From owner-freebsd-python@freebsd.org  Thu Aug 20 12:15:55 2015
Return-Path: <owner-freebsd-python@freebsd.org>
Delivered-To: freebsd-python@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 24A7F9BD0BF
 for <freebsd-python@mailman.ysv.freebsd.org>;
 Thu, 20 Aug 2015 12:15:55 +0000 (UTC)
 (envelope-from lwhsu@FreeBSD.cs.nctu.edu.tw)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 0CBA5EC4
 for <freebsd-python@freebsd.org>; Thu, 20 Aug 2015 12:15:55 +0000 (UTC)
 (envelope-from lwhsu@FreeBSD.cs.nctu.edu.tw)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 09A439BD0BE; Thu, 20 Aug 2015 12:15:55 +0000 (UTC)
Delivered-To: python@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0933C9BD0BD
 for <python@mailman.ysv.freebsd.org>; Thu, 20 Aug 2015 12:15:55 +0000 (UTC)
 (envelope-from lwhsu@FreeBSD.cs.nctu.edu.tw)
Received: from FreeBSD.cs.nctu.edu.tw (FreeBSD.cs.nctu.edu.tw [140.113.17.209])
 by mx1.freebsd.org (Postfix) with ESMTP id C6A46EC2;
 Thu, 20 Aug 2015 12:15:54 +0000 (UTC)
 (envelope-from lwhsu@FreeBSD.cs.nctu.edu.tw)
Received: by FreeBSD.cs.nctu.edu.tw (Postfix, from userid 1058)
 id 0929C27FB; Thu, 20 Aug 2015 20:15:53 +0800 (CST)
Date: Thu, 20 Aug 2015 20:15:52 +0800
From: Li-Wen Hsu <lwhsu@FreeBSD.org>
To: Mark Felder <feld@FreeBSD.org>
Cc: python <python@freebsd.org>
Subject: Re: py-django vulnerabilities
Message-ID: <20150820121552.GA10322@FreeBSD.cs.nctu.edu.tw>
References: <1439923130.1067596.359551361.446BF03F@webmail.messagingengine.com>
 <1439997826.2721336.360395769.5671C796@webmail.messagingengine.com>
 <CAKBkRUyEgvXn_756CYPz=7V9tFYRhYXi8hcVQ83Q_tb0_BYZAQ@mail.gmail.com>
 <1439998219.2722781.360401857.46FCCBD9@webmail.messagingengine.com>
 <1439998614.2724165.360407393.5F130D70@webmail.messagingengine.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="7AUc2qLy4jB3hD7Z"
Content-Disposition: inline
In-Reply-To: <1439998614.2724165.360407393.5F130D70@webmail.messagingengine.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-BeenThere: freebsd-python@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FreeBSD-specific Python issues <freebsd-python.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-python>, 
 <mailto:freebsd-python-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-python/>
List-Post: <mailto:freebsd-python@freebsd.org>
List-Help: <mailto:freebsd-python-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-python>,
 <mailto:freebsd-python-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2015 12:15:55 -0000


--7AUc2qLy4jB3hD7Z
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Aug 19, 2015 at 10:36:54 -0500, Mark Felder wrote:
> On Wed, Aug 19, 2015, at 10:30, Mark Felder wrote:
> > On Wed, Aug 19, 2015, at 10:27, Li-Wen Hsu wrote:
> > > Thanks for the update.  I have the same patch with you.  But I haven't
> > > had www/py-django-devel pass the poudriere test.  Are you working on
> > > that too?
> >=20
> > I have not yet touched www/py-django-devel. I figure fewer users are
> > affected by it, so I wanted to get the stable releases pushed out first.
>=20
> Setting the snapshot date to 20150819 seems to fetch and build fine. Is
> that OK? Do you follow django development and prefer to carefully choose
> a different snapshot date to avoid any recent bugs/issues that could
> affect users?

GH_TAGNAME should also be updated, or you will get the old code.

I got following error from poudriere.

https://gist.github.com/anonymous/7fdf1a8d9645ef324e82

I am a bit not sure if this is due to our python port infrastructure or
django itself.  Haven't looked into it, but `python setup.py install` on
Mac also failed.

Li-Wen

--=20
Li-Wen Hsu <lwhsu@FreeBSD.org>
http://lwhsu.org

--7AUc2qLy4jB3hD7Z
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJV1cT3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMDdENTNGNjUyMTUzMzVCNzA5NDNGODQ2
NzI3RTc3Qzg4NjJCNjU2AAoJEGcn53yIYrZW9lsQALV52brDcscIAJorRkKfk2P+
g+KUZnoGrZmdAzxvHKlBSg3V+yFDHTv1w5J/0MMrnO9OaD5G501bAOF1qowCeROC
k3ldiOXIwWi/034fI+H4vvw7a6wOoG+QbPW0icyPc+glbx6pSbQl4M9alIYbhgTS
izyb3UkDEJXnYGslujx8jv0l0Mmf2e/tHFbskfd4qRVdmR0sTQuXa6bfMKtCUI4n
BHIB1TbWUVCfJOqykGgiewB/qumHyoj8sz2cOyUamGbrbb9A/MaQ+FWoKAtK+PgN
kcFaii4HYp0vwI1vJ/k8RN2hI3B80gLR+dTxyL4gk+Ulrszs47O9j9EjvQyAzdWP
75P++uUVv87SYazGCwLBlviBDWOhI2gjrZTSDghoU3ysDRGUNbkqJggE9g7SJhgl
1Y8qEZa+3DBipvFGl86WJDlXiO5qXyhSaGXnnuThLJHoZVEUAZyLAr1MhFDwcmkZ
KPoe4yZzJ1CsRXWbyWrgNQ1vm7ph5qH8pA93PNDF2mSo6AGdiBlL9M3cA0iV6vWl
iyb7+tt7LSQ9MuUo8QL+q1PS9P/XkCM9/23XM6akUEGdmxpl1s7lVfMf0OMHp6F0
VcvfvQ0AnbpUAqJ6CYlQBhcrvOEgaGNcJv4Dp//I5zmAddxsXoTqoYUzNjbxi3VG
llBTTIaPs149VLmsJkwH
=/zVq
-----END PGP SIGNATURE-----

--7AUc2qLy4jB3hD7Z--