1. 10 May, 2022 4 commits
  2. 21 Feb, 2022 5 commits
  3. 28 Jul, 2021 5 commits
  4. 12 May, 2021 2 commits
  5. 21 Apr, 2021 2 commits
  6. 06 Apr, 2021 1 commit
    • Chris Lamb's avatar
      Import Debian changes 2:2.2.20-1 · b9535ab3
      Chris Lamb authored
      python-django (2:2.2.20-1) unstable; urgency=medium
      .
        * New upstream security release:
      .
          - CVE-2021-28658: The MultiPartParser class allowed directory-traversal
            via uploaded files via maliciously crafted filenames. (Closes: #986447)
      .
      python-django (2:2.2.19-1) unstable; urgency=medium
      .
        * New upstream security release:
      .
          - CVE-2021-23336: Prevent a web cache poisoning attack via "parameter
            cloaking". Django contains a copy of urllib.parse.parse_qsl() which was
            added to backport some security fixes. A further security fix has been
            issued recently such that parse_qsl() no longer allows using ";" as a
            query parameter separator by default. (Closes: #983090)
      .
          <https://www.djangoproject.com/weblog/2021/feb/19/security-releases/>
      .
        * Refresh patches.
      .
      python-django (2:2.2.18-1) unstable; urgency=medium
      .
        * New upstream security release:
      .
          - CVE-2021-3281: Potential directory-traversal via archive.extract().
      .
            The django.utils.archive.extract() function, used by startapp --template
            and startproject --template, allowed directory-traversal via an archive
            with absolute paths or relative paths with dot segments.
            (Closes: #981562)
      .
          <https://www.djangoproject.com/weblog/2021/feb/01/security-releases/>
      .
        * Drop 0006-Fixed-31850-Fixed-BasicExtractorTests.test_extractio.patch;
          applied upstream.
      .
      python-django (2:2.2.17-2) unstable; urgency=medium
      .
        * Fix compatibility with xgettext 0.21. (Closes: #978263)
        * Move to debian/watch file version 4.
        * Bump Standards-Version to 4.5.1.
      .
      python-django (2:2.2.17-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/stable/releases/2.2.17/>
      .
        [ Ondřej Nový ]
        * d/control: Update Maintainer field with new Debian Python Team
          contact address.
        * d/control: Update Vcs-* fields with new Debian Python Team Salsa
          layout.
      .
      python-django (2:2.2.16-1) unstable; urgency=medium
      .
        * New upstream security release to address CVE-2020-24583, CVE-2020-24584.
          (Closes: #969367)
          <https://www.djangoproject.com/weblog/2020/sep/01/security-releases/>
      .
      python-django (2:2.2.15-2) unstable; urgency=medium
      .
        * Set the PYTHONPATH in the autopkgtests in the same way that we do in
          debian/rules. (Closes: #968577)
      .
      python-django (2:2.2.15-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/3.0/releases/2.2.15/>
        * Move to compat level 13.
      .
      python-django (2:2.2.14-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/3.0/releases/2.2.14/>
        * Refresh patches.
      .
      python-django (2:2.2.13-2) unstable; urgency=medium
      .
        * Backport a regression in the handling of CVE-2020-13254.
      .
      python-django (2:2.2.13-1) unstable; urgency=medium
      .
        * New upstream security release.
          <https://www.djangoproject.com/weblog/2020/jun/03/security-releases/>
        * Drop from debian/source/include-binaries the file
          debian/patches/0006-Fixed-a-missing-pyc-test-file-in-source-distribution.patch.
      .
      python-django (2:2.2.12-1) unstable; urgency=medium
      .
        * New upstream release.
          <https://docs.djangoproject.com/en/3.0/releases/2.2.12/>
      .
      python-django (2:2.2.11-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream security release. (Closes: #953102)
          <https://www.djangoproject.com/weblog/2020/mar/04/security-releases/>
      .
        [ Mattia Rizzolo ]
        * Add a Breaks against python3-django-filters (<< 2.1.0).
        * Mark python-django-doc as Multi-Arch:foreign (via the Multi-Arch hinter).
      .
      python-django (2:2.2.10-1) unstable; urgency=medium
      .
        * New upstream security release. (Closes: #950581)
          <https://www.djangoproject.com/weblog/2020/feb/03/security-releases/>
        * Bump Standards-Version to 4.5.0.
      .
      python-django (2:2.2.9-2) unstable; urgency=medium
      .
        * Add python3-selenium to test-dependencies and to a runtime "Suggests".
          (Closes: #947549)
      .
      python-django (2:2.2.9-1) unstable; urgency=medium
      .
        * New upstream security release. (Closes: #946937)
          <https://www.djangoproject.com/weblog/2019/dec/18/security-releases/>
      .
      python-django (2:2.2.8-1) unstable; urgency=medium
      .
        * New upstream security release.
          <https://www.djangoproject.com/weblog/2019/dec/02/security-releases/>
      .
      python-django (2:2.2.7-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.2/releases/2.2.7/>
      .
        [ Ondřej Nový ]
        * Bump Standards-Version to 4.4.1.
      .
      python-django (2:2.2.6-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.2/releases/2.2.6/>
      .
      python-django (2:2.2.5-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.2/releases/2.2.5/>
      .
      python-django (2:2.2.4-1) unstable; urgency=medium
      .
        * New upstream security release. (Closes: #934026)
          <https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>
      .
      python-django (2:2.2.3-5) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * Drop Pre-Depends on version of dpkg that is now satisfied in oldoldstable.
      .
        [ Ondřej Nový ]
        * Bump Standards-Version to 4.4.0
      .
      python-django (2:2.2.3-4) unstable; urgency=medium
      .
        * Fixup debian/python-django-doc.doc-base to refer to the new location(s) of
          the documentation. (Closes: #931652)
      .
      python-django (2:2.2.3-3) unstable; urgency=medium
      .
        * python3-mysqlclient 1.3.13 or newer is now required so add a "Breaks" on
          versions older than this. Thanks to Zhang Jingqiang for the report.
          (Closes: #931592)
        * Drop "Python 3 version" from package description; we only have this
          version now.
        * Run `wrap-and-sort -sa`.
      .
      python-django (2:2.2.3-2) unstable; urgency=medium
      .
        * Upload (Python 3.x-only) branch to unstable after the release of
          Debian "buster".
        * Update debian/gbp.conf to refer to debian/sid after merge.
      .
      python-django (2:2.2.3-1) experimental; urgency=medium
      .
        * New upstream security release.
          <https://www.djangoproject.com/weblog/2019/jul/01/security-releases/>
          (Closes: #931316)
      .
      python-django (2:2.2.1-1) experimental; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.2/releases/2.2.1/>
      .
      python-django (2:2.2-1) experimental; urgency=medium
      .
        * New upstream realease.
          <https://docs.djangoproject.com/en/2.2/releases/2.2/>
      .
      python-django (2:2.2~rc1-1) experimental; urgency=medium
      .
        * New upstream release candidate release.
          <https://www.djangoproject.com/weblog/2019/mar/18/django-22-rc1/>
        * Drop a test that fails with "OverflowError: timestamp out of range for
          platform time_t" on 32-bit platforms. (Closes: #924784)
      .
      python-django (2:2.2~beta1-1) experimental; urgency=medium
      .
        * New upstream beta release.
          <https://www.djangoproject.com/weblog/2019/feb/11/django-22-beta-1-released/>
      .
      python-django (2:2.2~alpha1-1) experimental; urgency=medium
      .
        * New upstream alpha release.
          <https://www.djangoproject.com/weblog/2019/jan/17/django-22-alpha-1/>
      .
      python-django (2:2.1.5-1) experimental; urgency=medium
      .
        * New upstream security release:
          - CVE-2019-3498: Content spoofing possibility in the default 404 page.
            (Closes: #918230)
          <https://www.djangoproject.com/weblog/2019/jan/04/security-releases/>
        * Drop 0007-Fixed-29182-Adjusted-SQLite-schema-table-alteration-.patch;
          applied upstream. (re. #915626)
        * Move to debhelper-compat virtual package.
        * debian/control:
          - Bump debhelper compatibility level to 12.
          - Bump Standards-Version to 4.3.0.
      .
      python-django (2:2.1.4-2) experimental; urgency=medium
      .
        * Apply patch from upstream to fix compatibility with SQLite 3.26.
