Upstream has issued an advisory on August 20: https://www.djangoproject.com/weblog/2014/aug/20/security/ The issues are fixed upstream in 1.4.14, 1.5.9, and 1.6.6. Mageia 3 and Mageia 4 are also affected. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA4TOO, MGA3TOO
Looks like Philippe built all of the needed updates. python-django-1.4.14-1.mga3 python-django14-1.4.14-1.1.mga4 python-django-1.5.9-1.mga4 python-django14-1.4.14-1.mga5 python-django-1.6.6-1.mga5
Version: Cauldron => 4Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO
Advisory: ======================== Updated python-django, python3-django and python-django14 packages fix security vulnerabilities: These releases address an issue with reverse() generating external URLs (CVE-2014-0480); a denial of service involving file uploads (CVE-2014-0481); a potential session hijacking issue in the remote-user middleware (CVE-2014-0482); and a data leak in the administrative interface (CVE-2014-0483). References: https://www.djangoproject.com/weblog/2014/aug/20/security/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483 ======================== Updated packages in core/updates_testing: ======================== python-django-1.4.14-1.mga3.noarch python-django14-1.4.14-1.1.mga4.noarch python-django-1.5.9-1.mga4.noarch python3-django-1.5.9-1.mga4.noarch python-django-doc-1.5.9-1.mga4.noarch python-django14-1.4.14-1.mga5.noarch python-django-1.6.6-1.mga5.noarch python3-django-1.6.6-1.mga5.noarch python-django-doc-1.6.6-1.mga5.noarch python-django-bash-completion-1.6.6-1.mga5.noarch from SRPMS: python-django-1.4.14-1.mga3 python-django14-1.4.14-1.1.mga4 python-django-1.5.9-1.mga4 python-django14-1.4.14-1.mga5 python-django-1.6.6-1.mga5
Assignee: makowski.mageia => qa-bugs
Thanks Philippe! Just one minor adjustment, we just list SRPM names in the header. Updated python-django and python-django14 packages fix security vulnerabilities: These releases address an issue with reverse() generating external URLs (CVE-2014-0480); a denial of service involving file uploads (CVE-2014-0481); a potential session hijacking issue in the remote-user middleware (CVE-2014-0482); and a data leak in the administrative interface (CVE-2014-0483). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483 https://www.djangoproject.com/weblog/2014/aug/20/security/
CC: (none) => makowski.mageia
https://bugs.mageia.org/show_bug.cgi?id=13251#c6
CC: (none) => remiWhiteboard: MGA3TOO => MGA3TOO has_procedure
(Above comment is the testing procedure)
Testing successfully with the procedure on "MGA4-64-OK"
CC: (none) => megastorageWhiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure MGA4-64-OK
Testing on Mageia 4 32bit, there's an issue with python-django14: $ django1.4-admin startproject mysite && cd mysite $ python manage.py runserver Traceback (most recent call last): File "manage.py", line 8, in <module> from django.core.management import execute_from_command_line ImportError: No module named django.core.management
(In reply to stephane FLAVIGNY from comment #6) > Testing successfully with the procedure on "MGA4-64-OK" but Not good with python-django14-1.4.14-1.1.mga4.noarch (I forget it!!) django1.4-admin startproject mysite Traceback (most recent call last): File "/usr/bin/django1.4-admin", line 4, in <module> import pkg_resources ImportError: No module named pkg_resources
Whiteboard: MGA3TOO has_procedure MGA4-64-OK => MGA3TOO has_procedure
Debian has issued an advisory for this on August 22: https://www.debian.org/security/2014/dsa-3010
URL: (none) => http://lwn.net/Vulnerabilities/609502/
In VirtualBox, M3, KDE, 32-bit Package(s) under test: python-django default install of python-django [root@localhost wilcal]# urpmi python-django Package python-django-1.4.13-1.mga3.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost wilcal]# urpmi python-django Package python-django-1.4.14-1.mga3.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
CC: (none) => wilcal.int
In VirtualBox, M3, KDE, 64-bit Package(s) under test: python-django default install of python-django [root@localhost wilcal]# urpmi python-django Package python-django-1.4.13-1.mga3.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost mysite]# urpmi python-django Package python-django-1.4.14-1.mga3.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK
Feedback needed on comments 7 and 8 for python-django14 on Mageia 4.
