commit python-Django for openSUSE:Factory

Source-Sync Wed, 10 Jun 2026 06:47:25 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-Django for openSUSE:Factory 
checked in at 2026-06-10 15:45:56
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django (Old)
 and      /work/SRC/openSUSE:Factory/.python-Django.new.2375 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "python-Django"

Wed Jun 10 15:45:56 2026 rev:149 rq:1358178 version:5.2.15

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django/python-Django.changes      
2026-05-07 15:43:27.667420919 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django.new.2375/python-Django.changes    
2026-06-10 15:46:35.744413953 +0200
@@ -1,0 +2,14 @@
+Tue Jun  9 12:19:52 UTC 2026 - Markéta Machová <[email protected]>
+
+- Update to 5.2.15
+  * CVE-2026-6873: Signed cookie salt namespace collision (bsc#1267578)
+  * CVE-2026-7666: Potential unencrypted email transmission via STARTTLS
+    in the SMTP backend (bsc#1267579)
+  * CVE-2026-8404: Potential exposure of private data via case-sensitive
+    Cache-Control directives (bsc#1267580)
+  * CVE-2026-35193: Potential exposure of private data via missing
+    Vary: Authorization (bsc#1267576)
+  * CVE-2026-48587: Potential exposure of private data via whitespace
+    padding in Vary header (bsc#1267577)
+
+-------------------------------------------------------------------

Old:
----
  Django-5.2.14.checksum.txt
  django-5.2.14.tar.gz

New:
----
  Django-5.2.15.checksum.txt
  django-5.2.15.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-Django.spec ++++++
--- /var/tmp/diff_new_pack.wX5JNH/_old  2026-06-10 15:46:36.912462357 +0200
+++ /var/tmp/diff_new_pack.wX5JNH/_new  2026-06-10 15:46:36.912462357 +0200
@@ -26,7 +26,7 @@
 %bcond_with libalternatives
 %endif
 Name:           python-Django
-Version:        5.2.14
+Version:        5.2.15
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause

++++++ Django-5.2.14.checksum.txt -> Django-5.2.15.checksum.txt ++++++
--- /work/SRC/openSUSE:Factory/python-Django/Django-5.2.14.checksum.txt 
2026-05-07 15:43:27.555416387 +0200
+++ 
/work/SRC/openSUSE:Factory/.python-Django.new.2375/Django-5.2.15.checksum.txt   
    2026-06-10 15:46:34.412358754 +0200
@@ -2,24 +2,27 @@
 Hash: SHA256
 
 This file contains MD5, SHA1, and SHA256 checksums for the
-source-code tarball and wheel files of Django 5.2.14, released May 5, 2026.
+source-code tarball and wheel files of Django 5.2.15, released June 3, 2026.
+
+It also includes the commit hash of the release tag, identifying the exact
+source revision the artifacts were built from.
 
 To use this file, you will need a working install of PGP or other
 compatible public-key encryption software. You will also need to have
 the Django release manager's public key in your keyring. This key has
-the ID ``3955B19851EA96EF`` and can be imported from the MIT
+the ID ``2EE82A8D9470983E`` and can be imported from the MIT
 keyserver, for example, if using the open-source GNU Privacy Guard
 implementation of PGP:
 
-    gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF
+    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
 
 or via the GitHub API:
 
-    curl https://github.com/sarahboyce.gpg | gpg --import -
+    curl https://github.com/nessita.gpg | gpg --import -
 
 Once the key is imported, verify this file:
 
-    gpg --verify Django-5.2.14.checksum.txt
+    gpg --verify Django-5.2.15.checksum.txt
 
 Once you have verified this file, you can use normal MD5, SHA1, or SHA256
 checksumming applications to generate the checksums of the Django
@@ -28,38 +31,44 @@
 Release packages
 ================
 
-https://www.djangoproject.com/download/5.2.14/tarball/
-https://www.djangoproject.com/download/5.2.14/wheel/
+https://www.djangoproject.com/download/5.2.15/tarball/
+https://www.djangoproject.com/download/5.2.15/wheel/
 
 MD5 checksums
 =============
 
-baec6c1729f0377f0c319ce8652a227a  django-5.2.14.tar.gz
-1c6b52e6b7cf1172ae9d1d6ec820b09d  django-5.2.14-py3-none-any.whl
+9db6f4aaaf130e3f53a4c5255c1b1bcd  django-5.2.15.tar.gz
+1495fc9198ac104f9c53c66472f49f5a  django-5.2.15-py3-none-any.whl
 