          (Closes: #915626)
      .
      python-django (2:2.1.4-1) experimental; urgency=medium
      .
        * New upstream bugfix release:
          <https://docs.djangoproject.com/en/stable/releases/2.1.4/>
        * Refresh patches.
      .
      python-django (2:2.1.3-1) experimental; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.1/releases/2.1.3/>
      .
      python-django (2:2.1.2-2) experimental; urgency=medium
      .
        * Default to supporting Spatialite >= 4.2. (Closes: #910240)
        * debian/control: Update libgdal's SONAME in Suggests.
        * Add libsqlite3-mod-spatialite to Suggests.
      .
      python-django (2:2.1.2-1) experimental; urgency=medium
      .
        * New upstream security release.
      .
          CVE-2018-16984: Password hash disclosure to "view only" admin users. If an
          admin user has the change permission to the user model, only part of the
          password hash is displayed in the change form. Admin users with the view
          (but not change) permission to the user model were displayed the entire
          hash.  While it's typically infeasible to reverse a strong password hash,
          if a site uses weaker password hashing algorithms such as MD5 or SHA1,
          it could be a problem. (Closes: #910016)
      .
        * Move all documentation to /usr/share/doc.
        * Really remove all license files (eg. LICENSE-SELECT2.md).
        * debian/tests/control: Drop deprecated needs-recommends test restriction.
      .
      python-django (2:2.1.1-1) experimental; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.1/releases/2.1.1/>
        * Bump Standards-Version to 4.2.1.
      .
      python-django (2:2.1-1) experimental; urgency=medium
      .
        * New upstream release.
          - CVE-2018-14574: Open redirect possibility in CommonMiddleware.
            (Closes: #905216)
      .
      python-django (2:2.1~rc1-1) experimental; urgency=medium
      .
        * New upstream RC release.
          <https://www.djangoproject.com/weblog/2018/jul/18/django-21-rc1/>
        * Bump Standards-Version to 4.1.5.
      .
      python-django (2:2.1~beta1-1) experimental; urgency=medium
      .
        * New upstream beta release. (Closes: #901526)
          <https://www.djangoproject.com/weblog/2018/jun/18/django-21-beta-1-released/>.
        * Patches:
          - Drop 0006-Fixed-a-missing-pyc-test-file-in-source-distribution.patch;
            applied upstream.
          - Refresh all patches.
          - Set gbp-pq's --abbrev's default to 12 in gbp.conf.
        * Drop "old" X-Python-Version header in debian/control.
        * debian/rules:
          - Also remove LICENSE.md files.
          - Delete all extra license files, not just the ones in the main package.
          - Move dropping of extra license files to dh_installdocs.
      .
      python-django (2:2.1~alpha1-1) experimental; urgency=medium
      .
        * New upstream alpha release.
          <https://docs.djangoproject.com/en/dev/releases/2.1/>.
          - Refresh 0002-use_debian_geoip_database_as_default.diff.
      .
      python-django (2:2.0.5-1) experimental; urgency=medium
      .
        * New upstream bugfix release
          <https://docs.djangoproject.com/en/2.0/releases/2.0.5/>.
          - Rebase and refresh patches.
        * Bump Standards-Version to 4.1.4.
      .
      python-django (2:2.0.4-1) experimental; urgency=medium
      .
        * New upstream bugfix release
          <https://docs.djangoproject.com/en/2.0/releases/2.0.4/>.
        * Update Vcs-Git and Vcs-Browser to salsa.
        * Bump debhelper compatibility level to 11.
        * Drop debian/python-django-doc.examples.
      .
      python-django (2:2.0.3-1) experimental; urgency=medium
      .
        * New upstream security release:
          - CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc
            template filters.
          - CVE-2018-7537: Denial-of-service possibility in truncatechars_html and
            truncatewords_html template filters
      .
      python-django (2:2.0.2-1) experimental; urgency=medium
      .
        * New upstream security release:
          - CVE-2018-6188: A regression in Django 1.11.8 made
            django.contrib.auth.forms.AuthenticationForm run its
            confirm_login_allowed() method even if an incorrect password is entered.
            This can leak information about a user, depending on what messages
            confirm_login_allowed() raises. If confirm_login_allowed() isn't
            overridden, an attacker enter an arbitrary username and see if that user
            has been set to is_active=False. If confirm_login_allowed() is
            overridden, more sensitive details could be leaked.
        * Use HTTPS Format: URI in debian/copyright.
      .
      python-django (2:2.0.1-1) experimental; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.0/releases/2.0.1/>
        * Bump Standards-Version to 4.1.3.
      .
      python-django (2:2.0-1) experimental; urgency=medium
      .
        * New upstream stable release.
          https://docs.djangoproject.com/en/2.0/releases/2.0/
      .
      python-django (1:2.0~rc1-1) experimental; urgency=medium
      .
        * New upstream release candidate.
          <https://www.djangoproject.com/weblog/2017/nov/15/django-20-release-candidate-1-released/>
        * Drop trailing whitespace in debian/changelog.
      .
      python-django (1:2.0~beta1-1) experimental; urgency=medium
      .
        * New upstream beta release of Django 2.0.
          <https://www.djangoproject.com/weblog/2017/oct/16/django-20-beta-1-released/>
        * debian/watch:
          - Use HTTPS URI to avoid debian-watch-uses-insecure-uri warning.
          - uversionmangle alpha releases prefixed with "a" (eg. 2.0a1 → 2.0~alpha1)
        * Bump Standards-Version to 4.1.1.
      .
      python-django (1:2.0~alpha1-2) experimental; urgency=medium
      .
        New upstream alpha release of Django 2.0.
        <https://docs.djangoproject.com/en/dev/releases/2.0/>
      .
        * Drop Python 2.x support:
          - Remove python-django and python-django-common binary packages and
            splitting logic.
          - Drop our local debian/django-admin wrapper, making /usr/bin/django-admin
            a symlink to the version under dist-packages.
          - Consolidate a number of files under debian/.
          - Simplify autopkgtests to reflect lack of Python 2.x support.
      .
        * deban/control:
          - Add Replaces/Breaks on python-django and python-django-common.
          - Add Replaces/Breaks/Provodes on python-django-common.
          - Bump X-Python-Version to 3.5.
          - Bump Standards-Version to 4.1.0.
          - Move python-doc Depends to python3-doc.
          - Drop extra whitespaces.
          - Move sphinx-doc Build-Dependency to python3-sphinx.
      .
        * debian/rules:
          - Correct find(1) call to delete all license files.
          - Drop explicitly excluding .js and objects.inv files; this is done by
            dh_compress now.
          - Be explicit when removing embedded Javascript libraries.
      .
        * debian/patches/*:
          - Update 0002-use_debian_geoip_database_as_default.diff to reflect new
            location of base.py.
          - Drop 0003-Fixed-test_middleware_classes_headers-if-Django-sour.patch;
            merged upstream.
          - Refresh 0004-Use-locally-installed-documentation-sources.patch.
          - Ensure the default shebang for new projects uses Python 3.x.
          - Make patches "pq import -> pq export clean".
      .
        * Lintian:
          - Add "python-script-but-no-python-dep" override for "manage.py-tpl". This
            is not a true Python script, it's a template only.
          - Add source overrides for "source-contains-prebuilt-javascript-object"
            files under django/contrib/admin/static/admin/js. These are not bugs
            and/or upstream will not remove them from the orig tarball anyway.
          - Add overrides for "no-upstream-changelog"; we ship upstream's excellent
            release notes in the python-django-doc package.
          - Drop unnecessary overrides.
      .
      python-django (1:1.11.22-1) unstable; urgency=medium
      .
        * New upstream security release.
          <https://www.djangoproject.com/weblog/2019/jul/01/security-releases/>
          (Closes: #931316)
      .
      python-django (1:1.11.21-1) unstable; urgency=medium
      .
        * New upstream security release.
          - CVE-2019-12308: XSS in Django admin via AdminURLFieldWidget
            (Closes: #929927)
      .
      python-django (1:1.11.20-1) unstable; urgency=medium
      .
        * New upstream security release.
          - CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
            (Closes: #922027)
      .
      python-django (1:1.11.18-1) unstable; urgency=medium
      .
        * New upstream security release:
          - CVE-2019-3498: Content spoofing possibility in the default 404 page.
            (Closes: #918230)
          <https://www.djangoproject.com/weblog/2019/jan/04/security-releases/>
        * Move to debhelper-compat virtual package.
