Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Django for openSUSE:Leap:16.0
checked in at 2025-06-10 13:37:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:16.0/python-Django (Old)
and /work/SRC/openSUSE:Leap:16.0/.python-Django.new.19631 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django"
Tue Jun 10 13:37:47 2025 rev:5 rq:1284398 version:5.2.2
Changes:
--------
--- /work/SRC/openSUSE:Leap:16.0/python-Django/python-Django.changes
2025-05-16 08:30:24.036333998 +0200
+++ /work/SRC/openSUSE:Leap:16.0/.python-Django.new.19631/python-Django.changes
2025-06-10 13:37:48.221820787 +0200
@@ -1,0 +2,15 @@
+Thu Jun 5 11:53:48 UTC 2025 - Markéta Machová <mmach...@suse.com>
+
+- Update to 5.2.2 (bsc#1244095)
+ * CVE-2025-48432: Potential log injection via unescaped request path
+ * Fixed a crash when using select_related against a ForeignObject
+ originating from a model with a CompositePrimaryKey
+ * Fixed a regression in Django 5.2 that caused a crash when no
+ arguments were passed into QuerySet.union().
+ * Fixed a regression in Django 5.2 that caused a crash when using OuterRef
+ in PostgreSQL aggregate functions ArrayAgg, StringAgg, and JSONBAgg.
+ * Fixed a bug in Django 5.2 where HttpRequest.get_preferred_type() did not
+ account for media type parameters in Accept headers, reducing specificity
+ in content negotiation.
+
+-------------------------------------------------------------------
Old:
----
Django-5.2.1.checksum.txt
django-5.2.1.tar.gz
New:
----
Django-5.2.2.checksum.txt
django-5.2.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.bLAFiF/_old 2025-06-10 13:37:48.629837752 +0200
+++ /var/tmp/diff_new_pack.bLAFiF/_new 2025-06-10 13:37:48.633837918 +0200
@@ -21,7 +21,7 @@
%bcond_with memcached
%{?sle15_python_module_pythons}
Name: python-Django
-Version: 5.2.1
+Version: 5.2.2
Release: 0
Summary: A high-level Python Web framework
License: BSD-3-Clause
++++++ Django-5.2.1.checksum.txt -> Django-5.2.2.checksum.txt ++++++
--- /work/SRC/openSUSE:Leap:16.0/python-Django/Django-5.2.1.checksum.txt
2025-05-16 08:30:23.716320609 +0200
+++
/work/SRC/openSUSE:Leap:16.0/.python-Django.new.19631/Django-5.2.2.checksum.txt
2025-06-10 13:37:47.893807149 +0200
@@ -1,8 +1,8 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
-This file contains MD5, SHA1, and SHA256 checksums for the source-code
-tarball and wheel files of Django 5.2.1, released May 6, 2025.
+This file contains MD5, SHA1, and SHA256 checksums for the
+source-code tarball and wheel files of Django 5.2.2, released June 4, 2025.
To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
@@ -19,7 +19,7 @@
Once the key is imported, verify this file:
- gpg --verify Django-5.2.1.checksum.txt
+ gpg --verify Django-5.2.2.checksum.txt
Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
@@ -28,41 +28,41 @@
Release packages
================
-https://www.djangoproject.com/download/5.2.1/tarball/
-https://www.djangoproject.com/download/5.2.1/wheel/
+https://www.djangoproject.com/download/5.2.2/tarball/
+https://www.djangoproject.com/download/5.2.2/wheel/
MD5 checksums
=============
-317174c6e0593c40e58ec1bd428b1091 django-5.2.1.tar.gz
-7821a8fa6b4193707af79c9b4bc64236 django-5.2.1-py3-none-any.whl
+782577f532efab32f8119a7071f55d04 django-5.2.2.tar.gz
+5d85fa7778bd65981714e562012a5626 django-5.2.2-py3-none-any.whl
SHA1 checksums
==============
-c8c6571401bede943be6b1ca4babe93cf2612e16 django-5.2.1.tar.gz
-0c2f04440b66d67223e74146ff94b577c7da2dff django-5.2.1-py3-none-any.whl
+87dff3ef8d00b15491d5bb64b2404caf66d8ae59 django-5.2.2.tar.gz
+7964171a3e17b3e3e8aeb2d2bff763d128836d74 django-5.2.2-py3-none-any.whl
SHA256 checksums
================
-57fe1f1b59462caed092c80b3dd324fd92161b620d59a9ba9181c34746c97284
django-5.2.1.tar.gz
-a9b680e84f9a0e71da83e399f1e922e1ab37b2173ced046b541c72e1589a5961
django-5.2.1-py3-none-any.whl
+85852e517f84435e9b13421379cd6c43ef5b48a9c8b391d29a26f7900967e952
django-5.2.2.tar.gz
+997ef2162d04ead6869551b22cde4e06da1f94cf595f4af3f3d3afeae1f3f6fe
django-5.2.2-py3-none-any.whl
-----BEGIN PGP SIGNATURE-----
-iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmgatvooHDEyNDMwNCtu
-ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPo5pEACE
-tPY3ZQqbCCvhD17CXkDKU2S/4kJPtQbbvd183nj1MMOwWhNBR5VV15Gvgf9v4sp1
-QaufUfaCUdrbuOsaapU2lf61Q3XKSTZZ6EoBlsmAjfcMbJrV3DzW2dK2L4awGi0/
-bm4tI+94qapSLQAwLK8IJai7Z9kpuptQeeBlNFo52XXuzESL4+ZpvIgqQzbjRU8x
-fMM7+1Wf3mS2wt5vG5araxVovYAJvgXYnlHoGbu8DM9tmO0x2iFCkUuGbCcxTAiJ
-CwSuZOOPiHdIZWgu6M/WR8jZ8c67YMgamb4kukfP3NnNScqvUi+rPCyGGFpnrMwj
-iVHFmKulSI7lBnbjAgkwNNQ1asTiZO/W76MQKgFecUU592RGZKV/oH1rt5vbXeWu
-MkBcaVL6GEgV66bXb13a3P/XB1PQKiCSOO28DJyhYj9eIJnQsuOKN43UUZzrmvEB
-1cJ2/dHj+wJGWs8D9Bx2Yl5bcTgxFoSjb1gt6Vth0NgQuLb8aRP5/DuoNEIAxDdb
-Dv7O2uSE5JFK0P1GxF/N7DIHzSoyUr7vkm5cb1bGBVhxtCa2XPdluojEDKqduxjR
-4jZjB8nswRdZY63V6n4pEVQdkbIgFJdyFaWmoylfqGfZ3JiIGz8WyQQ+jw17V2L1
-sjRHd1y1JPOZKyb2g+QGR0H+AQvqedWZ95XJGirNtw==
-=b+2b
+iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhAMRIoHDEyNDMwNCtu
+ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmgqD/9b
+ON8sroesSKb2lAdjUe2XFKceWBpSjySACsPwLko5gPhfxJ9gn0XEDQccYw6U4KkJ
+PbRlrKKNr1zqX3IfRoggg3E6GU/rw9LUqgB2GByuBRjyZe29bF0KWiLWVmjLL6c8
+WszgKZxYu73vBfHcY1StLVSGMHxMlolvWikhpS4taHKOsYLmYxFnPdDeLjC/hYyb
+tYjfdaKgDm5czpy9Put+Kzu15KcW0PqHAuPJtcGHo3l7lfRSd/m9X6iNtUXmsN8J
+H8kLEzfG91tUuHl7UgFpZpSEGqnRV/dM+s+fKeVJC9t6Jsu8lbQp3omMaBl/SCwV
+qicA9Go9cqUoDLz8JSkv0YCOGAyUZyOvjlW8zAkoRQuCcEkDxLh2VsdRRB7Z0E7K
+SvDq03XZwXeBUpQAbkoZ+TpS4EoiydY7I7PTq5k+yzMEoid+k7sRclfndeTpAmPf
+7Xtq3KDPnIKo+7maECiKVeEfCUIgxXygEz3fbrYTn9LcDcFnGWKA9/DH/9yD4+zR
+AS4RI0k0PUWzbq/6+A+3BqQTo75dLxm/BHpyd9NoddYIsuhwlLq3IU+SopR8vG2/
+bydqaovZuiyHS59vGgMuAFJIaeW5/TW8zoLvRVekVG0nCVgcj17pR7zqa6EGKefS
+6ydabjbxzeFC3qdYiOIneghfIUnk3HeVQRLd0Vw58w==
+=Pk1M
-----END PGP SIGNATURE-----
++++++ django-5.2.1.tar.gz -> django-5.2.2.tar.gz ++++++
/work/SRC/openSUSE:Leap:16.0/python-Django/django-5.2.1.tar.gz
/work/SRC/openSUSE:Leap:16.0/.python-Django.new.19631/django-5.2.2.tar.gz
differ: char 5, line 1