 SHA1 checksums
 ==============
 
-b1d57e4e3b6ccf5d8daac075d549a09126da78f3  django-5.2.14.tar.gz
-0f44e388314d66e21d9a6134504e476a25155775  django-5.2.14-py3-none-any.whl
+ae2dc3fb0aaf8e60f5339f43f9c2b9441f62a162  django-5.2.15.tar.gz
+dfd2d958cc3a52dd5e7b6271d203ac055acd5f54  django-5.2.15-py3-none-any.whl
 
 SHA256 checksums
 ================
 
-58a63ba841662e5c686b57ba1fec52ddd68c0b93bd96ac3029d55728f00bf8a2  
django-5.2.14.tar.gz
-6f712143bd3064310d1f50fac859c3e9a274bdcfc9595339853be7779297fc76  
django-5.2.14-py3-none-any.whl
+5154a9bf84ac01dde011e367f355c07dbb329532e06810dcf3ef2af269e236e7  
django-5.2.15.tar.gz
+0eb4a9bb1853a35b0286dbc6d916bd352c8c2687195a7f2d6f80cefd840e4970  
django-5.2.15-py3-none-any.whl
+
+Git tag
+=======
 
+21e98408f84d22191e2c7ee4052bdd12d264fd3f  5.2.15
 -----BEGIN PGP SIGNATURE-----
 
-iQGzBAEBCAAdFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmn58FMACgkQOVWxmFHq
-lu8rnAv/Uv04aLRN+PqiZqbYzQJ/iZu1D+VYOOiuR/2EX5iQKTWx23HOx7esvMk/
-3qEscdhF30eaLSpfDqOCl3AcrqU5TNzRz8miXS7FSQ1mIx+sKmSG77/vI2QGWfT2
-ZH+oAc8qv5neXUkDaI7GpzNT6pl3m4icYP+mcFJTsua2N4E2DuU5/NbvClgnNX2n
-e4CyePHmMp5gS++qOliXRPV7vcS7TzZDCCmzsKoZHQ8ZfTdqqjui4ZFHBQmNr9+W
-N8anKhZDi8LuRUT2L8uhHIjfCaUCba3CcvGVg9/X8KF9T9WNEGn3oGweUl/ol6No
-phKT8LwsIBY7CrAGu92TqRnC6gozUc3MxzqzoMqtMhtcZQBBA1KF102XJ2q596i7
-EmEdVyTYpkPdTT59BZEy9K9PtFJD4oHUpSOOyXHIIVMFvFuiJSbg+cV7jyg9KVSo
-LeP+i4P4SDHQVu925pYX3tveDGlVVyWD/MAMgQhMIfSng8GVqdOk2GieFMLD7QEe
-mPRq5bhY
-=2666
+iQIzBAEBCAAdFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmogGwUACgkQLugqjZRw
+mD52CBAApQE0Ko1fJ1eYdczthsTAA8a9SnGNQnlV2oigd9T2YmixygcWNgDTNk94
+V8TRGw/73wVcbk5Lj1c2MvJnKM0jTH6ropxq84Y1K20sleuxgzYODnXmXzfxGmc9
++wkj/Bw5yOThvf9dw1bpgU9KELMbbIXRdkAtEXImtuPT6GRoxZIjx/JDMqluMnc/
+wc5qkfyciV7Yx/kqt9BOYI7bPtPNxUyiIo1fWVrfHu3dnHuoLrUhAbBoOkMnAalj
+njcQrEXhRbXpkcaiYdSryrPYymJz77+AHTODN1BaVCf7+eAN8hM03po1YIcUsJbn
+XZRyJx1fyLTbhGP7mlRgvAcTUkW+W47uH9zjv77F3EePLhjhaX/NZW9TFOveFl4v
+i8drkzpYiDeFG7EPmbKa07Oul5hwJoCb5oA0MC9TZInCaFLj1QoGcY/1LhlcUTc2
+e+05SQRgwbaoWJ8GikpZ45o2DXNPBuuZlwj4KPHS6qPGcaqkXlFcIxn81VM+Q1Bv
+E5hIsEMmBr3IW85ke6nxhOb9QKnzYFmZjxupwWI6ZMev9qFffr0m1RFlNa90jXsU
+XAw5t2JUr6A6vWn6jhAgu5m63XarD9BqXZgCkNqAJqg3XR/b9Py8DnE8+AA4z+rh
+4QE9Y6OCPfY1IT+rzcLLyk8h6T4QfBX7Wi2wBNuRJ09NLZt320o=
+=JG9V
 -----END PGP SIGNATURE-----

++++++ django-5.2.14.tar.gz -> django-5.2.15.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django/django-5.2.14.tar.gz 
/work/SRC/openSUSE:Factory/.python-Django.new.2375/django-5.2.15.tar.gz differ: 
char 5, line 1

commit python-Django for openSUSE:Factory

Reply via email to