Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-Django for openSUSE:Factory 
checked in at 2026-07-10 17:33:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django (Old)
 and      /work/SRC/openSUSE:Factory/.python-Django.new.1991 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-Django"

Fri Jul 10 17:33:24 2026 rev:150 rq:1364659 version:5.2.16

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes      
2026-06-10 15:46:35.744413953 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django.new.1991/python-Django.changes    
2026-07-10 17:33:52.497877233 +0200
@@ -1,0 +2,10 @@
+Thu Jul  9 06:45:37 UTC 2026 - Markéta Machová <[email protected]>
+
+- Update to 5.2.16
+  * CVE-2026-48588: Potential exposure of private data via cached
+    Set-Cookie response (bsc#1271029)
+  * CVE-2026-53877: Heap buffer over-read in GDALRaster (bsc#1271030)
+  * CVE-2026-53878: Header injection possibility since
+    DomainNameValidator accepted newlines in input (bsc#1271031)
+
+-------------------------------------------------------------------

Old:
----
  Django-5.2.15.checksum.txt
  django-5.2.15.tar.gz

New:
----
  Django-5.2.16.checksum.txt
  django-5.2.16.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.wutWTt/_old  2026-07-10 17:33:57.586050862 +0200
+++ /var/tmp/diff_new_pack.wutWTt/_new  2026-07-10 17:33:57.606051545 +0200
@@ -26,7 +26,7 @@
 %bcond_with libalternatives
 %endif
 Name:           python-Django
-Version:        5.2.15
+Version:        5.2.16
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause

++++++ Django-5.2.15.checksum.txt -> Django-5.2.16.checksum.txt ++++++
--- /work/SRC/openSUSE:Factory/python-Django/Django-5.2.15.checksum.txt 
2026-06-10 15:46:34.412358754 +0200
+++ 
/work/SRC/openSUSE:Factory/.python-Django.new.1991/Django-5.2.16.checksum.txt   
    2026-07-10 17:33:49.741783183 +0200
@@ -2,7 +2,7 @@
 Hash: SHA256
 
 This file contains MD5, SHA1, and SHA256 checksums for the
-source-code tarball and wheel files of Django 5.2.15, released June 3, 2026.
+source-code tarball and wheel files of Django 5.2.16, released July 7, 2026.
 
 It also includes the commit hash of the release tag, identifying the exact
 source revision the artifacts were built from.
@@ -10,19 +10,14 @@
 To use this file, you will need a working install of PGP or other
 compatible public-key encryption software. You will also need to have
 the Django release manager's public key in your keyring. This key has
-the ID ``2EE82A8D9470983E`` and can be imported from the MIT
-keyserver, for example, if using the open-source GNU Privacy Guard
-implementation of PGP:
+the ID ``131403F4D16D8DC7`` and can be imported from GitHub, for example, if
+using the open-source GNU Privacy Guard implementation of PGP:
 
-    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
-
-or via the GitHub API:
-
-    curl https://github.com/nessita.gpg | gpg --import -
+    curl https://github.com/jacobtylerwalls.gpg | gpg --import -
 
 Once the key is imported, verify this file:
 
-    gpg --verify Django-5.2.15.checksum.txt
+    gpg --verify Django-5.2.16.checksum.txt
 
 Once you have verified this file, you can use normal MD5, SHA1, or SHA256
 checksumming applications to generate the checksums of the Django
@@ -31,44 +26,44 @@
 Release packages
 ================
 
-https://www.djangoproject.com/download/5.2.15/tarball/
-https://www.djangoproject.com/download/5.2.15/wheel/
+https://www.djangoproject.com/download/5.2.16/tarball/
+https://www.djangoproject.com/download/5.2.16/wheel/
 
 MD5 checksums
 =============
 
-9db6f4aaaf130e3f53a4c5255c1b1bcd  django-5.2.15.tar.gz
-1495fc9198ac104f9c53c66472f49f5a  django-5.2.15-py3-none-any.whl
+0fa6df374d72417d9f44f324c35ad4df  django-5.2.16.tar.gz
+740c5363a2688f9eec17ce32db25a331  django-5.2.16-py3-none-any.whl
 
 SHA1 checksums
 ==============
 
-ae2dc3fb0aaf8e60f5339f43f9c2b9441f62a162  django-5.2.15.tar.gz
-dfd2d958cc3a52dd5e7b6271d203ac055acd5f54  django-5.2.15-py3-none-any.whl
+eaffb4974373d59955293e9e87a4052b7e14f55d  django-5.2.16.tar.gz
+cb7aa93cd8ced1dc61c1884008901b259e6efcec  django-5.2.16-py3-none-any.whl
 