        * Bump debhelper compatibility level to 12.
        * Bump Standards-Version to 4.3.0.
        * 0007-Fixed-29182-Adjusted-SQLite-schema-table-.patch: Fix grammar/spelling
          error in upstream patch.
      .
      python-django (1:1.11.17-2) unstable; urgency=medium
      .
        * Backport patch from upstream to fix compatibility with SQLite 3.26.
          (Closes: #915626)
      .
      python-django (1:1.11.17-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          - https://docs.djangoproject.com/en/stable/releases/1.11.17/
        * Drop patches that have been applied upstream:
          - 0005-Fix-SyntaxError-Generator-expression-must-be-parenth.patch,
          - 0007-Refs-28814-Fixed-migrations-crash-with-namespace-pac.patch
          - 0008-Refs-28814-Fixed-test_runner-failure-on-Python-3.7.patch
      .
      python-django (1:1.11.16-4) unstable; urgency=medium
      .
        * Cherry-pick two patches from upstream to fix test failures under Python
          3.7. Thanks to Gaudenz Steinlin for the in-depth investigation.
          (Closes: #891753)
        * Add libsqlite3-mod-spatialite to Build-Depends to ensure we test our patch
          for Spatialite 4.2 introduced as part of the fix for #910240.
      .
      python-django (1:1.11.16-3) unstable; urgency=medium
      .
        * Default to supporting Spatialite >= 4.2. (Closes: #910240)
        * debian/control:
          - Update libgdal's SONAME in Suggests.
          - Add libsqlite3-mod-spatialite to Suggests.
      .
      python-django (1:1.11.16-2) unstable; urgency=medium
      .
        * Fix broken contrib/admin/static/admin/{img,fonts}/README.txt symlinks.
          (Closes: #910120)
        * debian/rules:
          - Rename PREFIX -> PREFIX2 variable for clarity.
          - Use variables for the Python 2.x and 3.x "dist-packages" directories.
      .
      python-django (1:1.11.16-1) unstable; urgency=medium
      .
        * New upstream bugfix release:
          - Fix a race condition in QuerySet.update_or_create() that could result in
            data loss. <https://code.djangoproject.com/ticket/29499>
        * debian/tests/control: Drop deprecated needs-recommends test restriction.
        * Move "fonts" and "img" README documentation to /usr/share/doc.
        * Bump Standards-Version to 4.2.1.
      .
      python-django (1:1.11.15-1) unstable; urgency=medium
      .
        * New upstream security release.
          - CVE-2018-14574: Open redirect possibility in CommonMiddleware.
            (Closes: #905216)
      .
      python-django (1:1.11.14-1) unstable; urgency=medium
      .
        * New upstrem bugfix release.
          <https://docs.djangoproject.com/en/2.0/releases/1.11.14/>
      .
      python-django (1:1.11.13-2) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * Fix "SyntaxError: Generator expression must be parenthesized with
          python3.7". (Closes: #902761)
      .
        [ Ondřej Nový ]
        * d/control: Remove ancient X-Python-Version field
      .
      python-django (1:1.11.13-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.0/releases/1.11.13/>.
        * Bump Standards-Version to 4.1.4.
      .
        [ Ondřej Nový ]
        * d/tests: Use AUTOPKGTEST_TMP instead of ADTTMP
      .
      python-django (1:1.11.12-1) unstable; urgency=medium
      .
        * New upstream bugfix release
          <https://docs.djangoproject.com/en/2.0/releases/1.11.12/>.
        * Bump debhelper compatibility level to 11.
        * Drop debian/python-django-doc.examples.
        * python-django-doc.doc-base: Update locations of documentation files as they
          are installed to /usr/share/doc/python-django, not [...]/python-django-doc.
      .
      python-django (1:1.11.11-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream security release:
          - CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc
            template filters.
          - CVE-2018-7537: Denial-of-service possibility in truncatechars_html and
            truncatewords_html template filters
      .
        [ Ondřej Nový ]
        * d/control: Set Vcs-* to salsa.debian.org
      .
      python-django (1:1.11.10-1) unstable; urgency=medium
      .
        * New upstream security release:
          - CVE-2018-6188: A regression in Django 1.11.8 made
            django.contrib.auth.forms.AuthenticationForm run its
            confirm_login_allowed() method even if an incorrect password is entered.
            This can leak information about a user, depending on what messages
            confirm_login_allowed() raises. If confirm_login_allowed() isn't
            overridden, an attacker enter an arbitrary username and see if that user
            has been set to is_active=False. If confirm_login_allowed() is
            overridden, more sensitive details could be leaked.
        * Use HTTPS "Format" URI in debian/copyright.
      .
      python-django (1:1.11.9-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/2.0/releases/1.11.9/>
        * Bump Standards-Version to 4.1.3.
        * Update debian/python-django-common.lintian-overrides for updated Lintian
          output.
      .
      python-django (1:1.11.7-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://www.djangoproject.com/weblog/2017/nov/01/bugfix-release/>
        * debian/watch: Only match 1.x versions on this branch.
      .
      python-django (1:1.11.6-2) unstable; urgency=medium
      .
        * Add Breaks: openstack-dashboard (<< 3:12) to ensure this package gets
          upgraded (etc.) first. The version in experimental (3:12.x) is supposed to
          work with the newer python-django. (Closes: #880409)
        * wrap-and-sort -sa.
        * Use HTTPS URI in debian/watch.
        * Tidy whitespace in debian/changelog.
      .
      python-django (1:1.11.6-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/1.11/releases/1.11.6/>
        * Build documentation using the Python 3 version of Sphinx to ease the
          Python 2.x migration.
      .
      python-django (1:1.11.5-2) unstable; urgency=medium
      .
        * Fix QuerySet.defer() with super and subclass fields. (Closes: #876816)
        * Use --abbrev=7 when using git pq export.
      .
      python-django (1:1.11.5-1) unstable; urgency=medium
      .
        * CVE-2017-12794: New upstream security release. (Closes: #874415)
          <https://docs.djangoproject.com/en/dev/releases/1.11.5/>
      .
      python-django (1:1.11.4-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
          <https://docs.djangoproject.com/en/1.11/releases/1.11.4/>
      .
      python-django (1:1.11.3-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream bugfix release.
          - Drop 0003-Fixed-test_middleware_classes_headers-if-Django-sour.patch as
            it was merged upstream.
        * Check DEB_BUILD_PROFILES consistently, not DEB_BUILD_OPTIONS.
      .
        [ Brian May ]
        * Use locally installed intersphinx mapping sources. (Closes: #852512)
      .
      python-django (1:1.11.2-2) unstable; urgency=medium
      .
        * Upload (LTS) release to unstable.
          - Incorporate Python 3.6 compatibility. (Closes: #865053)
        * Use !nocheck profile for build dependencies that are only required for
          tests.
        * Move to debhelper compatibility level 10.
        * Bump Standards-Version to 4.0.0.
        * wrap-and-sort -sa.
      .
      python-django (1:1.11.2-1) experimental; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream minor release.
          <https://docs.djangoproject.com/en/1.11/releases/1.11.2/>
        * Backport patch from <https://code.djangoproject.com/ticket/26755> to
          prevent test_middleware_classes_headers from failing if the Django source
          is not writable. This should fix the autopkgtests. (Closes: #816435)
        * Refresh all patches with ``pq import && pq export --renumber``.
      .
        [ Raphaël Hertzog ]
        * Update README.source and debian/gbp.conf.
        * Document a minimal Django packaging policy in
          README.Django-packaging-policy. (Closes: #863514)
        * Remove README.Debian which contained only outdated information.
        * Drop FastCGI initscript, it's obsolete, WSGI is required nowadays.
        * Drop migrate-south helper script as south is gone for a long time already.
        * Add same documentation in python3-django as in python-django.
          (Closes: #831838)
      .
      python-django (1:1.11.1-3) experimental; urgency=medium
      .
        * Really add Build-Depends on libgdal-dev.
      .
      python-django (1:1.11.1-2) experimental; urgency=medium
      .
        * Add missing Build-Depends on libgdal-dev due to new GIS tests.
      .
      python-django (1:1.11.1-1) experimental; urgency=medium
      .
        * New upstream minor release.
          <https://docs.djangoproject.com/en/1.11/releases/1.11.1/>
      .
      python-django (1:1.11-1) experimental; urgency=medium
      .