Whiteboard: MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK => MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK feedback
In VirtualBox, M4, KDE, 32-bit Package(s) under test: python-django default install of python-django [root@localhost wilcal]# urpmi python-django Package python-django-1.5.8-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost wilcal]# urpmi python-django Package python-django-1.5.9-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
In VirtualBox, M4, KDE, 32-bit Package(s) under test: python3-django default install of python3-django [root@localhost wilcal]# urpmi python3-django Package python3-django-1.5.8-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost wilcal]# urpmi python3-django Package python3-django-1.5.9-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
In VirtualBox, M4, KDE, 32-bit Package(s) under test: python-django14 default install of python-django14 [root@localhost wilcal]# urpmi python-django14 Package python-django14-1.4.13-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost wilcal]# urpmi python-django14 Package python-django14-1.4.14-1.1.mga4.noarch is already installed Testing per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 Fail [wilcal@localhost public_html]$ django-admin.py startproject mysite bash: django-admin.py: command not found Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
(In reply to William Kenney from comment #15) > Package(s) under test: > python-django14 > > [wilcal@localhost public_html]$ django-admin.py startproject mysite > bash: django-admin.py: command not found The command is django1.4-admin, as shown in Comment 7.
(In reply to William Kenney from comment #15) Correction to: > install python-django from updates_testing Should read: install python-django14 from updates_testing
Testing this thing is a little like the game of Twisters.
A tip for all QA members when you can't find a command: the following command lists all binaries that are provided by the RPM given after "urpmq -l". $ urpmq -l python-django14 | grep /usr/bin
(In reply to David Walser from comment #16) > (In reply to William Kenney from comment #15) > > Package(s) under test: > > python-django14 > > > > [wilcal@localhost public_html]$ django-admin.py startproject mysite > > bash: django-admin.py: command not found > > The command is django1.4-admin, as shown in Comment 7. [wilcal@localhost public_html]$ django1.4-admin.py startproject mysite && mysite bash: django1.4-admin.py: command not found This is not working.
(In reply to William Kenney from comment #20) > (In reply to David Walser from comment #16) > > The command is django1.4-admin, as shown in Comment 7. > > [wilcal@localhost public_html]$ django1.4-admin.py startproject mysite && > mysite > bash: django1.4-admin.py: command not found > > This is not working. Please re-read my comment and Comment 7. That is not the correct command.
And once again, using the command in comment 19 you can find out the correct command each time you face such an issue.
In VirtualBox, M4, KDE, 64-bit Package(s) under test: python-django default install of python-django [root@localhost wilcal]# urpmi python-django Package python-django-1.5.8-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost wilcal]# urpmi python-django Package python-django-1.5.9-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
In VirtualBox, M4, KDE, 64-bit Package(s) under test: python3-django default install of python3-django [root@localhost wilcal]# urpmi python3-django Package python3-django-1.5.8-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" install python-django from updates_testing [root@localhost wilcal]# urpmi python3-django Package python3-django-1.5.9-1.mga4.noarch is already installed Works as expected per: https://bugs.mageia.org/show_bug.cgi?id=13251#c6 http://localhost:8000/~wilcal/ "It worked!" Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
(In reply to Rémi Verschelde from comment #22) > And once again, using the command in comment 19 you can find out the correct > command each time you face such an issue. [wilcal@localhost ~]$ urpmq -l python-django14 | grep /usr/bin /usr/bin/django-admin.py /usr/bin/django-admin.py /usr/bin/django-admin.py /usr/bin/django1.4-admin [wilcal@localhost public_html]$ django-admin.py startproject mysite bash: django-admin.py: command not found [wilcal@localhost public_html]$ django1.4-admin.py startproject mysite bash: django1.4-admin.py: command not found
(In reply to William Kenney from comment #25) > (In reply to Rémi Verschelde from comment #22) > > > And once again, using the command in comment 19 you can find out the correct > > command each time you face such an issue. > > [wilcal@localhost ~]$ urpmq -l python-django14 | grep /usr/bin > /usr/bin/django-admin.py > /usr/bin/django-admin.py > /usr/bin/django-admin.py > /usr/bin/django1.4-admin > > [wilcal@localhost public_html]$ django-admin.py startproject mysite > bash: django-admin.py: command not found > > [wilcal@localhost public_html]$ django1.4-admin.py startproject mysite > bash: django1.4-admin.py: command not found I'm not sure what the difficulty is here. If you read the output of the command that you just executed, you'll see that the command name is django1.4-admin, not django1.4-admin.py.
