Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Django for openSUSE:Factory
checked in at 2025-05-13 20:12:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django (Old)
and /work/SRC/openSUSE:Factory/.python-Django.new.30101 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django"
Tue May 13 20:12:16 2025 rev:131 rq:1276782 version:5.2.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes
2025-04-23 15:18:36.688293427 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django.new.30101/python-Django.changes
2025-05-13 20:12:37.004835299 +0200
@@ -1,0 +2,17 @@
+Mon May 12 08:20:40 UTC 2025 - Markéta Machová <mmach...@suse.com>
+
+- Update to 5.2.1 (bsc#1242210)
+ * This release was built using an upgraded setuptools, producing
+ filenames compliant with PEP 491 and PEP 625 and thus addressing
+ a PyPI warning about non-compliant distribution filenames. This
+ change only affects the Django packaging process and does not
+ impact Django’s behavior.
+ * CVE-2025-32873: Denial-of-service possibility in strip_tags()
+ * Fixed a data corruption possibility in file_move_safe() when
+ allow_overwrite=True
+ * Fixed a regression introduced when fixing CVE 2025-26699, where
+ the wordwrap template filter did not preserve empty lines between
+ paragraphs after wrapping text
+ * Fixed many bugs and regressions in Django 5.2, see upstream changelog
+
+-------------------------------------------------------------------
Old:
----
Django-5.2.checksum.txt
Django-5.2.tar.gz
New:
----
Django-5.2.1.checksum.txt
django-5.2.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.4Ld9Um/_old 2025-05-13 20:12:37.616860986 +0200
+++ /var/tmp/diff_new_pack.4Ld9Um/_new 2025-05-13 20:12:37.620861154 +0200
@@ -21,13 +21,13 @@
%bcond_with memcached
%{?sle15_python_module_pythons}
Name: python-Django
-Version: 5.2
+Version: 5.2.1
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause
URL: https://www.djangoproject.com
-Source:
https://www.djangoproject.com/m/releases/5.2/Django-%{version}.tar.gz
-Source1:
https://media.djangoproject.com/pgp/Django-%{version}.checksum.txt
+Source:
https://www.djangoproject.com/m/releases/5.2/django-%{version}.tar.gz
+Source1:
https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.txt
Source2: %{name}.keyring
Source99: python-Django-rpmlintrc
BuildRequires: %{python_module Jinja2 >= 2.9.2}
@@ -94,11 +94,11 @@
gpg --verify %{SOURCE1}
#
# Verify hashes in that file against source tarball.
-echo "`grep -e '^[0-9a-f]\{32\} Django-%{version}.tar.gz' %{SOURCE1} | cut
-c1-32` %{SOURCE0}" | md5sum -c
-echo "`grep -e '^[0-9a-f]\{40\} Django-%{version}.tar.gz' %{SOURCE1} | cut
-c1-40` %{SOURCE0}" | sha1sum -c
-echo "`grep -e '^[0-9a-f]\{64\} Django-%{version}.tar.gz' %{SOURCE1} | cut
-c1-64` %{SOURCE0}" | sha256sum -c
+echo "`grep -e '^[0-9a-f]\{32\} django-%{version}.tar.gz' %{SOURCE1} | cut
-c1-32` %{SOURCE0}" | md5sum -c
+echo "`grep -e '^[0-9a-f]\{40\} django-%{version}.tar.gz' %{SOURCE1} | cut
-c1-40` %{SOURCE0}" | sha1sum -c
+echo "`grep -e '^[0-9a-f]\{64\} django-%{version}.tar.gz' %{SOURCE1} | cut
-c1-64` %{SOURCE0}" | sha256sum -c
-%autosetup -p1 -n Django-%{version}
+%autosetup -p1 -n django-%{version}
%build
%pyproject_wheel
@@ -141,5 +141,5 @@
%python_alternative %{_bindir}/django-admin
%{_datadir}/bash-completion/completions/django_bash_completion-%{python_bin_suffix}.sh
%{python_sitelib}/django
-%{python_sitelib}/[dD]jango-%{version}*-info
+%{python_sitelib}/[Dd]jango-%{version}*-info
++++++ Django-5.2.checksum.txt -> Django-5.2.1.checksum.txt ++++++
--- /work/SRC/openSUSE:Factory/python-Django/Django-5.2.checksum.txt
2025-04-15 20:47:20.269727796 +0200
+++
/work/SRC/openSUSE:Factory/.python-Django.new.30101/Django-5.2.1.checksum.txt
2025-05-13 20:12:36.656820693 +0200
@@ -2,24 +2,24 @@
Hash: SHA256
This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 5.2, released April 2, 2025.