        * New upstream stable release. (Closes: #859515, #859516)
      .
      python-django (1:1.11~rc1-1) experimental; urgency=medium
      .
        * New upstream beta release.
      .
      python-django (1:1.11~beta1-1) experimental; urgency=medium
      .
        * New upstream beta release.
        * Update debian/gbp.conf.
        * Drop taskset calls when running testsuite now that
          <https://code.djangoproject.com/ticket/27741> has been resolved.
      .
      python-django (1:1.11~alpha1-1) experimental; urgency=medium
      .
        * New upstream alpha release.
        * Match/mangle upstream versions using (eg.) "b1" instead of "beta1" in
          debian/watch.
        * Drop now-unused source-is-missing Lintian overrides.
        * Limit parallelism in testsuite to avoid FTBFS. See:
          <https://code.djangoproject.com/ticket/27741>
      .
      python-django (1:1.10~beta1-2) experimental; urgency=medium
      .
        * Need to bump Debian revision due to change of .dsc contents.
      .
      python-django (1:1.10~beta1-1) experimental; urgency=medium
      .
        * New upstream beta release.
      .
      python-django (1:1.9.7-2) unstable; urgency=medium
      .
        * Re-upload 1.9.7 to unstable with epoch.
      .
      python-django (1.10~beta1-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * New upstream beta release.
        * Drop fix-25761-add-traceback-attribute.patch; applied upstream.
      .
        [ Raphaël Hertzog ]
        * Remove obsolete /etc/bash_completion.d/django_bash_completion on upgrade.
          Closes: #801744
      .
      python-django (1.9.7-1) unstable; urgency=medium
      .
        [ Raphaël Hertzog ]
        * New upstream bugfix release.
        * Bump python-sphinx build dependency to >= 1.3. Closes: #824108
        * Drop build dependency on locales. C.UTF-8 that we currently use is part of
          libc-bin.
      .
        [ Chris Lamb ]
        * Remove duplicated "of of" in python-django's README.Debian.
      .
      python-django (1.9.6-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
      .
      python-django (1.9.5-2) unstable; urgency=medium
      .
        * Drop the dir_to_symlink transition that was only really needed
          for upgrades between versions 1.9~rc2 and 1.9.4. Closes: #821789
      .
      python-django (1.9.5-1) unstable; urgency=medium
      .
        * New upstream bugfix release:
          https://docs.djangoproject.com/en/1.9/releases/1.9.5/
        * Fix the DEP-8 test suite (django-admin --with python3 failing
          because ./manage.py does not have a good shebang).
        * Update Standards-Version to 3.9.8.
        * Add some lintian overrides.
        * Tweak Vcs-Browser to use https.
        * Drop obsolete parts of the copyright file.
      .
      python-django (1.9.4-1) unstable; urgency=high
      .
        [ Luke Faraone ]
        * New upstream security release:
          https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
          - CVE-2016-2512: Malicious redirect and possible XSS via user-supplied
            redirect URLs containing basic auth
          - CVE-2016-2513: User enumeration through timing difference on password
            hasher work factor upgrade
            Closes: #816434
      .
        [ Raphaël Hertzog ]
        * Fix rules file to no longer mess with *_templates directories. They no
          longer contain invalid .py files but only *-tpl template files that are
          instantiated at runtime.
      .
      python-django (1.9.2-1) unstable; urgency=medium
      .
        * New upstream security release fixing:
          - CVE-2016-2048: User with "change" but not "add" permission can create
            objects for ModelAdmin objects with save_as=True
            Closes: #813448
      .
      python-django (1.9.1-1) unstable; urgency=medium
      .
        * New upstream release.
      .
      python-django (1.9-2) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * Use dpkg-maintscript-helper's dir_to_symlink to correctly replace the
          app_template and project_template symlinks added in 1.9~rc2-2.
          (Closes: #807683)
      .
        [ Raphaël Hertzog ]
        * Add some DEP-8 tests testing "django-admin" and running the test suite
          against the installed package. In both cases, we do it with python2 and
          python3.
        * Add python-tblib and python3-tblib to Build-Depends for the benefit of
          the parallel testing feature of the test suite.
        * Add "set -e" in the command line running the tests with all supported
          versions so that it actually fails as soon as one version is failing
          (and thus disallow later successes to shadow earlier failures).
      .
      python-django (1.9-1) unstable; urgency=medium
      .
        * Upload to unstable
        * Adjust uversionmangle in debian/watch to mangle "1.9rc2" scheme
          (previously only "1.9-rc-2" would have matched).
      .
      python-django (1.9~rc2-2) experimental; urgency=medium
      .
        * Move {app,project}_template to python-django-common to prevent
          byte-compilation (via pycompile) on installation, causing failure. They are
          not valid Python files until variables have been interpolated.
      .
      python-django (1.9~rc2-1) experimental; urgency=medium
      .
        * New upstream release candidate.
        * Add myself to Uploaders.
      .
      python-django (1.8.7-2) unstable; urgency=high
      .
        * Rely on C.UTF-8 to run the tests instead of building our locale ourselves.
        * Add debian/patches/fix-25761-add-traceback-attribute.patch:
          new patch to ensure exceptions registered in __cause__ attributes
          have a __traceback__ attribute. Closes: #802677
        * Extend lintian overrides to cover more false positives of
          source-is-missing.
        * Cleanup debian/copyright for dropped/renamed files.
        * Run tests for all supported Python versions.
      .
      python-django (1.8.7-1) unstable; urgency=high
      .
        * New upstream security release:
          https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
          It fixes:
          - CVE-2015-8213: settings leak possibility in date template filter
      .
      python-django (1.8.6-1) unstable; urgency=medium
      .
        * New upstream bugfix release.
      .
      python-django (1.8.5-2) unstable; urgency=medium
      .
        * Upload to unstable.
      .
      python-django (1.8.5-1) experimental; urgency=medium
      .
        * New upstream bugfix release:
          https://www.djangoproject.com/weblog/2015/oct/03/bugfix-release-issued/
      .
      python-django (1.8.4-1) experimental; urgency=medium
      .
        * New upstream security release:
          https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
          It fixes:
          - CVE-2015-5964: possible denial-of-service in logout() view
        * Update debian/copyright to copyright-format 1.0.
      .
      python-django (1.8.3-1) experimental; urgency=medium
      .
        * New upstream security release:
          https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
          It fixes:
          - CVE-2015-5143: possible denial-of-service by filling session store
          - CVE-2015-5144: possible header injection since validators accept
            newlines in input
          - CVE-2015-5145: possible denial-of-service in URL validation
        * Drop fix-assertRaisesMessage.patch and
          fix-test-extended-length-storage.patch which have been merged upstream.
      .
      python-django (1.8.2-1) experimental; urgency=medium
      .
        * New upstream security release:
          https://www.djangoproject.com/weblog/2015/may/20/security-release/
        * Install bash completion file into /usr/share/bash-completion/completions/
      .
      python-django (1.8.1-1) experimental; urgency=medium
      .
        * New major upstream release:
          https://docs.djangoproject.com/en/1.8/releases/1.8/
          https://docs.djangoproject.com/en/1.8/releases/1.8.1/
        * Refresh all patches.
        * Drop 03_manpage.diff, merged upstream.
        * Clean up rules since we can use the pristine docs directory, now
          that they refer to django-admin and not django-admin.py
        * Add jinja2 and mock as build dependencies required by the test
          suite.
        * Add fix-assertRaisesMessage.patch to make the package build with
          python 2.7.10~rc1 which is affected by
          https://bugs.python.org/issue24134
        * Add fix-test-extended-length-storage.patch to make the package build
          even when AUFS is in use (and when the max length of a filename is
          shorter than usual).
      .
      python-django (1.7.10-1) unstable; urgency=medium
      .
        * Fix Python 3.5 HTMLParseError issue. Closes: #800137.
        * New upstream version. Fixes CVE-2015-5963, CVE-2015-5964. Closes: #796104.
        * Add numpy 1.9 support. Closes: #801554.
      .
      python-django (1.7.9-1) unstable; urgency=medium
      .
        * New upstream security release:
          https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
          It fixes:
          - CVE-2015-5143: possible denial-of-service by filling session store
          - CVE-2015-5144: possible header injection since validators accept
            newlines in input
      .
      python-django (1.7.7-1) unstable; urgency=high
      .
