Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Django for openSUSE:Factory
checked in at 2025-07-08 15:28:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django (Old)
and /work/SRC/openSUSE:Factory/.python-Django.new.7373 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django"
Tue Jul 8 15:28:05 2025 rev:133 rq:1290998 version:5.2.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes
2025-06-10 08:59:48.769828010 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django.new.7373/python-Django.changes
2025-07-08 15:28:22.996600086 +0200
@@ -1,0 +2,16 @@
+Thu Jul 3 12:47:34 UTC 2025 - Markéta Machová <mmach...@suse.com>
+
+- Update to 5.2.4
+ * Fixed a log injection possibility by migrating remaining response logging
+ to django.utils.log.log_response(), which safely escapes arguments
+ such as the request path to prevent unsafe log output (CVE 2025-48432).
+ * Fixed a regression in Django 5.2 that caused QuerySet.bulk_update() to
+ incorrectly convert None to JSON null instead of SQL NULL for JSONField
+ * Fixed a regression in Django 5.2.2 where the q parameter was removed from
+ the internal django.http.MediaType.params property
+ * Fixed a regression in Django 5.2.2 where HttpRequest.get_preferred_type()
+ incorrectly preferred more specific media types with a lower quality
+ * Fixed a crash in Django 5.2 when performing an __in lookup involving a
+ composite primary key and a subquery on certain backends
+
+-------------------------------------------------------------------
Old:
----
Django-5.2.2.checksum.txt
django-5.2.2.tar.gz
New:
----
Django-5.2.4.checksum.txt
django-5.2.4.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.7U1nsq/_old 2025-07-08 15:28:23.804633866 +0200
+++ /var/tmp/diff_new_pack.7U1nsq/_new 2025-07-08 15:28:23.804633866 +0200
@@ -21,7 +21,7 @@
%bcond_with memcached
%{?sle15_python_module_pythons}
Name: python-Django
-Version: 5.2.2
+Version: 5.2.4
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause
++++++ Django-5.2.2.checksum.txt -> Django-5.2.4.checksum.txt ++++++
--- /work/SRC/openSUSE:Factory/python-Django/Django-5.2.2.checksum.txt
2025-06-10 08:59:48.649823058 +0200
+++
/work/SRC/openSUSE:Factory/.python-Django.new.7373/Django-5.2.4.checksum.txt
2025-07-08 15:28:22.048560453 +0200
@@ -2,7 +2,7 @@
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the
-source-code tarball and wheel files of Django 5.2.2, released June 4, 2025.
+source-code tarball and wheel files of Django 5.2.4, released July 2, 2025.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
@@ -19,7 +19,7 @@
Once the key is imported, verify this file:
- gpg --verify Django-5.2.2.checksum.txt
+ gpg --verify Django-5.2.4.checksum.txt
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
@@ -28,41 +28,41 @@
Release packages
================
-https://www.djangoproject.com/download/5.2.2/tarball/
-https://www.djangoproject.com/download/5.2.2/wheel/
+https://www.djangoproject.com/download/5.2.4/tarball/
