Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-Django6 for openSUSE:Factory checked in at 2026-06-10 15:49:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Django6 (Old) and /work/SRC/openSUSE:Factory/.python-Django6.new.2375 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Django6" Wed Jun 10 15:49:32 2026 rev:7 rq:1358184 version:6.0.6 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Django6/python-Django6.changes 2026-05-06 19:23:34.023115611 +0200 +++ /work/SRC/openSUSE:Factory/.python-Django6.new.2375/python-Django6.changes 2026-06-10 15:49:35.503863059 +0200 @@ -1,0 +2,17 @@ +Tue Jun 9 12:23:30 UTC 2026 - Markéta Machová <[email protected]> + +- Update to 6.0.6 + * CVE-2026-6873: Signed cookie salt namespace collision (bsc#1267578) + * CVE-2026-7666: Potential unencrypted email transmission via STARTTLS + in the SMTP backend (bsc#1267579) + * CVE-2026-8404: Potential exposure of private data via case-sensitive + Cache-Control directives (bsc#1267580) + * CVE-2026-35193: Potential exposure of private data via missing + Vary: Authorization (bsc#1267576) + * CVE-2026-48587: Potential exposure of private data via whitespace + padding in Vary header (bsc#1267577) + * Fixed a bug in Django 6.0 where an alert message on an admin changelist + with ModelAdmin.list_editable referred to the “Run” button by its + previous name + +------------------------------------------------------------------- Old: ---- Django-6.0.5.checksum.txt django-6.0.5.tar.gz New: ---- Django-6.0.6.checksum.txt django-6.0.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Django6.spec ++++++ --- /var/tmp/diff_new_pack.a1nUBg/_old 2026-06-10 15:49:37.907962683 +0200 +++ /var/tmp/diff_new_pack.a1nUBg/_new 2026-06-10 15:49:37.935963844 +0200 @@ -27,7 +27,7 @@ %endif %define skip_python311 1 Name: python-Django6 -Version: 6.0.5 +Version: 6.0.6 Release: 0 Summary: A high-level Python Web framework License: BSD-3-Clause ++++++ Django-6.0.5.checksum.txt -> Django-6.0.6.checksum.txt ++++++ --- /work/SRC/openSUSE:Factory/python-Django6/Django-6.0.5.checksum.txt 2026-05-06 19:23:33.851108515 +0200 +++ /work/SRC/openSUSE:Factory/.python-Django6.new.2375/Django-6.0.6.checksum.txt 2026-06-10 15:49:34.167807694 +0200 @@ -2,24 +2,27 @@ Hash: SHA256 This file contains MD5, SHA1, and SHA256 checksums for the -source-code tarball and wheel files of Django 6.0.5, released May 5, 2026. +source-code tarball and wheel files of Django 6.0.6, released June 3, 2026. + +It also includes the commit hash of the release tag, identifying the exact +source revision the artifacts were built from. To use this file, you will need a working install of PGP or other compatible public-key encryption software. You will also need to have the Django release manager's public key in your keyring. This key has -the ID ``3955B19851EA96EF`` and can be imported from the MIT +the ID ``2EE82A8D9470983E`` and can be imported from the MIT keyserver, for example, if using the open-source GNU Privacy Guard implementation of PGP: - gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF + gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E or via the GitHub API: - curl https://github.com/sarahboyce.gpg | gpg --import - + curl https://github.com/nessita.gpg | gpg --import - Once the key is imported, verify this file: - gpg --verify Django-6.0.5.checksum.txt + gpg --verify Django-6.0.6.checksum.txt Once you have verified this file, you can use normal MD5, SHA1, or SHA256 checksumming applications to generate the checksums of the Django @@ -28,38 +31,44 @@ Release packages ================ -https://www.djangoproject.com/download/6.0.5/tarball/ -https://www.djangoproject.com/download/6.0.5/wheel/ +https://www.djangoproject.com/download/6.0.6/tarball/ +https://www.djangoproject.com/download/6.0.6/wheel/ MD5 checksums ============= -44c18a8f264c1326e6fe4f1053fea5fc django-6.0.5.tar.gz -7d1da677b7b2fd7521ccb0595424f6d4 django-6.0.5-py3-none-any.whl +b45e074d29f85e1417fb2d2ea97c2df3 django-6.0.6.tar.gz +15a34bf4b721155c67d3079c78c045b2 django-6.0.6-py3-none-any.whl SHA1 checksums ============== -b9f5649872874dd17cf1c9d7cc25617cb23c5b7c django-6.0.5.tar.gz -8e36cdca04efb6d15149c6c8790464b4241d6229 django-6.0.5-py3-none-any.whl +e96b895019c21b8dc19b6ae983c9315216222941 django-6.0.6.tar.gz +ca756ca3e6af380db3ba61c7a923051e55665757 django-6.0.6-py3-none-any.whl SHA256 checksums ================ -bc6d6872e98a2864c836e42edd644b362db311147dd5aa8d5b82ba7a032f5269 django-6.0.5.tar.gz -9d58a7cb49244e74c8e161d5e403a46d6209f1009ba40f5a66d6aa0d0786a8f0 django-6.0.5-py3-none-any.whl +ad03916ba59523d781ae5c3f631960c23d69a9d9c43cecda52fc23b47e953713 django-6.0.6.tar.gz +25148b1194c47c2e685e5f5e9c5d59c78b075dfd282cb9618861ba6c1708f4d2 django-6.0.6-py3-none-any.whl + +Git tag +======= +ee93f65169c280c9ab3d2ce103dd478c96d05065 6.0.6 -----BEGIN PGP SIGNATURE----- -iQGzBAEBCAAdFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmn57fAACgkQOVWxmFHq -lu9FIQv+JBIh0AriW0feexr73HhD9DJZw3dYaljCMHv/lUgtyUZSesrj7FldleOm -RrmYsyYWQ0lBx9hM9zpVWQOSBUesiTUo0tYFRI9kKbIdFYH9Fwefegjzm8S2D77P -5cbHBxM93WfkkyWKdKGHNQTZhcbJnqyde3OF8Ex9tXAIOqF9HIa88WPfK4ustsTG -wPHAFQ/qe3bb4wN/aBTy/Yd67nnKn/1UHgOEIUMxS1BNCK8DK0rEGNgVSwGLoRyW -RGr/+/bAtha7BkTDSUA6vCQCP9MOYL3YHyWBgPNEDlSwHbRXwuiv/zm3eqroP235 -Wd66l2vyJGcPNQl+imNPjXCDeHRT0xB+eYm6FsSlz7fWoMAcZ1pOpD854k4yu3un -zQVeOl02BEELDjEcfWAETYyXdMOfYYnjQMGtuhYPkA8eo4F1j2QRlpcMzUFS2K4f -nYqNAs6Ho2IM/yypYhHPOrquGF+4sd1UDNvHsp1oDn5k8ZxJbMrCISNKecR9tArb -Pi67DLsc -=B4Gz +iQIzBAEBCAAdFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmogFx8ACgkQLugqjZRw +mD40gw//Z0fLsfdEPQDP/O08hquUCY7LZMpRTBlbr2EqtLm8UXt9zEWc3C6hdWSW +KQphP9DNguTviFuMNNddTtUt3X2AQe1C9nNlFF+GB7njPvQjzHvdZ5z5kn74gsdH +WlP2TjzAuaBBp/c1m1dYBJSBl8GTXbZuxRlbl1CiXAZTOtnNLUJz575Uj0ffixIU +4cgyBaHt+lK9QctmzHbrvBMJzqVXkQAekxvZmvpBcW8WwGtlkUY8af0q0yhCI+cD +ZwmuxhxFmRmMkJBuuT0DuU4EYuEQSpbUoDDrage8/G+n/jEemQDQ7T5EeTqPnIFQ +kuGzz6Udwr5sYgxbMHVO+nhCYBLh4/3pRk+1su+b3iv6XJSH6Rg7S57pnmjuDaBe +ZSmqzjh3wp1krwzXbbkjoDOG38cghhLAAWvUTNHtjtKoyj1E6683EKzBVqATccA1 +o5/2vPJonBUjjecUw2FNo2jed7mHyKxL0VTdwHEUuyC+f3izjKEXbULAfJfKD3Wl +htDkjFfptYR9cKvpqjFThuZjhOBJOp8YeyDgtq6xScNxifVWB/wemIcY9IRQAG6a +bwZDB+0nX8d2pYqvGX5ie/fyeGkEsrPGOH3+aLBus4PgwNbKcaoxSiiTSnhjYERC +j+1PZ6XNlWBXALlzJ4NVwN8lJJN/PqqRif0tqkheeEBESwMVwac= +=3N06 -----END PGP SIGNATURE----- ++++++ django-6.0.5.tar.gz -> django-6.0.6.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-Django6/django-6.0.5.tar.gz /work/SRC/openSUSE:Factory/.python-Django6.new.2375/django-6.0.6.tar.gz differ: char 5, line 1