        * New upstream security and bugfix release:
          https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
          It fixes:
          - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs
            Closes: #780873
          - CVE-2015-2316: Denial-of-service possibility with strip_tags()
            Closes: #780874
      .
      python-django (1.7.6-1) unstable; urgency=high
      .
        * New upstream security release:
          https://www.djangoproject.com/weblog/2015/mar/09/security-releases/
        * Fixes CVE-2015-2241: XSS attack via properties in
          ModelAdmin.readonly_fields
      .
      python-django (1.7.5-1) unstable; urgency=medium
      .
        [ Chris Lamb ]
        * Remove myself from Uploaders.
      .
        [ Raphaël Hertzog ]
        * New upstream bugfix release:
          https://docs.djangoproject.com/en/1.7/releases/1.7.5/
      .
      python-django (1.7.4-1) unstable; urgency=medium
      .
        * Release to unstable and hopefully to Jessie too.
      .
      python-django (1.7.4-1~exp1) experimental; urgency=medium
      .
        * New upstream bugfix release.
        * Drop fix-24193-python34-test-failure.diff, merged upstream.
      .
      python-django (1.7.3-1~exp1) experimental; urgency=high
      .
        [ Luke Faraone ]
        * New upstream security release.
          - WSGI header spoofing via underscore/dash conflation (CVE-2015-0219)
          - Possible XSS attack via user-supplied redirect URLs (CVE-2015-0220)
          - DoS attack against django.views.static.serve (CVE-2015-0221)
          - Database DoS with ModelMultipleChoiceField (CVE-2015-0222)
          Closes: #775375
      .
        [ Raphaël Hertzog ]
        * Add patch fix-24193-python34-test-failure.diff to fix a test failure with
          Python3.4.
      .
      python-django (1.7.2-1) experimental; urgency=medium
      .
        [ Raphaël Hertzog ]
        * Add geoip-database-extra as an alternative to geoip-database-contrib.
      .
        [ Brian May ]
        * New upstream version.
      .
      python-django (1.7.1-1) unstable; urgency=medium
      .
        [ Raphaël Hertzog ]
        * New upstream bugfix release.
        * Drop 01_fix_test_loaddata_not_existant_fixture_file.patch, merged
          upstream.
        * Update Standards-Version to 3.9.6.
        * Add lintian overrides for package-contains-timestamped-gzip (false
          positive).
      .
        [ Brian May ]
        * Fix django-admin wrapper to not even consider using python 2.6 as
          that version is unsupported with Django 1.7.
      .
      python-django (1.7-3) unstable; urgency=medium
      .
        * Add 01_fix_test_loaddata_not_existant_fixture_file.patch
          to fix FTBFS with Python 3.4.2. Closes: #765117
        * Improve migrate-south script to look for Python files in the current dir.
          ./manage.py implicitely has the current directory but when we use
          django-admin it's not the case. Thanks to Uwe Kleine-Koenig for the
          report.
      .
      python-django (1.7-2) unstable; urgency=medium
      .
        * Release to unstable.
        * Add a migrate-south sample script to help users apply their South
          migrations. Thanks to Brian May.
      .
      python-django (1.7-1) experimental; urgency=medium
      .
        * New major upstream release.
        * Add a NEWS file to document the incompatibility with South.
      .
      python-django (1.7~c3-1) experimental; urgency=medium
      .
        * New upstream release candidate with security fixes:
          https://www.djangoproject.com/weblog/2014/aug/20/security/
      .
      python-django (1.7~c2-2) experimental; urgency=medium
      .
        * Merge changes from 1.6.5-4:
          * Don't output stuff to stdout in django-admin. Closes: #757145
          * Update Vcs-* fields since the packaging repository moved to git.
      .
      python-django (1.7~c2-1) experimental; urgency=medium
      .
        * New upstream release candidate.
      .
      python-django (1.7~c1+20140722-2) experimental; urgency=medium
      .
        * Move django-admin manual page in python-django-common. Bump version
          constraint in Breaks/Replaces accordingly.
        * Drop conflicting django-admin in python-django and python3-django that
          were not removed as usual because upstream stopped installing them as
          django-admin.py.
        * Drop extra license files.
        * Fix shebang lines in python3-django.
        * Drop empty left-over /usr/bin directories in python-django/python3-django.
      .
      python-django (1.7~c1+20140722-1) experimental; urgency=medium
      .
        * New upstream release candidate. We want this version in jessie so we
          should prepare now.
        * Snapshot tarball generated with "python setup.py sdist" after having
          applied fix submitted in https://code.djangoproject.com/ticket/23072
        * Added python-sqlparse, python-tz to Recommends
        * Added other optional dependencies (python-memcache, python-pil,
          python-bcrypt) to Suggests
        * Add all those dependencies in Build-Depends for the benefit of the
          test suite.
        * Run the test suite for python2 and python3.
        * Differentiate descriptions of python2 and python3 packages.
      .
      python-django (1.6.6-1) unstable; urgency=high
      .
        * New upstream security release.
          - reverse() can generate URLs pointing to other hosts (CVE-2014-0480)
          - file upload denial of service (CVE-2014-0481)
          - RemoteUserMiddleware session hijacking (CVE-2014-0482)
          - data leakage via querystring manipulation in admin (CVE-2014-0483)
      .
        [ Brian May ]
        * Don't output stuff to stdout in django-admin. Closes: #757145
      .
        [ Raphaël Hertzog ]
        * Update Vcs-* fields since the packaging repository moved to git.
      .
      python-django (1.6.5-3) unstable; urgency=low
      .
        * Replace django-admin with script that can be run as python and shell.
      .
          This means we can autodetect which python version to use when run as
          shell, while maintaining compatability with processes that try to run it
          with a specific python version.
      .
          e.g. See bugs #755341 and #755321.
      .
      python-django (1.6.5-2) unstable; urgency=low
      .
        * python3-django package. Closes: #736878.
      .
      python-django (1.6.5-1) unstable; urgency=high
      .
        * New upstream security release.
         - Caches may be allowed to store and serve private data (CVE-2014-1418)
         - Malformed URLs from user input incorrectly validated
        * Drop partial_functions_reverse.patch (merged upstream).
      .
      python-django (1.6.3-2) unstable; urgency=high
      .
        * Fix regression of reverse() and partial views. (LP: #1311433)
          Thanks Preston Timmons.
      .
      python-django (1.6.3-1) unstable; urgency=high
      .
        * New upstream security release.
          - Unexpected code execution using ``reverse()``
          - CVE-2014-0472
          - Caching of anonymous pages could reveal CSRF token
          - CVE-2014-0473
          - MySQL typecasting could result in unexpected matches
          - CVE-2014-0474
        * Drop patches 07_translation_encoding_fix and ticket21869.diff; merged
          upstream
      .
      python-django (1.6.1-2) unstable; urgency=medium
      .
        * Team upload.
        * d/patches/ticket21869.diff: Cherry pick upstream fix for building
          documentation against Sphinx 1.2.1.
      .
      python-django (1.6.1-1) unstable; urgency=medium
      .
        * New upstream version.
        * Fix broken encoding in translations attribution. (Closes: #729194)
      .
      python-django (1.6-1) unstable; urgency=low
      .
        * New upstream version. Closes: #557474, #724637.
        * python-django now also suggests the installation of ipython,
          bpython, python-django-doc, and libgdal1.
          Closes: #636511, #686333, #704203
        * Set package maintainer to Debian Python Modules Team.
        * Bump standards version to 3.9.5, no changes needed.
      .
      python-django (1.5.4-1) unstable; urgency=high
      .
        * New upstream security release. Fixes CVE-2013-1443. Closes: #723043.
          https://www.djangoproject.com/weblog/2013/sep/15/security/
          - Denial-of-service via large passwords. CVE-2013-1443
      .
      python-django (1.5.3-1) unstable; urgency=high
      .
        * New upstream security release. Fixes CVE-2013-4315. Closes: #722605
          https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/
          - Directory traversal with ssi template tag
        * Update doc-base file to drop some removed directory in the HTML doc.
        * Update Standards-Version to 3.9.4.
        * Bump debhelper compat level to 9.
      .
      python-django (1.5.2-1) unstable; urgency=high
      .
        * New upstream security release.
          https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/
          - Cross-site scripting (XSS) in admin interface
          - Possible XSS via is_safe_url
      .
      python-django (1.5.1-2) unstable; urgency=low
      .
        [ Jakub Wilk ]
        * Use canonical URIs for Vcs-* fields.