(In reply to David Walser from comment #26) > I'm not sure what the difficulty is here. If you read the output of the > command that you just executed, you'll see that the command name is > django1.4-admin, not django1.4-admin.py. [root@localhost public_html]# urpmi python-django14 Package python-django14-1.4.14-1.1.mga4.noarch is already installed [wilcal@localhost public_html]$ django1.4-admin startproject mysite Traceback (most recent call last): File "/usr/bin/django1.4-admin", line 4, in <module> import pkg_resources ImportError: No module named pkg_resources [wilcal@localhost public_html]$ django1.4-admin startproject mysite && mysite Traceback (most recent call last): File "/usr/bin/django1.4-admin", line 4, in <module> import pkg_resources ImportError: No module named pkg_resources
Cool, so that's the same error as in Comment 8. Try installing python-pkg-resources (it's a missing dependency) and trying it again.
[root@localhost wilcal]# urpmi python-django14 Package python-django14-1.4.13-1.mga4.noarch is already installed [wilcal@localhost ~]$ cd public_html [wilcal@localhost public_html]$ django-admin.py startproject mysite [wilcal@localhost public_html]$ cd mysite [wilcal@localhost mysite]$ python manage.py runserver Validating models... 0 errors found Django version 1.4.13, using settings 'mysite.settings' Development server is running at http://127.0.0.1:8000/ Quit the server with CONTROL-C. [26/Aug/2014 14:32:03] "GET /~wilcal/ HTTP/1.1" 200 1957 That all works just fine. [root@localhost wilcal]# urpmi python-django14 Package python-django14-1.4.14-1.1.mga4.noarch is already installed [wilcal@localhost ~]$ cd public_html [wilcal@localhost public_html]$ django-admin.py startproject mysite bash: django-admin.py: command not found [wilcal@localhost public_html]$ django1.4-admin startproject mysite Traceback (most recent call last): File "/usr/bin/django1.4-admin", line 4, in <module> import pkg_resources ImportError: No module named pkg_resources [wilcal@localhost public_html]$ django1.4-admin startproject mysite && mysite Traceback (most recent call last): File "/usr/bin/django1.4-admin", line 4, in <module> import pkg_resources ImportError: No module named pkg_resources [wilcal@localhost public_html]$ python-django-admin.py startproject mysite bash: python-django-admin.py: command not found [wilcal@localhost public_html]$ python1.4-django-admin.py startproject mysite bash: python1.4-django-admin.py: command not found [wilcal@localhost public_html]$ python1.4-django-admin startproject mysite bash: python1.4-django-admin: command not found [wilcal@localhost public_html]$ urpmq -l python-django14 | grep /usr/bin http://192.168.1.2:8080/~mageia/repo/distrib/4/i586/media/core/release/media_info/20140129-225217-files.xml.lzma http://192.168.1.2:8080/~mageia/repo/distrib/4/i586/media/core/updates/media_info/20140825-083844-files.xml.lzma http://192.168.1.2:8080/~mageia/repo/distrib/4/i586/media/core/updates_testing/media_info/20140825-182531-files.xml.lzma /usr/bin/django-admin.py /usr/bin/django-admin.py /usr/bin/django-admin.py /usr/bin/django1.4-admin So something has changed the command to something other then "django-admin.py startproject mysite" or whatever. Whatever it is I donno. The above arn't working. Does not take long to generate another Vbox client to test. Back to you shortly on the python-pkg-resources thingy.
