Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-Django6 for openSUSE:Factory checked in at 2026-02-04 21:08:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Django6 (Old) and /work/SRC/openSUSE:Factory/.python-Django6.new.1670 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django6" Wed Feb 4 21:08:38 2026 rev:3 rq:1330889 version:6.0.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Django6/python-Django6.changes 2026-01-09 17:06:29.035441026 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django6.new.1670/python-Django6.changes 2026-02-04 21:08:55.195692521 +0100 @@ -1,0 +2,25 @@ +Wed Feb 4 09:14:47 UTC 2026 - Markéta Machová <[email protected]> + +- Update to 6.0.2 + * CVE-2025-13473: Username enumeration through timing difference + in mod_wsgi authentication handler (bsc#1257401) + * CVE-2025-14550: Potential denial-of-service vulnerability via + repeated headers when using ASGI (bsc#1257403) + * CVE-2026-1207: Potential SQL injection via raster lookups on + PostGIS (bsc#1257405) + * CVE-2026-1285: Potential denial-of-service vulnerability in + django.utils.text.Truncator HTML methods (bsc#1257406) + * CVE-2026-1287: Potential SQL injection in column aliases via + control characters (bsc#1257407) + * CVE-2026-1312: Potential SQL injection via QuerySet.order_by + and FilteredRelation (bsc#1257408) + * Fixed a visual regression in Django 6.0 that caused the admin + filter sidebar to wrap below the changelist when filter elements + contained long text + * Fixed a visual regression in Django 6.0 for admin form fields + grouped under a <fieldset> aligned horizontally + * Fixed a regression in Django 6.0 where auto_now_add field values + were not populated during INSERT operations, due to incorrect + parameters passed to field.pre_save() + +------------------------------------------------------------------- Old: ---- Django-6.0.1.checksum.txt django-6.0.1.tar.gz New: ---- Django-6.0.2.checksum.txt django-6.0.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Django6.spec ++++++ --- /var/tmp/diff_new_pack.8dUW42/_old 2026-02-04 21:08:57.635794712 +0100 +++ /var/tmp/diff_new_pack.8dUW42/_new 2026-02-04 21:08:57.643795047 +0100 @@ -27,7 +27,7 @@ %endif %define skip_python311 1 Name: python-Django6 -Version: 6.0.1 +Version: 6.0.2 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause ++++++ Django-6.0.1.checksum.txt -> Django-6.0.2.checksum.txt ++++++ --- /work/SRC/openSUSE:Factory/python-Django6/Django-6.0.1.checksum.txt 2026-01-09 17:06:28.931436715 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django6.new.1670/Django-6.0.2.checksum.txt 2026-02-04 21:08:54.823676942 +0100 @@ -2,7 +2,7 @@ Hash: SHA256 This file contains MD5, SHA1, and SHA256 checksums for the -source-code tarball and wheel files of Django 6.0.1, released January 6, 2026. +source-code tarball and wheel files of Django 6.0.2, released February 3, 2026. To use this file, you will need a working install of PGP or other compatible public-key encryption software. You will also need to have @@ -19,7 +19,7 @@ Once the key is imported, verify this file: - gpg --verify Django-6.0.1.checksum.txt + gpg --verify Django-6.0.2.checksum.txt Once you have verified this