      .
        [ Luke Faraone ]
        * Upload to unstable.
      .
      python-django (1.5.1-1) experimental; urgency=low
      .
        * New upstream release.
        * Add self to uploaders field.
      .
      python-django (1.5-1) experimental; urgency=low
      .
        * New upstream release. Closes: #646634, #663230, #436983
      .
      python-django (1.4.5-1) unstable; urgency=high
      .
        * New upstream maintenance release dropping some undesired .pyc files
          and fixing a documentation link.
        * High urgency due to former security updates.
      .
      python-django (1.4.4-1) unstable; urgency=low
      .
        * New upstream security and maintenance release. Closes: #701186
          https://www.djangoproject.com/weblog/2013/feb/19/security/
          Fixes mulptiple security issues:
          - Further fixes for Host header poisoning. CVE-2012-4520
          - XML attacks via entity expansion. CVE-2013-1665
          - Data leakage via admin history log. CVE-2013-0305
          - Formset denial-of-service. CVE-2013-0306
        * Add gettext to Suggests since it's required for django-admin
          compilemessages / makemessages. Closes: #700483
      .
      python-django (1.4.3-1) unstable; urgency=high
      .
        * New upstream security and maintenance release. Closes: #696535
          https://www.djangoproject.com/weblog/2012/dec/10/security/
        * Drop debian/patches/01_fix-self-tests.diff, merged upstream.
      .
      python-django (1.4.2-2) unstable; urgency=low
      .
        * Don't fail self-tests if MANAGERS or ADMINS is defined in settings.py.
          Add upstream patch debian/patches/01_fix-self-tests.diff.
          Thanks to Jamie Strandboge <jamie@ubuntu.com> for the report.
          Closes: #693752 LP: #1080204
      .
      python-django (1.4.2-1) unstable; urgency=high
      .
        * New upstream security and maintenance release. Closes: #691145
          Fixes: CVE-2012-4520
        * Drop 01_use_stdlib_htmlparser_when_possible.diff which has been
          merged upstream.
      .
      python-django (1.4.1-2) unstable; urgency=low
      .
        * New patch 01_use_stdlib_htmlparser_when_possible.diff to not override
          Python stdlib's HTMLParser with Python versions which are unaffected by
          http://bugs.python.org/issue670664 Closes: #683648
          Thanks to David Watson <david@planetwatson.co.uk> for the patch.
        * Update the above patch to use the version committed upstream (commit
          57d9ccc).
      .
      python-django (1.4.1-1) unstable; urgency=low
      .
        * New upstream security and maintenance release. Closes: #683364
          Fixes: CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
        * Drop 01_disable_broken_test.diff and 04_hyphen-manpage.diff which
          have been merged upstream.
      .
      python-django (1.4-1) unstable; urgency=low
      .
        * New upstream release. Closes: #666003
        * Fix watch file to correctly extract the version number from the URL.
        * Updated Standards-Version to 3.9.3 (no change needed).
        * Drop 01_disable_url_verify_regression_tests.diff since upstream test
          suite has been modified to work even without internet connection.
        * Update 04_hyphen-manpage.diff to apply again.
        * Drop 05_fix_djangodocs_sphinx_ext.diff which has been merged
          upstream.
        * Update 06_use_debian_geoip_database_as_default.diff to apply on
          renamed file.
        * Drop 07_fix_for_sphinx1.1.2.diff merged upstream.
        * Drop 08_fix_test_week_view_allow_future.diff, merged upstream.
        * Add 01_disable_broken_test.diff to disable a test that fails with
          the current python 2.7 version in Debian.
      .
      python-django (1.3.1-4) unstable; urgency=medium
      .
        * Add 08_fix_test_week_view_allow_future.diff to fix a regression test that
          only worked in 2011. Closes: #655666
      .
      python-django (1.3.1-3) unstable; urgency=low
      .
        * Add 06_use_debian_geoip_database_as_default.diff to use the default
          location of the GeoIP database used by the Debian package
          geoip-database-contrib. Closes: #645094
          Add this package to suggests. Thanks to Tapio Rantala
          <tapio.rantala@iki.fi> for the patch.
        * Bump build-dep on python-sphinx to 1.0.8 to ensure we have a version
          where #641710 is fixed. Closes: #647134
        * Add 07_fix_for_sphinx1.1.2.diff to fix build with Sphinx 1.1.2. Thanks to
          Jakub Wilk for the advance warning. Closes: #649624
      .
      python-django (1.3.1-2) unstable; urgency=low
      .
        * Update Build-Depends on locales to included a version requirement
          so that locales-all cannot satisfy it with its Provides: locales.
          Thanks to Jakub Wilk for the suggestion.
        * Enable 02_disable-sources-in-sphinxdoc.diff since #641710 has been
          fixed.
        * Add 05_fix_djangodocs_sphinx_ext.diff to support Sphinx 1.0.8.
          Closes: #643758
      .
      python-django (1.3.1-1) unstable; urgency=low
      .
        * New upstream release. It includes security updates described here:
          https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
          Closes: #641405
        * Update 01_disable_url_verify_regression_tests.diff and merge
          07_disable_url_verify_model_tests.diff into it.
        * Update patch headers to conform to DEP-3.
        * Apply patch from Steve Langasek to dynamically build the UTF-8
          locale required by the test-suite instead of build-depending on
          locales-all. Closes: #630421
        * Use "dh --with sphinxdoc" to clean up the Sphinx generated documentation
          and avoid the embedded-javascript-library lintian warning. Build-Depends
          on python-sphinx >= 1.0.7+dfsg-1 for this and also add
          ${sphinxdoc:Depends} to python-django-doc Depends field.
        * Cleanup build-dependencies now that even oldstable has python 2.5.
        * Switch to dh_python2 as python helper tool. Drop legacy files
          debian/pyversions and debian/pycompat.
        * New patch 02_disable-sources-in-sphinxdoc.diff to not generate
          the _sources directory that we used to remove manually within the rules
          file. But must be kept disabled until #641710 is fixed.
        * Properly support DEB_BUILD_OPTIONS=nocheck despite the override
          of dh_auto_test.
      .
      python-django (1.3-2) unstable; urgency=low
      .
        * Team upload.
      .
        [ Chris Lamb ]
        * Don't remove "backup~" test file - upstream did ship it; we were just
          removing it with dh_clean.
      .
        [ Piotr Ożarowski ]
        * Fix builds with non-default Python versions installed
        * Bump Standards-Version to 3.9.2 (no changes needed)
      .
      python-django (1.3-1) unstable; urgency=low
      .
        * New upstream release.
          - Update 01_disable_url_verify_regression_tests.diff.
          - Update 07_disable_url_verify_model_tests.diff.
          - Merge patch from Krzysztof Klimonda to disable more network access tests.
            (Closes: #598674)
        * Add workaround for missing "backup~" file in release tarball. See
          <http://code.djangoproject.com/ticket/15677>.
      .
      python-django (1.2.5-1) unstable; urgency=low
      .
        * New upstream release.
        * Do not compress objects.inv used by Sphinx generated documentation.
          Thanks to Michael Fladischer for the report. Closes: #608769
      .
      python-django (1.2.4-1) unstable; urgency=high
      .
        * New bugfix-only upstream release. It includes security fixes.
          http://www.djangoproject.com/weblog/2010/dec/22/security/
        * Drop patches merged upstream:
          - debian/patches/05_fix_regression_tests.diff
          - debian/patches/06_fix_regression_tests.diff
        * Update 01_disable_url_verify_regression_tests.diff to cope with the
          updated regressions tests.
        * Update 03_manpage.diff and 04_hyphen-manpage.diff to cope with changes in
          the manual page.
      .
      python-django (1.2.3-2) unstable; urgency=low
      .
        * Team upload.
        * Disable model tests that require an internet connection.
          Closes: #601070
        * Include python.mk conditionally as explained in its header.
          Helps backports to Lenny which has no python.mk.
          Closes: #601608
      .
      python-django (1.2.3-1) unstable; urgency=low
      .
        [ Krzysztof Klimonda ]
        * New upstream release. Closes: #596893 LP: #636482
        * Fixes both a XSS vulnerability introduced in 1.2 series and
          the regressions caused by 1.2.2 release. Closes: #596205
        * debian/control:
          - depend on language packs for en_US.utf8 locales required for unit tests.
        * debian/rules:
          - re-enable build time tests.
          - set LC_ALL to en_US.utf8 for test suite.
        * debian/patches/series:
          - two new patches: 05_fix_regression_tests.diff and
            06_fix_regression_tests.diff backported from 1.2.x branch to fix
            test suite failures.
      .
        [ Raphaël Hertzog ]
        * Update Standards-Version to 3.9.1.
        * Drop "--with quilt" and quilt build-dependency since the package is
          already using source format "3.0 (quilt)".
      .
      python-django (1.2.1-1) unstable; urgency=low
      .
        * New upstream bugfix release.
      .
      python-django (1.2-1) unstable; urgency=low
      .
        * New upstream stable release.
      .
      python-django (1.2~rc1-1) experimental; urgency=low
      .
        * New upstream release candidate.
        * Remove "02-embedded_code_copies.diff" - not needed anymore.
        * Refresh "01_disable_url_verify_regression_tests.diff".
        * Refresh "04_hyphen-manpage.diff".
        * Temporarily disable test runner due to failing date-related tests.
      .
      python-django (1.2~beta1-1) experimental; urgency=low
      .
        * New upstream development release.
        * Switch to dpkg-source 3.0 (quilt) format
        * Bump Standards-Version to 3.8.4.
        * Remove "0.96 -> 1.x" NEWS entry.
        * jQuery added to admin system upstream:
          - Add libjs-jquery to python-django's Recommends
          - Use symlinks so we use the version from libjs-query over an embedded code
            copy.
      .
      python-django (1.2~alpha1-1) experimental; urgency=low
      .
        * New upstream development release:
      .
           This is the first in a series of preview/development releases leading up
           to the eventual release of Django 1.2, currently scheduled to take place
           in March 2010.
      .
           <http://docs.djangoproject.com/en/dev//releases/1.2-alpha-1/>
      .
        * Update "01_disable_url_verify_regression_tests.diff" - tests now use the
          unittest module instead of doctests.
        * Update "02-embedded_code_copies.diff".
        * Remove "05_ftbfs_in_november.diff" - applied upstream.
        * Remove "06_python_2.6.3_regression.diff" - applied upstream.
        * Update dh_auto_test - database engine is set differently in 1.2.
        * Remove useless ._DS_Store files.
      .
      python-django (1.1.1-2) unstable; urgency=low
      .
        * Remove embedded "decimal" code copy and use system version instead. The
          "doctest" code copy cannot be removed as parts of Django depend on modified
          behaviour. (Closes: #555419)
        * Fix FTBFS in November by applying patch from upstream bug #12125.
          (Closes: #555931)
        * Fix FTBFS under Python 2.6.3 by applying patch from upstream bug #11993.
          (Closes: #555969)
      .
      python-django (1.1.1-1) unstable; urgency=high
      .
        * New upstream security release - fixes pathological regular expression
          backtracking performance in URL and email fields which can be used as part
          of a denial of service attack.
        * Set Maintainer: to myself with thanks to Brett Parker.
        * Bump versioned build dependency on quilt to help backporters.
          (Closes: #547955)
      .
      python-django (1.1-4) unstable; urgency=low
      .
        * Sourceful upload to drop dependency on Python 2.4.
      .
      python-django (1.1-3) unstable; urgency=low
      .
        * Disable regression tests that require an internet connection. Patch by
          Krzysztof Klimonda <kklimonda@syntaxhighlighted.com>. (Closes: #542996)
        * Bump Standards-Version to 3.8.3.
      .
      python-django (1.1-2) unstable; urgency=low
      .
        * Run testsuite on build.
        * Use "--with quilt" over specifying $(QUILT_STAMPFN)/unpatch dependencies.
        * Override clean target correctly.
      .
      python-django (1.1-1) unstable; urgency=low
      .
        * New upstream release.
        * Merge from experimental:
          - Ship FastCGI initscript and /etc/default file in python-django's examples
            directory (Closes: #538863)
          - Drop "05_10539-sphinx06-compatibility.diff"; it has been applied
            upstream.
          - Bump Standards-Version to 3.8.2.
      .
      python-django (1.0.2-7) unstable; urgency=low
      .
        * Fix compatibility with Python 2.6 and Python transitions in general.
          Thanks to Krzysztof Klimonda <kklimonda@syntaxhighlighted.com>.
      .
      python-django (1.0.2-6) unstable; urgency=low
      .
        * Backport patch from <http://code.djangoproject.com/ticket/10539> to fix
          FTBFS when using python-sphinx >= 0.6. (Closes: #527492)
      .
      python-django (1.0.2-5) unstable; urgency=low
      .
        * Fix issue where newly created projects do not have their manage.py file
          executable.
      .
      python-django (1.0.2-4) unstable; urgency=low
      .
        * Programatically replace most references to "django-admin.py" with
          "django-admin" in the generated documentation. (Closes: #519937)
        * Bump Standards-Version to 3.8.1; no changes.
      .
      python-django (1.0.2-3) unstable; urgency=low
      .
        * Split documentation into a separate python-django-doc package due to size
          (approximately 6Mb).
      .
      python-django (1.0.2-2) unstable; urgency=low
      .
        * Don't rely on the internal layout of python-support. (Closes: #517052)
        * Move to debhelper-based packaging for operational clarity:
          - Remove bashisms from binary-post-install.
          - Use quilt instead of simple-patchsys.mk and adjust existing patches so
            that we can apply with -p1 for the "quilt" source package type.
        * Adjust Build-Depends:
          - Bump debhelper requirement 7.0.50 for override_* feature.
          - Drop cdbs, python-dev and python-setuptools requirement.
          - Just Build-Depend on `python', not `python-dev'.
          - Drop versions on Build-Depends where they are satisfied in current
            oldstable (ie. etch).
        * debian/control:
          - Add python-sqlite to Suggests.
          - Remove repeated 'Priority' line in binary package stanza.
          - Update crufty long and short descriptions.
          - Add ${misc:Depends} in binary stanza for debhelper-using package.
      .
      python-django (1.0.2-1) unstable; urgency=low
      .
        [ Chris Lamb ]
        * New upstream bugfix release. Closes: #505783
        * Add myself to Uploaders with ACK from Brett.
      .
        [ David Spreen ]
        * Remove python-pysqlite2 from Recommends because Python 2.5 includes
          sqlite library used by Django. Closes: 497886
      .
        [ Sandro Tosi ]
        * debian/control
          - switch Vcs-Browser field to viewsvn
      .
      python-django (1.0-1) unstable; urgency=low
      .
        [ David Spreen ]
        * New _stable_ upstream release.
      .
        [ Raphael Hertzog ]
        * This version fixes the latest security issue:
          http://www.djangoproject.com/weblog/2008/sep/02/security/
          Closes: #497765
        * Don't include source files of documentation in the binary package,
          keep only the HTML version.
        * Updated README.Debian with information about the switch from 0.96 to
          1.0.
        * Remove execute right on /etc/bash_completion.d/django_bash_completion
        * Add debian/patches/04_hyphen-manpage.diff to fix a lintian message
          (hyphen-used-as-minus-sign usr/share/man/man1/django-admin.1.gz:156).
        * Don't compress javascript files.
        * Add libjs-jquery to Recommends since it's used by the HTML
          documentation.
      .
      python-django (1.0~beta2+ds-1) unstable; urgency=low
      .
        * Bumping up upstream version to push sources into unstable.
          (Thanks to Raphael Hertzog).
      .
      python-django (1.0~beta2-3) unstable; urgency=low
      .
        [ David Spreen ]
        * Updated the copyright information to include copyright and
          licenses for individual contributions.
        * Added the documentation to the main python-django package:
        * debian/python-django.install
          - Added installation of html documentation.
        * debian/python-django.doc-base
          - Added.
        * debian/control
          - Added Build-Depends-Indep on python-sphinx and libjs-jquery.
        * debian/rules
          - Readded code to build documentation.
          - Readded code to link to libjs-jquery.
        * debian/NEWS
          - Fixed format.
          - Added more comprehensive list of changes and references to
            local documentation as well as the wiki pages for
            backwards-incompatible changes.
        * debian/python-django.docs
          - Removed docs/*.txt since those are templates for the
            generated docs now included with doc-base.
      .
      python-django (1.0~beta2-2) unstable; urgency=low
      .
        [ David Spreen ]
        * Removed all -doc related files temporarily to push beta2 into
          unstable for extensive testing. The -doc package will be
          readded once this package is in unstable as recommended in
          http://lists.debian.org/debian-release/2008/08/msg01475.html.
