public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Michel Lind <salimma@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/python-django5] f43: Update to version 5.2.15; Resolves RHBZ#2484354
Date: Fri, 05 Jun 2026 18:44:55 GMT [thread overview]
Message-ID: <178068509545.1.6565360261998617555.rpms-python-django5-3f72f2393329@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/python-django5
Branch : f43
Commit : 3f72f2393329cee0a433cf01978fe48563b09c8c
Author : Michel Lind <salimma@fedoraproject.org>
Date : 2026-06-05T19:00:15+01:00
Stats : +3/-2 in 3 file(s)
URL : https://src.fedoraproject.org/rpms/python-django5/c/3f72f2393329cee0a433cf01978fe48563b09c8c?branch=f43
Log:
Update to version 5.2.15; Resolves RHBZ#2484354
- Fixes five low-severity CVEs
- CVE-2026-6873: Signed cookie salt namespace collision
- CVE-2026-7666: Potential unencrypted email transmission via STARTTLS in the SMTP backend
- CVE-2026-8404: Potential exposure of private data via case-sensitive Cache-Control directives
- CVE-2026-35193: Potential exposure of private data via missing Vary: Authorization
- CVE-2026-48587: Potential exposure of private data via whitespace padding in Vary header
Signed-off-by: Michel Lind <salimma@fedoraproject.org>
---
diff --git a/.gitignore b/.gitignore
index b16435f..fca289b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@
/django-5.2.9.tar.gz
/django-5.2.11.tar.gz
/django-5.2.14.tar.gz
+/django-5.2.15.tar.gz
diff --git a/python-django5.spec b/python-django5.spec
index abb69e6..83d806b 100644
--- a/python-django5.spec
+++ b/python-django5.spec
@@ -20,7 +20,7 @@
%bcond old_setuptools 0
%endif
-Version: 5.2.14
+Version: 5.2.15
%global major_ver %(echo %{version} | cut -d. -f1)
Name: python-django%{major_ver}
diff --git a/sources b/sources
index 52b0a15..b088a98 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (django-5.2.14.tar.gz) = e6e05195d4693209de15be99fc6621cc23b5a0d28fbcf2516b271274aa1637be4f55a6b607fb1c5dc8e913a78eca99d76645bce1cc71468a8dfed7e16c129a84
+SHA512 (django-5.2.15.tar.gz) = ac222ce040bd55dc580bfbc38d5c35802960fcd90070271f2f990f3a2f8c429c837b511fce1c45ef2d21ad518fdd47c26a6486a8f4696f3f2e9ee9e114421a3c
reply other threads:[~2026-06-05 18:44 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178068509545.1.6565360261998617555.rpms-python-django5-3f72f2393329@fedoraproject.org \
--to=salimma@fedoraproject.org \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox