py-django-allauth: updated to 0.61.1
0.61.1 (2024-02-09) ******************* Fixes ----- - Fixed a ``RuntimeWarning`` that could occur when running inside an async environment (``'SyncToAsync' was never awaited``). Security notice --------------- - As part of the Google OAuth handshake, an ID token is obtained by direct machine to machine communication between the server running django-allauth and Google. Because of this direct communication, we are allowed to skip checking the token signature according to the `OpenID Connect Core 1.0 specification <https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation>`_. However, as django-allauth is used and built upon by third parties, this is an implementation detail with security implications that is easily overlooked. To mitigate potential issues, verifying the signature is now only skipped if it was django-allauth that actually fetched the access token.
This commit is contained in:
parent
91a19116cf
commit
a7822cbcaf
|
@ -1,6 +1,6 @@
|
|||
# $NetBSD: Makefile,v 1.7 2024/02/08 14:01:00 adam Exp $
|
||||
# $NetBSD: Makefile,v 1.8 2024/02/11 19:47:46 adam Exp $
|
||||
|
||||
DISTNAME= django-allauth-0.61.0
|
||||
DISTNAME= django-allauth-0.61.1
|
||||
PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
|
||||
CATEGORIES= www python
|
||||
MASTER_SITES= ${MASTER_SITE_PYPI:=d/django-allauth/}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.6 2024/02/08 14:01:00 adam Exp $
|
||||
@comment $NetBSD: PLIST,v 1.7 2024/02/11 19:47:46 adam Exp $
|
||||
${PYSITELIB}/${WHEEL_INFODIR}/AUTHORS
|
||||
${PYSITELIB}/${WHEEL_INFODIR}/LICENSE
|
||||
${PYSITELIB}/${WHEEL_INFODIR}/METADATA
|
||||
|
@ -270,10 +270,12 @@ ${PYSITELIB}/allauth/locale/tr/LC_MESSAGES/django.mo
|
|||
${PYSITELIB}/allauth/locale/tr/LC_MESSAGES/django.po
|
||||
${PYSITELIB}/allauth/locale/uk/LC_MESSAGES/django.mo
|
||||
${PYSITELIB}/allauth/locale/uk/LC_MESSAGES/django.po
|
||||
${PYSITELIB}/allauth/locale/zh_CN/LC_MESSAGES/django.mo
|
||||
${PYSITELIB}/allauth/locale/zh_Hans/LC_MESSAGES/django.mo
|
||||
${PYSITELIB}/allauth/locale/zh_Hans/LC_MESSAGES/django.po
|
||||
${PYSITELIB}/allauth/locale/zh_Hant/LC_MESSAGES/django.mo
|
||||
${PYSITELIB}/allauth/locale/zh_Hant/LC_MESSAGES/django.po
|
||||
${PYSITELIB}/allauth/locale/zh_TW/LC_MESSAGES/django.mo
|
||||
${PYSITELIB}/allauth/mfa/__init__.py
|
||||
${PYSITELIB}/allauth/mfa/__init__.pyc
|
||||
${PYSITELIB}/allauth/mfa/__init__.pyo
|
||||
|
@ -367,6 +369,12 @@ ${PYSITELIB}/allauth/socialaccount/forms.pyo
|
|||
${PYSITELIB}/allauth/socialaccount/helpers.py
|
||||
${PYSITELIB}/allauth/socialaccount/helpers.pyc
|
||||
${PYSITELIB}/allauth/socialaccount/helpers.pyo
|
||||
${PYSITELIB}/allauth/socialaccount/internal/__init__.py
|
||||
${PYSITELIB}/allauth/socialaccount/internal/__init__.pyc
|
||||
${PYSITELIB}/allauth/socialaccount/internal/__init__.pyo
|
||||
${PYSITELIB}/allauth/socialaccount/internal/jwtkit.py
|
||||
${PYSITELIB}/allauth/socialaccount/internal/jwtkit.pyc
|
||||
${PYSITELIB}/allauth/socialaccount/internal/jwtkit.pyo
|
||||
${PYSITELIB}/allauth/socialaccount/migrations/0001_initial.py
|
||||
${PYSITELIB}/allauth/socialaccount/migrations/0001_initial.pyc
|
||||
${PYSITELIB}/allauth/socialaccount/migrations/0001_initial.pyo
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
$NetBSD: distinfo,v 1.6 2024/02/08 14:01:00 adam Exp $
|
||||
$NetBSD: distinfo,v 1.7 2024/02/11 19:47:46 adam Exp $
|
||||
|
||||
BLAKE2s (django-allauth-0.61.0.tar.gz) = ada5b3e4c6c11d034af4dbfe1c15f790cc97b43eff01c5ebca563c5afcfb5740
|
||||
SHA512 (django-allauth-0.61.0.tar.gz) = 92410a1993933b4cbc0866affdcbbab94b06ac7adb536c3454716ef8b2a56d458b708e26dbd5e9fe0ab331b014ce8ca0d139fb23ba72d33071366443420bfca6
|
||||
Size (django-allauth-0.61.0.tar.gz) = 946345 bytes
|
||||
BLAKE2s (django-allauth-0.61.1.tar.gz) = 26856e76215cbf6af302f2a63959591719d2d1f04fcb0d6bbe4802435b6eaa9d
|
||||
SHA512 (django-allauth-0.61.1.tar.gz) = c9ad0b206a4967d542a67d97e8973d4d83fe030fa71d8fad1f43b81fb388895a7d9c339f49d536cccfad5b3f606ea02dd31bc5e41328579d092b00e7e0a1b936
|
||||
Size (django-allauth-0.61.1.tar.gz) = 951524 bytes
|
||||
|
|
Loading…
Reference in New Issue