Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-Django for openSUSE:Factory checked in at 2025-12-09 12:46:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Django (Old) and /work/SRC/openSUSE:Factory/.python-Django.new.1939 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django" Tue Dec 9 12:46:45 2025 rev:141 rq:1321589 version:5.2.9 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes 2025-11-07 18:21:39.181412608 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django.new.1939/python-Django.changes 2025-12-09 12:51:57.315986003 +0100 @@ -1,0 +2,12 @@ +Mon Dec 8 11:54:46 UTC 2025 - Markéta Machová <[email protected]> + +- Update to 5.2.9 (bsc#1254437) + * CVE-2025-13372: Potential SQL injection in FilteredRelation column + aliases on PostgreSQL + * CVE-2025-64460: Potential denial-of-service vulnerability in XML + Deserializer + * Fixed a crash on Python 3.14+ that prevented template tag functions + from being registered + * Fixed more bugs and regressions, see upstream release notes + +------------------------------------------------------------------- Old: ---- Django-5.2.8.checksum.txt django-5.2.8.tar.gz New: ---- Django-5.2.9.checksum.txt django-5.2.9.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Django.spec ++++++ --- /var/tmp/diff_new_pack.ecri5b/_old 2025-12-09 12:52:09.156485492 +0100 +++ /var/tmp/diff_new_pack.ecri5b/_new 2025-12-09 12:52:09.160485661 +0100 @@ -26,7 +26,7 @@ %bcond_with libalternatives %endif Name: python-Django -Version: 5.2.8 +Version: 5.2.9 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause ++++++ Django-5.2.8.checksum.txt -> Django-5.2.9.checksum.txt ++++++ --- /work/SRC/openSUSE:Factory/python-Django/Django-5.2.8.checksum.txt 2025-11-07 18:21:37.457340069 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django.new.1939/Django-5.2.9.checksum.txt 2025-12-09 12:51:55.859924579 +0100 @@ -2,7 +2,7 @@ Hash: SHA256 This file contains MD5, SHA1, and SHA256 checksums for the -source-code tarball and wheel files of Django 5.2.8, released November 5, 2025. +source-code tarball and wheel files of Django 5.2.9, released December 2, 2025. To use this file, you will need a working install of PGP or other compatible public-key encryption software. You will also need to have @@ -19,7 +19,7 @@ Once the key is imported, verify this file: - gpg --verify Django-5.2.8.checksum.txt + gpg --verify Django-5.2.9.checksum.txt Once you have verified this file, you can use normal MD5, SHA1, or SHA256 checksumming applications to generate the checksums of the Django @@ -28,41 +28,40 @@ Release packages ================ -https://www.djangoproject.com/download/5.2.8/tarball/ -https://www.djangoproject.com/download/5.2.8/wheel/ +https://www.djangoproject.com/download/5.2.9/tarball/ +https://www.djangoproject.com/download/5.2.9/wheel/ MD5 checksums ============= -0268c52cb99bb764490fdd90502def32 django-5.2.8.tar.gz -60ed4555e2f91cc881b2293ad78bf423 django-5.2.8-py3-none-any.whl +e7d89ddfdca79542039dbab31e4bede8 django-5.2.9.tar.gz +42dd57f28b8dd5750ef76b64277d3e9e django-5.2.9-py3-none-any.whl SHA1 checksums ============== -41d50f7b49e3c60ad0e3e873c1474f883640d179 django-5.2.8.tar.gz -50d9ad23cef8ebe6cc7d17004e65ae6b5dbabc37 django-5.2.8-py3-none-any.whl +7a086625e45275159590da36818923da76beeb8d django-5.2.9.tar.gz +c0808a610ea903a17736634e9c21556ea9d675e4 django-5.2.9-py3-none-any.whl SHA256 checksums ================ -23254866a5bb9a2cfa6004e8b809ec6246eba4b58a7589bc2772f1bcc8456c7f django-5.2.8.tar.gz -37e687f7bd73ddf043e2b6b97cfe02fcbb11f2dbb3adccc6a2b18c6daa054d7f django-5.2.8-py3-none-any.whl +16b5ccfc5e8c27e6c0561af551d2ea32852d7352c67d452ae3e76b4f6b2ca495 django-5.2.9.tar.gz +3a4ea88a70370557ab1930b332fd2887a9f48654261cdffda663fef5976bb00a django-5.2.9-py3-none-any.whl -----BEGIN PGP SIGNATURE----- -iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmkLRQooHDEyNDMwNCtu -ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPsFxD/4h -zgUToQHe7WgIhVOHKe2ARgXDhA/4yooteYTLoFl6vFzt4r+h+7/3LH8/XucJwYWa -O9SimNT0MhtcWKM0l3jczGMhr3pH7zeBUExtzyPVyycTyQ5KgbDVEgf+w4ua+Jo3 -BzQBnUkJN9Ofc/uQqIAj0X3zjp9NE7uNZpOLzpRUwulrUQ7ieFAAhs3JrCM2mmTF -KnudQkY50zIHy9OX8mSvF8OslFQ9Z84ZPlHfqaQzN6uDNIRujMu9sSbvbiWgpQ9h -Tp/MVRppmlKXcZjM5M+vT0sqT4Ac/OepkSSVMSKAKHNPOpsG3wC/ouclkgG6Wv2Z -6r6Ea2LND8HoMHUhScir558g3pF6p9NW5vrK3Qd7cS4G6idv2eVzzHqYH8WORG9s -5HnldOGhRF6ONAwSveEbViQ6/fzWYsROrCa5+IOfELtg7Uc+ji3eQSqFvyR7rPxt -Ux+LVvgWfODNEjTlrqZQDaPDU4P7gy6So5vzXe+eciyyNxgftmlpWSHMliXcYjxo -gxUh6EPjklxFQ8fmFecCz57CJ0oXT2qB3iNDyTft3qqetgWeJ72d9rVMLLXmHLOe -oRKFS3QXXBr+sIdxWB2Fgu2g8X5ky3O9wIgN7OzQ2p4pCja+NSmxlhJxJwUomgjA -UHvOPP6hwSp1TQdcoauXD72A+t0TkYLuZ03Dfzkh1Q== -=ci0h +iQIzBAEBCAAdFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmku3VwACgkQLugqjZRw +mD5F3g//dIdnKXZmSm2DAUNOKK97RSceCWzcbL9GAEclVz2F1Nnj8ZkXM+T060Lk +yYZnWVpfwyux/ak1tjWWKfI28jrZ8TQBq5l/MHELYL4s2exel9oQXFqkfyqUlwga +S/OdhXZavabW+aAdVe/OMC7AnFbCRo5dbM1XF9U5KOtEG2FsU0RkqOyIpXZvZ/Tk +jQD7DzGco7lWEbtiZSe9sAPzImW3hRWKHkxo+IRiAPqNNRjIlK9o/voiqWzEYco6 +A3wWLSmAgUDTXfkcSbkVsETev7dpzhlBQZN1CDTMR3fzsLevdvqxMZYaENwg+K/x +ARtUaMBsVhbB/Z4NO0OYrHe4aQbDxS/e2RjBWQG5hIXWwhbNNtrfZ9kxnJRcRgur +xyl3GBuN9vLC0BgGpdmg0FTBwpervJiHYcmcxY93IxcM7/WMb3qFEN7XZxJIrwW/ +5qBa3+q1sjoqI1RF7MIhCUAhDO56MRFx1dn1iF8iokXjrKpOmf4pKr/1qujaC8rs +KN+Fs99PHGmbXgpb/AfP9nVDPTZFFO2iLbpwICOqTmT9yiFI7lYRt2N4ozb0hcI4 +o/1LkjE9JDpYKa1DeoIwlMnC18EJJfI3NMDIHzUFzS0jLGtIoM5A7xf4fK0+t26U +AMZIegmynfVhyfMHUaVwPL9LFtiFqdUX7fPTrFlO2pmtCAFMgy8= +=kZfB -----END PGP SIGNATURE----- ++++++ django-5.2.8.tar.gz -> django-5.2.9.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Django/django-5.2.8.tar.gz /work/SRC/openSUSE:Factory/.python-Django.new.1939/django-5.2.9.tar.gz differ: char 5, line 1