        * debian/python-django-doc.install
          - Removed.
        * debian/python-django-doc.doc-base
          - Removed.
        * debian/python-django-doc.examples
          - Moved to python-django.examples.
        * debian/rules
          - Removed python-doc related build and post-installation.
        * debian/control
          - Removed binary package python-django-doc.
          - Removed Build-Depends-Indep on python-sphinx and libjs-jquery.
        * debian/python-django.install:
          - Removed multiple package related issues.
      .
      python-django (1.0~beta2-1) experimental; urgency=low
      .
        [ David Spreen ]
        * The `hooray for the documentation' release!
        * New upstream beta release.
        * debian/control
          - Updated standards version.
          - Added python-sphinx and libjs-jquery.
          - Added python-django-doc package depending on libjs-jquery.
        * debian/docs
          - Moved to debian/python-django.docs.
        * debian/install
          - Moved to debian/python-django.install.
        * debian/manpages
          - Moved to debian/python-django.manpages.
        * debian/examples
          - Moved to debian/python-django-doc.examples
        * debian/README.Debian
          - Moved to debian/python-django.README.Debian
        * debian/python-django-doc.doc-base:
          - Added doc-base file for the documentation.
        * debian/python-django-doc.install:
          - Added install file for sphinx generated documentation.
        * debian/rules:
          - Added code to generate documentation with sphinx and
            replace convenience file of jquery.js with the respective
            symlink to libjs-jquery.
      .
      python-django (1.0~beta1-1) experimental; urgency=low
      .
        [ David Spreen ]
        * New upstream beta release. Closes: #492956
        * debian/control: Added myself to Uploaders field.
        * debian/watch: Added mangling for filename and version. Old watch file would
          name the download 'tarball'. Also added mangling to handle alpha and beta
          versioning.
        * Drop debian/patches/01_add_shebang.diff as this has been fixed upstream.
        * Drop debian/patches/02_bash_completion.diff as this has been committed
          upstream http://code.djangoproject.com/ticket/7268.
        * debian/control: Added python-flup to the Suggest field. Closes: #488123
        * debian/patches/03_manpage.diff: Adapted patch to new upstream version.
      .
        [ Jan Dittberner ]
        * add debian/watch file.
      .
      python-django (0.97~svn7534-1) experimental; urgency=low
      .
        * New upstream snapshot. Closes: #409565, #481051
          - Include an XSS security fix (CVE-2008-2302). Closes: #481164
        * Drop debian/patches/04_pg_version_fix.diff as another fix
          has been committed upstream (see http://code.djangoproject.com/ticket/6433
          and http://code.djangoproject.com/changeset/7415).
        * Add some headers to the remaining patches.
      .
      python-django (0.97~svn7189-1) experimental; urgency=low
      .
        * New upstream snapshot including bash completion fix
          Closes: #450913
      .
      python-django (0.97~svn7047-2) experimental; urgency=low
      .
        [ Brett Parker ]
        * Patch for postgresql version issue with 8.3 beta/rc releases
          Closes: #462058
      .
        [ Raphael Hertzog ]
        * Updated Standards-Version to 3.7.3.
        * Adjusted build-dependency on python-setuptools to strip the -1 part.
      .
      python-django (0.97~svn7047-1) experimental; urgency=low
      .
        * New upstream snapshot (rev 7047)
        - tarball prepared by Gabriel Falcão Gonçalves de Moura
          <gabriel@guake-terminal.org>
      .
      python-django (0.97~svn6996-1) experimental; urgency=low
      .
        * New upstream snapshot
        * debian/control:
        - added myself to Uploaders
      .
      python-django (0.97~svn6668-2) UNRELEASED; urgency=low
      .
        [ Raphael Hertzog ]
        * Install examples with dh_installexamples instead of dh_installdocs
          (change done by Ubuntu) as empty files are kept.
      .
        [ Sandro Tosi ]
        * debian/control
          - uniforming Vcs-Browser field
      .
      python-django (0.97~svn6668-1) experimental; urgency=low
      .
        * New SVN snapshot (rev 6668)
          - Auth system delegations
          - Apps can now have thier own management commands
          - Fix for CVE-2007-5712 remote denial of service
            Closes: #448838
        * Fix missing upstream info in changelog
          Closes: #450659
      .
      python-django (0.96+svn6373-1) experimental; urgency=low
      .
        [ Raphael Hertzog ]
        * New SVN snapshot (rev 6373, a few days after the last Django sprint).
        * Note: The version 0.96+svn6034-1 never got uploaded.
        * Rename XS-Vcs* fields to Vcs-* since they are now supported by dpkg.
      .
        [ Piotr Ożarowski ]
        * XS-Vcs-Browser and Homepage fields added
      .
      python-django (0.96+svn6034-1) experimental; urgency=low
      .
        [ Brett Parker]
        * New SVN snapshot (rev 6034).
           * validate and runserver commands now display the number of errors
             (returning back to previous functionality).
           * Small documentation fixes
           * assertRedirects handling for paths with get data
           * start{project,app} no make sure files created are writable
        * Add man page for django-admin to the debian package
      .
      python-django (0.96+svn6020-1) experimental; urgency=low
      .
        * New SVN snapshot (rev 6020).
      .
      python-django (0.96+svn5779-1) experimental; urgency=low
      .
        * SVN snapshot (rev 5779) packaged to experimental as many interesting
          Django applications rely on newer unreleased features.
      .
      python-django (0.96-1) unstable; urgency=low
      .
        [ Brett Parker ]
        * New upstream release - introduces some backwards incompatible changes, see
          README.Debian or the backwards incompatible changes page at
          http://code.djangoproject.com/wiki/BackwardsIncompatibleChanges
        * Add documentation from upstream to /usr/share/doc/python-django
          Closes: #411249
        * Install the bash completion file from extras in to
          /etc/bash_completion.d/django_bash_completion
          Closes: #414399
        * Egg support dropped as it's been dropped by upstream.
      .
      python-django (0.95.1-1) unstable; urgency=low
      .
        [ Brett Parker ]
        * New upstream minor release for security bugs:
          - http://www.djangoproject.com/weblog/2007/jan/21/0951/
            - Fixes a small security vulnerability in the script Django's
              internationalization system uses to compile translation files
              (changeset 4360 in the "0.95-bugfixes" branch).
            - fix for a bug in Django's authentication middleware which could cause
              apparent "caching" of a logged-in user (changeset 4361).
            - patch which disables debugging mode in the flup FastCGI package Django
              uses to launch its FastCGI server, which prevents tracebacks from
              bubbling up during production use (changeset 4363).
          Closes: #407786, #407607
        * Sets Recommends to python-psycopg and moves other database engines to
          the Suggests field.
      .
        [ Raphael Hertzog ]
        * Use python-pysqlite2 as default database engine in Recommends. Others are
          in Suggests. Closes: #403761
        * Add python-psycopg2 in Suggests. Closes: #407489
      .
      python-django (0.95-3) unstable; urgency=low
      .
        * Integrate 2 upstream changesets:
          - http://code.djangoproject.com/changeset/3754 as
            debian/patches/04_sec_fix_auth.diff
            Fixes a possible case of mis-authentication due to bad caching.
            Closes: #407521
          - http://code.djangoproject.com/changeset/3592 as
            debian/patches/03_sec_fix_compile-messages.diff
            Fixes an (unlikely) arbitrary command execution if the user is blindly
            running compile-messages.py on a untrusted set of *.po files.
            Closes: #407519
      .
      python-django (0.95-2) unstable; urgency=low
      .
        [ Piotr Ozarowski ]
        * Added XS-Vcs-Svn field
      .
        [ Brett Parker ]
        * Made manage.py get a shebang with the version of python
          used when running django-admin (closes: #401616)
        * Created a convenience /usr/lib/python-django/bin symlink.
      .
        [ Raphael Hertzog ]
        * Adapted Brett's work to better fit my views of the packaging.
      .
      python-django (0.95-1) unstable; urgency=low
      .
        [ Brett Parker ]
        * 0.95 release - initial packaging
      .
        [ Raphael Hertzog ]
        * Fix recommends: s/python-sqlite/python-pysqlite2/
        * Add debian/pyversions to ensure that we have at least python 2.3 (and to
          work around bug #391689 of python-support).
      b9535ab3