From 461552526ba6a655643af525ee4901c848ede891 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=BCtz?=
 <robert.schuetz@stud.uni-heidelberg.de>
Date: Mon, 24 Dec 2018 11:10:30 +0100
Subject: [PATCH] python.pkgs.django_1_8: 1.8.18 -> 1.8.19

This fixes CVE-2018-7536 and CVE-2018-7537:
https://www.djangoproject.com/weblog/2018/mar/06/security-releases/

cc https://github.com/NixOS/nixpkgs/issues/52679
---
 pkgs/development/python-modules/django/1_8.nix           | 5 ++---
 pkgs/development/python-modules/graphite-web/default.nix | 2 +-
 pkgs/top-level/python-packages.nix                       | 2 +-
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/pkgs/development/python-modules/django/1_8.nix b/pkgs/development/python-modules/django/1_8.nix
index e87a9cbad02..30d75e73c68 100644
--- a/pkgs/development/python-modules/django/1_8.nix
+++ b/pkgs/development/python-modules/django/1_8.nix
@@ -6,12 +6,11 @@
 
 buildPythonPackage rec {
   name = "Django-${version}";
-  version = "1.8.18";
-  disabled = pythonOlder "2.7";
+  version = "1.8.19";
 
   src = fetchurl {
     url = "http://www.djangoproject.com/m/releases/1.8/${name}.tar.gz";
-    sha256 = "1ishvbihr9pain0486qafb18dnb7v2ppq34nnx1s8f95bvfiqqf7";
+    sha256 = "0iy0ni9j1rnx9b06ycgbg2dkrf3qid3y2jipk9x28cykz5f4mm1k";
   };
 
   # too complicated to setup
diff --git a/pkgs/development/python-modules/graphite-web/default.nix b/pkgs/development/python-modules/graphite-web/default.nix
index 51a7fd9b5d2..229e35b6ca4 100644
--- a/pkgs/development/python-modules/graphite-web/default.nix
+++ b/pkgs/development/python-modules/graphite-web/default.nix
@@ -1,7 +1,7 @@
 { stdenv, buildPythonPackage, fetchPypi, isPy3k, which
 , django, django_tagging, whisper, pycairo, cairocffi, ldap, memcached, pytz, urllib3, scandir
 }:
-if django.version != "1.8.18"
+if django.version != "1.8.19"
 || django_tagging.version != "0.4.3"
 then throw "graphite-web should be build with django_1_8 and django_tagging_0_4_3"
 else buildPythonPackage rec {
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 9011f993321..398cd92a52e 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -2215,7 +2215,7 @@ in {
   django_tagging = callPackage ../development/python-modules/django_tagging { };
 
   django_tagging_0_4_3 = if
-       self.django.version != "1.8.18"
+       self.django.version != "1.8.19"
   then throw "django_tagging_0_4_3 should be build with django_1_8"
   else (callPackage ../development/python-modules/django_tagging {}).overrideAttrs (attrs: rec {
     pname = "django-tagging";