+https://www.djangoproject.com/download/5.2.4/wheel/
MD5 checksums
=============
-782577f532efab32f8119a7071f55d04 django-5.2.2.tar.gz
-5d85fa7778bd65981714e562012a5626 django-5.2.2-py3-none-any.whl
+6ecc4875e8cdc08706faea1cc4740fdf django-5.2.4.tar.gz
+fee657f7686462d388f274c5f92b634a django-5.2.4-py3-none-any.whl
SHA1 checksums
==============
-87dff3ef8d00b15491d5bb64b2404caf66d8ae59 django-5.2.2.tar.gz
-7964171a3e17b3e3e8aeb2d2bff763d128836d74 django-5.2.2-py3-none-any.whl
+de45d44e1bb2ceb1c08b8fd0846de920874f71a1 django-5.2.4.tar.gz
+a6a7904e3749a0e8937a50643293889929b4b6f7 django-5.2.4-py3-none-any.whl
SHA256 checksums
================
-85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952
django-5.2.2.tar.gz
-997ef2162d04ead6869551b22cde4e06da1f94cf595f4af3f3d3afeae1f3f6fe
django-5.2.2-py3-none-any.whl
+a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f
django-5.2.4.tar.gz
+60c35bd96201b10c6e7a78121bd0da51084733efa303cc19ead021ab179cef5e
django-5.2.4-py3-none-any.whl
-----BEGIN PGP SIGNATURE-----
-iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhAMRIoHDEyNDMwNCtu
-ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmgqD/9b
-ON8sroesSKb2lAdjUe2XFKceWBpSjySACsPwLko5gPhfxJ9gn0XEDQccYw6U4KkJ
-PbRlrKKNr1zqX3IfRoggg3E6GU/rw9LUqgB2GByuBRjyZe29bF0KWiLWVmjLL6c8
-WszgKZxYu73vBfHcY1StLVSGMHxMlolvWikhpS4taHKOsYLmYxFnPdDeLjC/hYyb
-tYjfdaKgDm5czpy9Put+Kzu15KcW0PqHAuPJtcGHo3l7lfRSd/m9X6iNtUXmsN8J
-H8kLEzfG91tUuHl7UgFpZpSEGqnRV/dM+s+fKeVJC9t6Jsu8lbQp3omMaBl/SCwV
-qicA9Go9cqUoDLz8JSkv0YCOGAyUZyOvjlW8zAkoRQuCcEkDxLh2VsdRRB7Z0E7K
-SvDq03XZwXeBUpQAbkoZ+TpS4EoiydY7I7PTq5k+yzMEoid+k7sRclfndeTpAmPf
-7Xtq3KDPnIKo+7maECiKVeEfCUIgxXygEz3fbrYTn9LcDcFnGWKA9/DH/9yD4+zR
-AS4RI0k0PUWzbq/6+A+3BqQTo75dLxm/BHpyd9NoddYIsuhwlLq3IU+SopR8vG2/
-bydqaovZuiyHS59vGgMuAFJIaeW5/TW8zoLvRVekVG0nCVgcj17pR7zqa6EGKefS
-6ydabjbxzeFC3qdYiOIneghfIUnk3HeVQRLd0Vw58w==
-=Pk1M
+iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhlfcIoHDEyNDMwNCtu
+ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPj5DD/94
+KOuOZ5JHtZWknqi1JeV1akzB/RpY7lhL9SbJbVXhdAxOY9Cn4eUG7NsPWa9JnhX1
+F/2geBE5mjOZen4ARtGHWxa5vqidqUbscrU9AkqPLn6aecEKi2jXXNkYmmWw/37K
+wb92BQtuWkaXyiZ4E6Sledx9yFhcqMDFg27CdNYfAqUWofI6zzSmLIzOlOSVR9Sc
+uDrfRqQ4GXlRGT5pIkcIxE0ZKToUYrKgn99PZOmBcLfJgQ4VBt62J6SzZAhhElb3
+DUMcVhG2XNIhg7v7DwlVodowDYQdRi2H/ahAa7/m1+uugRbysoGSLLwP+50tDjlj
+07zxoJsrL5R9zaMp4pcXQN4bUy3rDz94DkjlXO51f8LwDdStvk4VOYan1W5S9BhP
+R0conCFfcg4+iK0pV5e/GeeTwBRHQw8p5RuWfrEpKFi/XQtT0u01hqUGppeuZ9wI
+f+Ud9RA8Nrw0ouli4WvfH0RVFuMgUFqScwO88oatuUH5CDPjlV+5usNb7FrmZXv6
+AWRopONOcYGF07+FYh0nsoE8enWyxE+JWTJzxT5PGZ3buUO0hlnJ+auoJv8yOVii
+ELCSUyi93glWonCBrS41XrNO6+6K/8V9V6iv9/PdGwF1GszbX5Rx4e2lDMA7crYh
+1qKGaV3+iAO+Y+vXt6VTy6h5GLg9hun+RQ8TU3Guyg==
+=d9C5
-----END PGP SIGNATURE-----
++++++ django-5.2.2.tar.gz -> django-5.2.4.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django/django-5.2.2.tar.gz
/work/SRC/openSUSE:Factory/.python-Django.new.7373/django-5.2.4.tar.gz differ:
char 5, line 1