file, you can use normal MD5, SHA1, or SHA256 checksumming applications to generate the checksums of the Django @@ -28,40 +28,40 @@ Release packages ================ -https://www.djangoproject.com/download/6.0.1/tarball/ -https://www.djangoproject.com/download/6.0.1/wheel/ +https://www.djangoproject.com/download/6.0.2/tarball/ +https://www.djangoproject.com/download/6.0.2/wheel/ MD5 checksums ============= -08fe66b67df5e0c958acdfdb2177f81d django-6.0.1.tar.gz -e0d69597f37472a27ce895460db01580 django-6.0.1-py3-none-any.whl +0836ceb8f1f4694f87f0a698c64bd00e django-6.0.2.tar.gz +5e170a7a20b0edbb794228a20895cf17 django-6.0.2-py3-none-any.whl SHA1 checksums ============== -72575360c0eae95e2d780009e400c8f17d23cd2a django-6.0.1.tar.gz -116bdcf93d6a463012c24461608fab05c310085f django-6.0.1-py3-none-any.whl +350bfde2ee630b03dde6daf87ad06fac7a8a5642 django-6.0.2.tar.gz +70f23a750efce9d525a94dc2d4a15ce016a1e42b django-6.0.2-py3-none-any.whl SHA256 checksums ================ -ed76a7af4da21551573b3d9dfc1f53e20dd2e6c7d70a3adc93eedb6338130a5f django-6.0.1.tar.gz -a92a4ff14f664a896f9849009cb8afaca7abe0d6fc53325f3d1895a15253433d django-6.0.1-py3-none-any.whl +3046a53b0e40d4b676c3b774c73411d7184ae2745fe8ce5e45c0f33d3ddb71a7 django-6.0.2.tar.gz +610dd3b13d15ec3f1e1d257caedd751db8033c5ad8ea0e2d1219a8acf446ecc6 django-6.0.2-py3-none-any.whl -----BEGIN PGP SIGNATURE----- -iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmldWBQACgkQExQD9NFt -jce4rw/+NzNKpgdWfztlhoyUu16vGifGblxJyXxP4mziSFqTRw9+VWn2EQgCF+6w -yFWt3Uc9uSk/qu6IHETnzenSKJVfWz/Np7emGxRD1V4+WE82iJLVFSMkNHPyoadf -FjqX/5OD0kJXqvbIpNAdg24OpjQqnm/JT8QP2+Jy+xct3Oycvm2wm7HyM88ifLwQ -E26g4UW66rkG1Q3/7bJWwIWQWjTieCwwlZq3qakOpOkv6Bl8BNAQrcyblnwUbxec -rl9QMv1ynQpHSEHKIrIeRoHczDT8rSiy4NoAIDTztLQEFFU7JNT46jX1+zcoPPSt -ayyScSb6qXvV7Cg1vwOdkDClCqtL4Q+B1boHj1IJFOiV+A33uPPh919kPyzmbfwa -9LcVYdmNBaoXkX2oTApSJpGW47w2ypCH8tcroVFvbkq+/Yhwv6bOuPHtb3hkpvnO -s+2GUkYrtRZB6/r3+KLlNdRa0yAbZSyTpA1TxQDzEx1U+piAslpNB0vd4sivoJ1Q -WwtTbirGjIGKAX3Cd9yOAXivFEhPj4+2HoLQys3KOUCzbC+GEgq8SICm2sU/tM11 -O0cmHV2MGbGRUldZ9K4+XWbwVa1UFecIwvu7mlfYz0Ql1AAoEj4nDcwkGXCzsS6t -R7iIBjGQJjljVKun85YN5D+9sNPdQlvCoHLIXHUA45bhj5kc1G0= -=clZC +iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmmB894ACgkQExQD9NFt +jcdrdxAAitAeW6C9Glt4TzkgDakqiXaqsYsBNZxLMVsIDytjy8x8hrXZ0VqvM3Oa +wtr3EHjazgfVxBiXH8/BIneT6RyInMGlLPdXijJfNDSYUs+nRDavVYIvwt0jJOJy +oyaH0yQv1dxVibo94sXlMvshfCGpmF1V+963P/t+EciHjuyrxpvEQCXTPFU16exz +TQFt7Jr2f5VYo4LUl4D24CDGwS1F3PUDkjvbm+ZVT6o8x9Sm1del7fpYBA/iP6g5 +UrnIWlvz1cOXIrijJixcGT93q6Zvr3XEIENDs5eIzDlyzi2sL3ZRG/4Aq0ipCiLo +WfjTkMwWlQyyLod6rpNKtlYyMz8hVRLEDHZkYl0jo5sSWYn3uHn8mxAPcz7PYM2l +n6J5e55ISWYmIvH1jbFplv4pa/EmHOyM+VW/fwVvpuboBi9tKFqM+shMSctpDkeO +bXcK0y+1tVoOBsjnkM82PdTcF9KFUajje0xQ+Bs+n5rLDqV0hJ15qCqd78V/1s+U +RxTbnypFcNifwkFoM0kGIJfaJ9jVDAzSoSJUg4tGwbmf2Nvgw2MT4clz8ZccEfJv +KQbHKwMKEzCF2pvjB3codgbpPSZZEHMRcYfV6tgUrPwJRVqWgoqGcePCXDvd/6S6 +dUo/CwINTBY8yxJELuHEn0wr5I69SD7yzUCpIa3HPYR4jl8/mYk= +=Trbt -----END PGP SIGNATURE----- ++++++ django-6.0.1.tar.gz -> django-6.0.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Django6/django-6.0.1.tar.gz /work/SRC/openSUSE:Factory/.python-Django6.new.1670/django-6.0.2.tar.gz differ: char 5, line 1