[root@localhost wilcal]# urpmi python-pkg-resources Package python-pkg-resources-1.3-1.1.mga4.noarch is already installed [wilcal@localhost public_html]$ django1.4-admin startproject mysite now created the mysite directory and no errors. but... [wilcal@localhost mysite]$ python manage.py runserver Traceback (most recent call last): File "manage.py", line 8, in <module> from django.core.management import execute_from_command_line ImportError: No module named django.core.management
Cool, that matches Comment 7. Looking at the SVN diff for this update, I see that this is missing completely now (in %files): %{python_sitelib}/%{module}
Just for the reference, I realise now that the "urpmq -l" command I gave was not that helpful: it lists the binaries from all python-django14 packages, so including the ones in Core Release and in Core Updates. To know the binaries included in the update candidate, use: urpmq -l python-django14 --media "testing" | grep /usr/bin Sorry for the confusion :-)
(In reply to Rémi Verschelde from comment #32) > To know the binaries included in the update candidate, use: > urpmq -l python-django14 --media "testing" | grep /usr/bin Here goes: [wilcal@localhost ~]$ urpmq -l python-django14 --media "testing" | grep /usr/bin http://192.168.1.2:8080/~mageia/repo/distrib/4/i586/media/core/updates_testing/media_info/20140825-182531-files.xml.lzma /usr/bin/django1.4-admin > Sorry for the confusion :-) Not a problem. I'm done for today. I'll be poken at updates again tomorrow for awhile.
Good poken today Bill :)
Philippe, can you have a look at the issue diagnosed in comment 31?
The only issue is the missing dependency on python-pkg-resources, the other "error" is expected. You have many solution to use such module like django1.4, the first one is : $ django1.4-admin startproject mysite && cd mysite [philippe@localhost mysite]$ pwd /home/philippe/public_html/mysite $ django1.4-admin runserver --settings="mysite.settings" --pythonpath="/home/philippe/public_html/mysite" Validating models... 0 errors found Django version 1.4.14, using settings 'mysite.settings' Development server is running at http://127.0.0.1:8000/ Quit the server with CONTROL-C. The second one is to edit manage.py, to tell that you want to use Django 1.4, so it looks like : $ cat manage.py #!/usr/bin/env python import os import sys import __main__ __main__.__requires__ = ['Django >= 1.4, < 1.5'] import pkg_resources if __name__ == "__main__": os.environ.setdefault("DJANGO_SETTINGS_MODULE", "mysite.settings") from django.core.management import execute_from_command_line execute_from_command_line(sys.argv) so then you can do : $ python manage.py runserver Validating models... 0 errors found Django version 1.4.14, using settings 'mysite.settings' Development server is running at http://127.0.0.1:8000/ Quit the server with CONTROL-C. Advisory: ======================== Updated python-django and python-django14 packages fix security vulnerabilities: These releases address an issue with reverse() generating external URLs (CVE-2014-0480); a denial of service involving file uploads (CVE-2014-0481); a potential session hijacking issue in the remote-user middleware (CVE-2014-0482); and a data leak in the administrative interface (CVE-2014-0483). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483 https://www.djangoproject.com/weblog/2014/aug/20/security/ ======================== Updated packages in core/updates_testing: ======================== python-django-1.4.14-1.mga3.noarch python-django14-1.4.14-1.2.mga4.noarch python-django-1.5.9-1.mga4.noarch python3-django-1.5.9-1.mga4.noarch python-django-doc-1.5.9-1.mga4.noarch python-django14-1.4.14-2.mga5.noarch python-django-1.6.6-1.mga5.noarch python3-django-1.6.6-1.mga5.noarch python-django-doc-1.6.6-1.mga5.noarch python-django-bash-completion-1.6.6-1.mga5.noarch from SRPMS: python-django-1.4.14-1.mga3 python-django14-1.4.14-1.2.mga4 python-django-1.5.9-1.mga4 python-django14-1.4.14-2.mga5 python-django-1.6.6-1.mga5
Whiteboard: MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK feedback => MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK
Note that only python-django14 needs to be tested on Mageia 4 before we can validate this update.
(In reply to Rémi Verschelde from comment #37) > Note that only python-django14 needs to be tested on Mageia 4 before we can > validate this update. testing MGA4 x64 real hardware. Gratefully *just* python-django14. Installed this from release media, $ urpmq -l python-django14 | grep /usr/bin /usr/bin/django-admin.py Followed exactly the test procedure from https://bugs.mageia.org/show_bug.cgi?id=13251#c6 To summarise:- $ django-admin.py startproject mysite $ cd mysite/ $ python manage.py runserver Output ended with: Quit the server with CONTROL-C. [01/Sep/2014 15:07:39] "GET / HTTP/1.1" 200 1957 Visit in a browser at http://localhost:8000 to see "It Works" message and then kill the server with ctrl-c. All this OK. $ cd .. ; rm -rf mysite Updated from Updates Testing to:- python-django14-1.4.14-1.2.mga4 The command given in Comment 32 yielded (note the difference from above):- /usr/bin/django1.4-admin This time the procedure above is replaced by that from Comment 36:- $ django1.4-admin startproject mysite $ cd mysite/ ; pwd /home/lewis/mysite $ django1.4-admin runserver --settings="mysite.settings" --pythonpath="/home/lewis/mysite" Validating models... etc now ends just: Quit the server with CONTROL-C. Then the browser test as above was OK.
CC: (none) => lewyssmithWhiteboard: MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK => MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK MGA4-64-OK
This update currently changes the executable for python-django14, Philippe, which is a regression in mga4 and will cause breakage for existing users. # urpmf --media "Core Updates" python-django14 | grep usr/bin python-django14:/usr/bin/django-admin.py python-django14:/usr/bin/django-admin.py # urpmf --media "Core Updates Testing" python-django14 | grep usr/bin python-django14:/usr/bin/django1.4-admin I am removing the OK's for mga4, sorry, and adding feedback marker for now. Can you please have another look at this, thanks.
Whiteboard: MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK MGA4-64-OK => MGA3TOO feedback has_procedure MGA3-32-OK MGA3-64-OK
(In reply to claire robinson from comment #39) > This update currently changes the executable for python-django14, Philippe, > which is a regression in mga4 and will cause breakage for existing users. > Not really a regression, since this allow to have django14 and django15 at the same time, but I understand what you mean > > I am removing the OK's for mga4, sorry, and adding feedback marker for now. > Can you please have another look at this, thanks. of course, I can revert some changes and make back the conflict between django14 and django15.
python-django14-1.4.14-1.3.mga4 in testing
Whiteboard: MGA3TOO feedback has_procedure MGA3-32-OK MGA3-64-OK => MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK
For those testing, the command name has changed back to django-admin.py and the missing stuff reported in Comment 7 has been restored. Hopefully it doesn't still need pkg-resources, as that Requires has been removed.
Thanks Philippe. Testing complete mga4 32 & 64 Validating. Advisory from comment 36 uploaded with srpm from comment 41. Could sysadmin please push to 3 & 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK => MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
Whiteboard: MGA3TOO has_procedure MGA3-32-OK MGA3-64-OK mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory MGA3-32-OK MGA3-64-OK mga4-32-ok mga4-64-ok
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2014-0366.html
Status: NEW => RESOLVEDResolution: (none) => FIXED