+tarball and wheel files of Django 5.2.1, released May 6, 2025.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring. This key has
-the ID ``3955B19851EA96EF`` and can be imported from the MIT
+the ID ``2EE82A8D9470983E`` and can be imported from the MIT
keyserver, for example, if using the open-source GNU Privacy Guard
implementation of PGP:
- gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF
+ gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
or via the GitHub API:
- curl https://github.com/sarahboyce.gpg | gpg --import -
+ curl https://github.com/nessita.gpg | gpg --import -
Once the key is imported, verify this file:
- gpg --verify Django-5.2.checksum.txt
+ gpg --verify Django-5.2.1.checksum.txt
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
@@ -28,39 +28,41 @@
Release packages
================
-https://www.djangoproject.com/download/5.2/tarball/
-https://www.djangoproject.com/download/5.2/wheel/
+https://www.djangoproject.com/download/5.2.1/tarball/
+https://www.djangoproject.com/download/5.2.1/wheel/
MD5 checksums
=============
-2365e2eb1228298df5bc63bbde049eb2 Django-5.2.tar.gz
-1279aff7c80b1bdc921e28703e0f93b4 Django-5.2-py3-none-any.whl
+317174c6e0593c40e58ec1bd428b1091 django-5.2.1.tar.gz
+7821a8fa6b4193707af79c9b4bc64236 django-5.2.1-py3-none-any.whl
SHA1 checksums
==============
-691d9be1935e40b102fa599a2d54c1dc0289e707 Django-5.2.tar.gz
-bfc1f7d9276c137d477389e71fbb4e849101af75 Django-5.2-py3-none-any.whl
+c8c6571401bede943be6b1ca4babe93cf2612e16 django-5.2.1.tar.gz
+0c2f04440b66d67223e74146ff94b577c7da2dff django-5.2.1-py3-none-any.whl
SHA256 checksums
================
-1a47f7a7a3d43ce64570d350e008d2949abe8c7e21737b351b6a1611277c6d89
Django-5.2.tar.gz
-91ceed4e3a6db5aedced65e3c8f963118ea9ba753fc620831c77074e620e7d83
Django-5.2-py3-none-any.whl
+57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284
django-5.2.1.tar.gz
+a9b680e84f9a0e71da83e399f1e922e1ab37b2173ced046b541c72e1589a5961
django-5.2.1-py3-none-any.whl
-----BEGIN PGP SIGNATURE-----
-iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmftNIotHDQyMjk2NTY2
-K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv
-h0QMAJAgwXxMa/HElDElvmxojqY7H/oZ4obF7QtaywMKrV2IXGDi63RgCr6IIpD/
-rgWgEiyGUT6Mz/LxifkApDG8QQCDpvBW2suVQqDFgDwthX3h7URpypI98OnErskB
-b/ZlD/WGIRUDl8rC5YLHEp+aYXSsoR76cIEuPSnvyXkKGikcB4ti1IJBttjBbbgk
-uMn2WSgpFs1DMfuXvasZ2El3orwYgV7RCdC/GxurmzBcQE4Vdk5tLNHNvxzyZQnG
-K5BO2dHhG6bUMhn75cxOsVfpjcrcSrZt/WzLE8b0JRK6IUto99R8RCGgTPVYbQE1
-5Bo4vaHnjRAjVw6YtT1KKrgYdTf8vDE3I+oNxbljmH92lVQ/g2uoPnqB91hXVboh
-/EQX99MsRMVn6Ja00p40hPzjVvApbSuaBg/CDTlYCfnrj+0Ry0UanqPxnsJNxJmj
-C2rYfYQa6vsd4t99/pzc9pgS4oW8h4Kl1MjBYAft5OlFCbUmYOPRNNjz4TsGlbAq
-8SDOpQ==
-=O1eA
+iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmgatvooHDEyNDMwNCtu
+ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPo5pEACE
+tPY3ZQqbCCvhD17CXkDKU2S/4kJPtQbbvd183nj1MMOwWhNBR5VV15Gvgf9v4sp1
+QaufUfaCUdrbuOsaapU2lf61Q3XKSTZZ6EoBlsmAjfcMbJrV3DzW2dK2L4awGi0/
+bm4tI+94qapSLQAwLK8IJai7Z9kpuptQeeBlNFo52XXuzESL4+ZpvIgqQzbjRU8x
+fMM7+1Wf3mS2wt5vG5araxVovYAJvgXYnlHoGbu8DM9tmO0x2iFCkUuGbCcxTAiJ
+CwSuZOOPiHdIZWgu6M/WR8jZ8c67YMgamb4kukfP3NnNScqvUi+rPCyGGFpnrMwj
+iVHFmKulSI7lBnbjAgkwNNQ1asTiZO/W76MQKgFecUU592RGZKV/oH1rt5vbXeWu
+MkBcaVL6GEgV66bXb13a3P/XB1PQKiCSOO28DJyhYj9eIJnQsuOKN43UUZzrmvEB
+1cJ2/dHj+wJGWs8D9Bx2Yl5bcTgxFoSjb1gt6Vth0NgQuLb8aRP5/DuoNEIAxDdb
+Dv7O2uSE5JFK0P1GxF/N7DIHzSoyUr7vkm5cb1bGBVhxtCa2XPdluojEDKqduxjR
+4jZjB8nswRdZY63V6n4pEVQdkbIgFJdyFaWmoylfqGfZ3JiIGz8WyQQ+jw17V2L1
+sjRHd1y1JPOZKyb2g+QGR0H+AQvqedWZ95XJGirNtw==
+=b+2b
-----END PGP SIGNATURE-----
