locally computed sha256 checksums
sha256 b846415d1b514e9c1dff14a22deb906d794bc546ca6129f950a18cd091e2a669 LICENSE
@@ -4,10 +4,10 @@
#
################################################################################
-PYTHON_DJANGO_VERSION = 5.0.2
+PYTHON_DJANGO_VERSION = 5.0.3
PYTHON_DJANGO_SOURCE = Django-$(PYTHON_DJANGO_VERSION).tar.gz
# The official Django site has an unpractical URL
-PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/50/98/499a2d11eb0b22fdd55ce5895e0f5ce6d7d4957a785f237a89317cb478fa
+PYTHON_DJANGO_SITE = https://files.pythonhosted.org/packages/e1/b1/ac6a16aaf0049637b50afbcf06b8ec2fa5c6ce42d4ae6ba66bbaf4c3609a
PYTHON_DJANGO_LICENSE = BSD-3-Clause
PYTHON_DJANGO_LICENSE_FILES = LICENSE
PYTHON_DJANGO_CPE_ID_VENDOR = djangoproject
Fixes: CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() [1] Remove patch that is included in this release. [1] https://docs.djangoproject.com/en/dev/releases/5.0.3/ Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu> --- ...d-sensitive_variables-sensitive_post.patch | 45 ------------------- package/python-django/python-django.hash | 4 +- package/python-django/python-django.mk | 4 +- 3 files changed, 4 insertions(+), 49 deletions(-) delete mode 100644 package/python-django/0001-Fixed-sensitive_variables-sensitive_post.patch