 SHA256 checksums
 ================
 
-5154a9bf84ac01dde011e367f355c07dbb329532e06810dcf3ef2af269e236e7  
django-5.2.15.tar.gz
-0eb4a9bb1853a35b0286dbc6d916bd352c8c2687195a7f2d6f80cefd840e4970  
django-5.2.15-py3-none-any.whl
+59ea02020c3136fce14bef0bbece21a10a4febef5eed1c51c22ae468efa22200  
django-5.2.16.tar.gz
+04f354bf9d807a86ad1a8392fe3808d362358a8eafc322848e0e43e59b24371d  
django-5.2.16-py3-none-any.whl
 
 Git tag
 =======
 
-21e98408f84d22191e2c7ee4052bdd12d264fd3f  5.2.15
+The 5.2.16 tag points to commit 6c8eee41f778da87bdd17e27381d3705ed2d068b.
 -----BEGIN PGP SIGNATURE-----
 
-iQIzBAEBCAAdFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmogGwUACgkQLugqjZRw
-mD52CBAApQE0Ko1fJ1eYdczthsTAA8a9SnGNQnlV2oigd9T2YmixygcWNgDTNk94
-V8TRGw/73wVcbk5Lj1c2MvJnKM0jTH6ropxq84Y1K20sleuxgzYODnXmXzfxGmc9
-+wkj/Bw5yOThvf9dw1bpgU9KELMbbIXRdkAtEXImtuPT6GRoxZIjx/JDMqluMnc/
-wc5qkfyciV7Yx/kqt9BOYI7bPtPNxUyiIo1fWVrfHu3dnHuoLrUhAbBoOkMnAalj
-njcQrEXhRbXpkcaiYdSryrPYymJz77+AHTODN1BaVCf7+eAN8hM03po1YIcUsJbn
-XZRyJx1fyLTbhGP7mlRgvAcTUkW+W47uH9zjv77F3EePLhjhaX/NZW9TFOveFl4v
-i8drkzpYiDeFG7EPmbKa07Oul5hwJoCb5oA0MC9TZInCaFLj1QoGcY/1LhlcUTc2
-e+05SQRgwbaoWJ8GikpZ45o2DXNPBuuZlwj4KPHS6qPGcaqkXlFcIxn81VM+Q1Bv
-E5hIsEMmBr3IW85ke6nxhOb9QKnzYFmZjxupwWI6ZMev9qFffr0m1RFlNa90jXsU
-XAw5t2JUr6A6vWn6jhAgu5m63XarD9BqXZgCkNqAJqg3XR/b9Py8DnE8+AA4z+rh
-4QE9Y6OCPfY1IT+rzcLLyk8h6T4QfBX7Wi2wBNuRJ09NLZt320o=
-=JG9V
+iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmpM7SwACgkQExQD9NFt
+jcdNYA/9FZqnpQsFOQLM+awgAMSqbzMYqCRyCj48GVhG60bp98aHi3mZg4vgb41t
+0+x9xJgx7u8VHJQVZcDVSf0bY6zmmutHua3ICrNxrQngNEhaah0ssJlFlCkf6svc
+aDUqFQJtX1Nbo415KOfJJt+E4Scoi4YiK+2fcojz2ymBsnufxWwYpmhBBJB9ND5m
+QI7qaXdaDPTrU0l+7JJoHGEBxfsABu/hvykOxjSVmAlkrldI5dHeYwZEenlCHHhl
+/gEF3WUBvKRE3Eb8LHGGmj6uhD3XgZvbwH98eXjiU8ENqYbtEkevCWA0QuR3QzF4
+VbQwzIKJ814ufu6l87oiJskNWnWPiOEV/2vExrHLgvs6S3Jxho8d68JB7aoqHb5a
+gGD47JAHMjKCwlVIu79L5MyAZEcaj8SfBTboIqbm4SZTrIE7SF6VZPg5pJ9m1DMg
+NRVmuoBVAZqt9pB0T/n1P0DehghortNGbebau9DHJX8Z0Dx+UN9/yT1wMSsn5oZD
+YmYOtAPxreVHaCfLiYbvJ4UjoYvBlAQRlQMHkOYgr+NlNJq3/J/9gJUN+2sZuhLA
+McsDejEQDE6Dm4UCi5qV5hD3T7Rz/6daQTZLINFNru4+R4HkGcMflvZ7tmZsAtpC
+2MAFx5QJjEwGcFv/e3glZWgG28x4VJvWlzcY5MjBtb9SgNJFMX8=
+=UJiz
 -----END PGP SIGNATURE-----

++++++ django-5.2.15.tar.gz -> django-5.2.16.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django/django-5.2.15.tar.gz 
/work/SRC/openSUSE:Factory/.python-Django.new.1991/django-5.2.16.tar.gz differ: 
char 5, line 1

Reply via email to