Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-Django6 for openSUSE:Factory 
checked in at 2026-07-09 22:20:34
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Django6 (Old)
 and      /work/SRC/openSUSE:Factory/.python-Django6.new.1991 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-Django6"

Thu Jul  9 22:20:34 2026 rev:8 rq:1364658 version:6.0.7

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Django6/python-Django6.changes    
2026-06-10 15:49:35.503863059 +0200
+++ /work/SRC/openSUSE:Factory/.python-Django6.new.1991/python-Django6.changes  
2026-07-09 22:21:32.910558993 +0200
@@ -1,0 +2,13 @@
+Thu Jul  9 06:36:54 UTC 2026 - Markéta Machová <[email protected]>
+
+- Update to 6.0.7
+  * CVE-2026-48588: Potential exposure of private data via cached
+    Set-Cookie response (bsc#1271029)
+  * CVE-2026-53877: Heap buffer over-read in GDALRaster (bsc#1271030)
+  * CVE-2026-53878: Header injection possibility since
+    DomainNameValidator accepted newlines in input (bsc#1271031)
+  * Fixed a regression in Django 6.0 where the PBKDF2 and MD5 password
+    hashers raised UnicodeDecodeError for bytes passwords that were not
+    valid UTF-8.
+
+-------------------------------------------------------------------

Old:
----
  Django-6.0.6.checksum.txt
  django-6.0.6.tar.gz

New:
----
  Django-6.0.7.checksum.txt
  django-6.0.7.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-Django6.spec ++++++
--- /var/tmp/diff_new_pack.gQv4cn/_old  2026-07-09 22:21:35.026631275 +0200
+++ /var/tmp/diff_new_pack.gQv4cn/_new  2026-07-09 22:21:35.042631821 +0200
@@ -27,7 +27,7 @@
 %endif
 %define skip_python311 1
 Name:           python-Django6
-Version:        6.0.6
+Version:        6.0.7
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause

++++++ Django-6.0.6.checksum.txt -> Django-6.0.7.checksum.txt ++++++
--- /work/SRC/openSUSE:Factory/python-Django6/Django-6.0.6.checksum.txt 
2026-06-10 15:49:34.167807694 +0200
+++ 
/work/SRC/openSUSE:Factory/.python-Django6.new.1991/Django-6.0.7.checksum.txt   
    2026-07-09 22:21:32.678551068 +0200
@@ -2,7 +2,7 @@
 Hash: SHA256
 
 This file contains MD5, SHA1, and SHA256 checksums for the
-source-code tarball and wheel files of Django 6.0.6, released June 3, 2026.
+source-code tarball and wheel files of Django 6.0.7, released July 7, 2026.
 
 It also includes the commit hash of the release tag, identifying the exact
 source revision the artifacts were built from.
@@ -10,19 +10,14 @@
 To use this file, you will need a working install of PGP or other
 compatible public-key encryption software. You will also need to have
 the Django release manager's public key in your keyring. This key has
-the ID ``2EE82A8D9470983E`` and can be imported from the MIT
-keyserver, for example, if using the open-source GNU Privacy Guard
-implementation of PGP:
+the ID ``131403F4D16D8DC7`` and can be imported from GitHub, for example, if
+using the open-source GNU Privacy Guard implementation of PGP:
 
-    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
-
-or via the GitHub API:
-
-    curl https://github.com/nessita.gpg | gpg --import -
+    curl https://github.com/jacobtylerwalls.gpg | gpg --import -
 
 Once the key is imported, verify this file:
 
-    gpg --verify Django-6.0.6.checksum.txt
+    gpg --verify Django-6.0.7.checksum.txt
 
 Once you have verified this file, you can use normal MD5, SHA1, or SHA256
 checksumming applications to generate the checksums of the Django
@@ -31,44 +26,44 @@
 Release packages
 ================
 
-https://www.djangoproject.com/download/6.0.6/tarball/
-https://www.djangoproject.com/download/6.0.6/wheel/
+https://www.djangoproject.com/download/6.0.7/tarball/
+https://www.djangoproject.com/download/6.0.7/wheel/
 
 MD5 checksums
 =============
 
-b45e074d29f85e1417fb2d2ea97c2df3  django-6.0.6.tar.gz
-15a34bf4b721155c67d3079c78c045b2  django-6.0.6-py3-none-any.whl
+4e11c909aebe761ddbadedf5646da858  django-6.0.7.tar.gz
+23bf6a1ac8052a26d6f99515fd5786ce  django-6.0.7-py3-none-any.whl
 
 SHA1 checksums
 ==============
 
-e96b895019c21b8dc19b6ae983c9315216222941  django-6.0.6.tar.gz
-ca756ca3e6af380db3ba61c7a923051e55665757  django-6.0.6-py3-none-any.whl
+8bee35398a7c41420f9456a710baca622b518640  django-6.0.7.tar.gz
+3d2a6133b0d9954449c10032bf0be5415d0d1d37  django-6.0.7-py3-none-any.whl
 
 SHA256 checksums
 ================
 
-ad03916ba59523d781ae5c3f631960c23d69a9d9c43cecda52fc23b47e953713  
django-6.0.6.tar.gz
-25148b1194c47c2e685e5f5e9c5d59c78b075dfd282cb9618861ba6c1708f4d2  
django-6.0.6-py3-none-any.whl
+2998503fc083124fb58037084bfa00de323c7c743f05f1b4284e77bff0ab8890  
django-6.0.7.tar.gz
+a037427c2288443a8c02a1b02295a31c239663aa682bc50b1976afb7cf6a769e  
django-6.0.7-py3-none-any.whl
 
 Git tag
 =======
 
-ee93f65169c280c9ab3d2ce103dd478c96d05065  6.0.6
+The 6.0.7 tag points to commit e2a424605ac2e7e6e799496542fb2997207e2f23.
 -----BEGIN PGP SIGNATURE-----
 
-iQIzBAEBCAAdFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmogFx8ACgkQLugqjZRw
-mD40gw//Z0fLsfdEPQDP/O08hquUCY7LZMpRTBlbr2EqtLm8UXt9zEWc3C6hdWSW
-KQphP9DNguTviFuMNNddTtUt3X2AQe1C9nNlFF+GB7njPvQjzHvdZ5z5kn74gsdH
-WlP2TjzAuaBBp/c1m1dYBJSBl8GTXbZuxRlbl1CiXAZTOtnNLUJz575Uj0ffixIU
-4cgyBaHt+lK9QctmzHbrvBMJzqVXkQAekxvZmvpBcW8WwGtlkUY8af0q0yhCI+cD
-ZwmuxhxFmRmMkJBuuT0DuU4EYuEQSpbUoDDrage8/G+n/jEemQDQ7T5EeTqPnIFQ
-kuGzz6Udwr5sYgxbMHVO+nhCYBLh4/3pRk+1su+b3iv6XJSH6Rg7S57pnmjuDaBe
-ZSmqzjh3wp1krwzXbbkjoDOG38cghhLAAWvUTNHtjtKoyj1E6683EKzBVqATccA1
-o5/2vPJonBUjjecUw2FNo2jed7mHyKxL0VTdwHEUuyC+f3izjKEXbULAfJfKD3Wl
-htDkjFfptYR9cKvpqjFThuZjhOBJOp8YeyDgtq6xScNxifVWB/wemIcY9IRQAG6a
-bwZDB+0nX8d2pYqvGX5ie/fyeGkEsrPGOH3+aLBus4PgwNbKcaoxSiiTSnhjYERC
-j+1PZ6XNlWBXALlzJ4NVwN8lJJN/PqqRif0tqkheeEBESwMVwac=
-=3N06
+iQIzBAEBCAAdFiEEU9RpQuAGoqPu3IvIExQD9NFtjccFAmpM7H8ACgkQExQD9NFt
+jcfnlw//fBjHhdpb8+nVuJVjd60P063CSvatCxenIIq9iFsXzhLatS1bY/0El2y4
+kISgf4nrPI39d7s6v0xRxfGRgws2P7yX0zP4Ymud9y95HKrfWFWfOMv8jBUa3P9v
+v4QHGPqrlbmnjqfM+PceJ7ztqnq9j4NZrOoDTsBpMm528kVLpL95QeNWUKNqpJ3D
+TrsXY3Cap5JyJ+AHd79ph2e/njdCuK2xAfiKUmOD7+CG7ukvOZ/A4mgI/DRuh7iF
+v4zIjk0L/HoQpx6HG7aNCmVRa4KOfI01hUkdheEXUEOfHSOpyRxX0aKkWBI0pETS
+5PNSHr39dwWlpFHWnuCj7HZRFsBnwP6Ha4bVCulB//Hc2mpH3TfAijBtxVytVuI3
+UmHNqrxbs1iFz22l30FzhJ+lqWstHN8/elaUj7x59IQO7plITfwO6+BB1sb+UIWy
+2vAw1P/tmNvkcdgVXd7Qh8Xj/8BZM7IUoh9lZ6n1JXm5W/fzFUkC+r+SLJC15G54
+KTGLBq/UQOWENlGRVczrtwDxe+oCD0uNGWZxjf0g58CiA7FURg3IIS4enfAChuNL
+gYLz0+6zGfhTWyASHzef3KQ0dDZ33+EWM7T4A548rwjabPl1Et3HjsVoL6dR2g4Y
+Go7DFdJv9h1QgLIE5y8HUv7qqQzp0ZN6AbTQQu52zymKJ/Du91o=
+=6O04
 -----END PGP SIGNATURE-----

++++++ django-6.0.6.tar.gz -> django-6.0.7.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-Django6/django-6.0.6.tar.gz 
/work/SRC/openSUSE:Factory/.python-Django6.new.1991/django-6.0.7.tar.gz differ: 
char 5, line 1

Reply via email to