public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Michel Lind <salimma@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/python-django4.2] epel9: Update to version 4.3.30
Date: Sat, 06 Jun 2026 17:22:33 GMT [thread overview]
Message-ID: <178076655315.1.8013459990936637856.rpms-python-django4.2-3e472663f157@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/python-django4.2
Branch : epel9
Commit : 3e472663f15720db891e205869310f3e688eb727
Author : Michel Lind <salimma@fedoraproject.org>
Date : 2026-06-06T18:19:30+01:00
Stats : +3/-2 in 3 file(s)
URL : https://src.fedoraproject.org/rpms/python-django4.2/c/3e472663f15720db891e205869310f3e688eb727?branch=epel9
Log:
Update to version 4.3.30
- Django 4.2.30 fixes one security issue with severity “moderate” and four security issues with severity “low” in 4.2.29
- CVE-2026-33033: Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload [moderate]
- CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation
- CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin
- CVE-2026-4292: Privilege abuse in ModelAdmin.list_editable
- CVE-2026-33034: Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass
- Django 4.2.29 fixes a security issue with severity “moderate” and a security issue with severity “low” in 4.2.28
- CVE-2026-25673: Potential denial-of-service vulnerability in URLField
via Unicode normalization on Windows [moderate]
- CVE-2026-25674: Potential incorrect permissions on newly created file system objects
Signed-off-by: Michel Lind <salimma@fedoraproject.org>
---
diff --git a/.gitignore b/.gitignore
index baa8e40..62e0735 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@
/django-4.2.23.tar.gz
/django-4.2.27.tar.gz
/django-4.2.28.tar.gz
+/django-4.2.30.tar.gz
diff --git a/python-django4.2.spec b/python-django4.2.spec
index a5a156a..e7bfad8 100644
--- a/python-django4.2.spec
+++ b/python-django4.2.spec
@@ -9,7 +9,7 @@
%endif
Name: python-django4.2
-Version: 4.2.28
+Version: 4.2.30
Release: %autorelease
Summary: A high-level Python Web framework
diff --git a/sources b/sources
index f30b02f..be2b962 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (django-4.2.28.tar.gz) = 7d7e33d8bb08aed5d6f500058989b70cb0a4a7e81bf0c49e2da8f627885d0f7d408c40fed521ba500fef871091eecf80ebac662672573128a06006f77f7cfd1d
+SHA512 (django-4.2.30.tar.gz) = 62bbb451a3ab61ab1679ce9e86178147930cc711f01a0d983aa231ffbc4152f1926d3da240751ee4636f1c0c421248d2f3ee5ebd6827c45a4743adae7b46fbe8
reply other threads:[~2026-06-06 17:22 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178076655315.1.8013459990936637856.rpms-python-django4.2-3e472663f157@fedoraproject.org \
--to=salimma@fedoraproject.org \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox