Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-Django for openSUSE:Factory checked in at 2026-02-06 21:29:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Django (Old) and /work/SRC/openSUSE:Factory/.python-Django.new.1670 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django" Fri Feb 6 21:29:55 2026 rev:144 rq:1330890 version:5.2.11 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes 2026-01-12 10:23:46.755543682 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django.new.1670/python-Django.changes 2026-02-06 21:30:01.517405303 +0100 @@ -1,0 +2,17 @@ +Tue Feb 3 14:07:21 UTC 2026 - Markéta Machová <[email protected]> + +- Update to 5.2.11 + * CVE-2025-13473: Username enumeration through timing difference + in mod_wsgi authentication handler (bsc#1257401) + * CVE-2025-14550: Potential denial-of-service vulnerability via + repeated headers when using ASGI (bsc#1257403) + * CVE-2026-1207: Potential SQL injection via raster lookups on + PostGIS (bsc#1257405) + * CVE-2026-1285: Potential denial-of-service vulnerability in + django.utils.text.Truncator HTML methods (bsc#1257406) + * CVE-2026-1287: Potential SQL injection in column aliases via + control characters (bsc#1257407) + * CVE-2026-1312: Potential SQL injection via QuerySet.order_by + and FilteredRelation (bsc#1257408) + +------------------------------------------------------------------- Old: ---- Django-5.2.10.checksum.txt django-5.2.10.tar.gz New: ---- Django-5.2.11.checksum.txt django-5.2.11.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Django.spec ++++++ --- /var/tmp/diff_new_pack.FFpiiv/_old 2026-02-06 21:30:02.601450785 +0100 +++ /var/tmp/diff_new_pack.FFpiiv/_new 2026-02-06 21:30:02.605450953 +0100 @@ -26,7 +26,7 @@ %bcond_with libalternatives %endif Name: python-Django -Version: 5.2.10 +Version: 5.2.11 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause ++++++ Django-5.2.10.checksum.txt -> Django-5.2.11.checksum.txt ++++++ --- /work/SRC/openSUSE:Factory/python-Django/Django-5.2.10.checksum.txt 2026-01-12 10:23:46.483532521 +0100 +++ /work/SRC/openSUSE:Factory/.python-Django.new.1670/Django-5.2.11.checksum.txt 2026-02-06 21:30:01.133389191 +0100 @@ -2,7 +2,7 @@ Hash: SHA256 This file contains MD5, SHA1, and SHA256 checksums for the -source-code tarball and wheel files of Django 5.2.10, released January 6, 2026. +source-code tarball and wheel files of Django 5.2.11, released February 3, 2026. To use this file, you will need a working install of PGP or other compatible public-key encryption software. You will also need to have @@ -19,7 +19,7 @@ Once the key is imported, verify this file: - gpg --verify Django-5.2.10.checksum.txt + gpg --verify Django-5.2.11.checksum.txt Once you have verified this file, you can use normal MD5, SHA1, or SHA256 checksumming applications to generate the checksums of the Django @@ -28,40 +28,40 @@ Release packages ================ -https://www.djangoproject.com/download/5.2.10/tarball/ -https://www.djangoproject.com/download/5.2.10/wheel/ +https://www.djangoproject.com/download/5.2.11/tarball/ +https://www.djangoproject.com/download/5.2.11/wheel/ MD5 checksums ============= -98e667c17123f7bbd2d7d1db32f9ccdd django-5.2.10.tar.gz -18c82b021ddfeae5703023a784e46945 django-5.2.10-py3-none-any.whl +051357d45eb71a115a64e6d2a79c7c51 django-5.2.11.tar.gz +973d1cfd7ffe46a8a5172936356d9403 django-5.2.11-py3-none-any.whl SHA1 checksums ============== -a215351eb827f0f8dbab6a83db334dfd45a040d8 django-5.2.10.tar.gz -363f7332c354a91cfd40cbcd4a1df4291064fc64 django-5.2.10-py3-none-any.whl +58d89e51c622e85e0672aefc8557e5cbcbef6249 django-5.2.11.tar.gz +a9656fb9b27e6ceeaa25d32bea17fbbe801fad6f django-5.2.11-py3-none-any.whl SHA256 checksums ================ -74df100784c288c50a2b5cad59631d71214f40f72051d5af3fdf220c20bdbbbe django-5.2.10.tar.gz -cf85067a64250c95d5f9067b056c5eaa80591929f7e16fbcd997746e40d6c45c django-5.2.10-py3-none-any.whl +7f2d292ad8b9ee35e405d965fbbad293758b858c34bbf7f3df551aeeac6f02d3 django-5.2.11.tar.gz +e7130df33ada9ab5e5e929bc19346a20fe383f5454acb2cc004508f242ee92c0 django-5.2.11-py3-none-any.whl -----BEGIN PGP SIGNATURE----- -iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmldU1gACgkQExQD9NFt -jccJlA//cN08kKwniqRtHV7cxkqugTTP11AiZirz/QDjWnzmyTT9cUEv7sbHF3An -uJQyVaqHuOITbi437vuLyBR4Z+tN1XA3AGe+TdXeHWmmHhDS2xMzuDUuBzrACfVp -+H1pFSCVtp0koLJHUOtOHmxAsjsBirCJDawY8x2t5cpAiHH1bUn/NkpcNbSKJnUV -FhdbygZnV9ZLbnhsyu++Ym7XT3QdoL4V2GsYsqru3hlwei3jexVZx9RjIUC/krqs -hgC3NyOs0KvHyehjAKZdvcIjFa38mpMxmpXdWpMMPyoN0p6SdBQ8cE+oa83jsrzK -YeHQgGXhbB3ALJ4mIwJirIyyMmEQdTx/Zeh++IayGUUzuoNWi88b3IGCNOOhGRPp -tr0EqM4YKr1pgmNibr5UGwHk1bW3ugT2nUEIs2XnQUb3ItQMEyeh2scuL2IpSkVW -EWJb7CT3WomxSc8xWRm39/g9voXBhQt3dtUBv/VL+MdBBqsK5fL14A0tKd8HagBJ -jo1xVnO6730CIsM61ydHhi5ZGCoXADBS1IFPYPGeaTN3xsMsRPjEkf8KFI/idmkE -HnvuZq3Z0h6ipTR+zdzzNhpP+6VOKBaxgDeU64DGYlSEMvdFJE8HQhmzz9Pks0va -k6qCiXOskgozRGFuiFj2KUQ+a4Qj3UwSOgg6Z5ztbU2aTytgG38= -=GJeZ +iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmmB9j4ACgkQExQD9NFt +jccrXg/8DWkbI/HKqCQO8dpZdQAMrJuo0y+VJkTDwB3RM8UGmnC29twd7OTUSwc6 +BAHSrp0VSHiLtDej/pYnpE9hxvsqf+pL/wW1NoWZrZfYKph4putUT6XNcCDocHlQ +O0rjc+S1Mm0dVPCio96L4k1AgcIwpBMwH6gP4cXk+ssgk7ksopjlazvaEZackOcj +bfh7H1j2+8CTgw+RUtR4uw6raFKJh0CfhUXvqPz3Y6Bzu0yATQPuVrf6NtzCpKxq +s4wj0MyXmosgqGnad0KBvd4Psjwpv/OBbrrPXJcRkxtiV5wM7uC7Cv88nVOgZU9g +ugZCIjEPhA7FUbmLexCdr1qj9sewcLttI6NhrYMgz+wdMwYtpTFcnxZ3I2iFdbzT +/7ZCepqMpnvFFfJQmXEUd3Nmlb9CM6UOAhGsI0/UkT9/t/p5e0bKdXR/WI2HbQKv +w81V0dbQmKxWz/4FKv01o84pdpwALOGZdsP2QZ4RbHLgDgvNzGlV53+J9w89CdoV +kK+rRt5XYqZEv/X0ZoxnkQD9YjfP2DEde45y70P0yQ89tuyHmlx+WoFF8yLclQxZ +sHcnabLrGJjMPTGbGbnCXKbHYx4HEiXN/fYDk/ArbV1pKhOmk1cWD9+DwdY1OpEc +YsLgt7KuC07B8yjFGG/P+lntJNgmYKpl7mCWQi2Gcr6B4x7Pmxc= +=0aqI -----END PGP SIGNATURE----- ++++++ django-5.2.10.tar.gz -> django-5.2.11.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Django/django-5.2.10.tar.gz /work/SRC/openSUSE:Factory/.python-Django.new.1670/django-5.2.11.tar.gz differ: char 5, line 1
