[rpms/python-django5] f43: Update to version 5.2.15; Resolves RHBZ#2484354

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

* [rpms/python-django5] f43: Update to version 5.2.15; Resolves RHBZ#2484354
@ 2026-06-05 18:44 Michel Lind
  0 siblings, 0 replies; only message in thread
From: Michel Lind @ 2026-06-05 18:44 UTC (permalink / raw)
  To: git-commits

            A new commit has been pushed.

            Repo   : rpms/python-django5
            Branch : f43
            Commit : 3f72f2393329cee0a433cf01978fe48563b09c8c
            Author : Michel Lind <salimma@fedoraproject.org>
            Date   : 2026-06-05T19:00:15+01:00
            Stats  : +3/-2 in 3 file(s)
            URL    : https://src.fedoraproject.org/rpms/python-django5/c/3f72f2393329cee0a433cf01978fe48563b09c8c?branch=f43

            Log:
            Update to version 5.2.15; Resolves RHBZ#2484354

- Fixes five low-severity CVEs
- CVE-2026-6873: Signed cookie salt namespace collision
- CVE-2026-7666: Potential unencrypted email transmission via STARTTLS in the SMTP backend
- CVE-2026-8404: Potential exposure of private data via case-sensitive Cache-Control directives
- CVE-2026-35193: Potential exposure of private data via missing Vary: Authorization
- CVE-2026-48587: Potential exposure of private data via whitespace padding in Vary header

Signed-off-by: Michel Lind <salimma@fedoraproject.org>

---
diff --git a/.gitignore b/.gitignore
index b16435f..fca289b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@
 /django-5.2.9.tar.gz
 /django-5.2.11.tar.gz
 /django-5.2.14.tar.gz
+/django-5.2.15.tar.gz

diff --git a/python-django5.spec b/python-django5.spec
index abb69e6..83d806b 100644
--- a/python-django5.spec
+++ b/python-django5.spec
@@ -20,7 +20,7 @@
 %bcond old_setuptools 0
 %endif
 
-Version:        5.2.14
+Version:        5.2.15
 %global major_ver %(echo %{version} | cut -d. -f1)
 Name:           python-django%{major_ver}
 

diff --git a/sources b/sources
index 52b0a15..b088a98 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (django-5.2.14.tar.gz) = e6e05195d4693209de15be99fc6621cc23b5a0d28fbcf2516b271274aa1637be4f55a6b607fb1c5dc8e913a78eca99d76645bce1cc71468a8dfed7e16c129a84
+SHA512 (django-5.2.15.tar.gz) = ac222ce040bd55dc580bfbc38d5c35802960fcd90070271f2f990f3a2f8c429c837b511fce1c45ef2d21ad518fdd47c26a6486a8f4696f3f2e9ee9e114421a3c

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2026-06-05 18:44 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-05 18:44 [rpms/python-django5] f43: Update to version 5.2.15; Resolves RHBZ#2484354 Michel Lind

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox