Accepting request 1315976 from devel:languages:python:django

Forwarded request #1315948 from mcalabkova

- Update to 5.2.8 (bsc#1252926)
    * CVE-2025-64459: Potential SQL injection via _connector keyword argument
    * Added compatibility for oracledb 3.4.0
    * Fixed a bug in Django 5.2 where QuerySet.first() and QuerySet.last()
      raised an error on querysets performing aggregation that selected all
      fields of a composite primary key.

OBS-URL: https://build.opensuse.org/request/show/1315976
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=140

Django-5.2.4.checksum.txt

@@ -1,68 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA256
-
-This file contains MD5, SHA1, and SHA256 checksums for the
-source-code tarball and wheel files of Django 5.2.4, released July 2, 2025.
-
-To use this file, you will need a working install of PGP or other
-compatible public-key encryption software. You will also need to have
-the Django release manager's public key in your keyring. This key has
-the ID ``2EE82A8D9470983E`` and can be imported from the MIT
-keyserver, for example, if using the open-source GNU Privacy Guard
-implementation of PGP:
-
-    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
-
-or via the GitHub API:
-
-    curl https://github.com/nessita.gpg | gpg --import -
-
-Once the key is imported, verify this file:
-
-    gpg --verify Django-5.2.4.checksum.txt
-
-Once you have verified this file, you can use normal MD5, SHA1, or SHA256
-checksumming applications to generate the checksums of the Django
-package and compare them to the checksums listed below.
-
-Release packages
-================
-
-https://www.djangoproject.com/download/5.2.4/tarball/
-https://www.djangoproject.com/download/5.2.4/wheel/
-
-MD5 checksums
-=============
-
-6ecc4875e8cdc08706faea1cc4740fdf  django-5.2.4.tar.gz
-fee657f7686462d388f274c5f92b634a  django-5.2.4-py3-none-any.whl
-
-SHA1 checksums
-==============
-
-de45d44e1bb2ceb1c08b8fd0846de920874f71a1  django-5.2.4.tar.gz
-a6a7904e3749a0e8937a50643293889929b4b6f7  django-5.2.4-py3-none-any.whl
-
-SHA256 checksums
-================
-
-a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f  django-5.2.4.tar.gz
-60c35bd96201b10c6e7a78121bd0da51084733efa303cc19ead021ab179cef5e  django-5.2.4-py3-none-any.whl
-
------BEGIN PGP SIGNATURE-----
-
-iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmhlfcIoHDEyNDMwNCtu
-ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPj5DD/94
-KOuOZ5JHtZWknqi1JeV1akzB/RpY7lhL9SbJbVXhdAxOY9Cn4eUG7NsPWa9JnhX1
-F/2geBE5mjOZen4ARtGHWxa5vqidqUbscrU9AkqPLn6aecEKi2jXXNkYmmWw/37K
-wb92BQtuWkaXyiZ4E6Sledx9yFhcqMDFg27CdNYfAqUWofI6zzSmLIzOlOSVR9Sc
-uDrfRqQ4GXlRGT5pIkcIxE0ZKToUYrKgn99PZOmBcLfJgQ4VBt62J6SzZAhhElb3
-DUMcVhG2XNIhg7v7DwlVodowDYQdRi2H/ahAa7/m1+uugRbysoGSLLwP+50tDjlj
-07zxoJsrL5R9zaMp4pcXQN4bUy3rDz94DkjlXO51f8LwDdStvk4VOYan1W5S9BhP
-R0conCFfcg4+iK0pV5e/GeeTwBRHQw8p5RuWfrEpKFi/XQtT0u01hqUGppeuZ9wI
-f+Ud9RA8Nrw0ouli4WvfH0RVFuMgUFqScwO88oatuUH5CDPjlV+5usNb7FrmZXv6
-AWRopONOcYGF07+FYh0nsoE8enWyxE+JWTJzxT5PGZ3buUO0hlnJ+auoJv8yOVii
-ELCSUyi93glWonCBrS41XrNO6+6K/8V9V6iv9/PdGwF1GszbX5Rx4e2lDMA7crYh
-1qKGaV3+iAO+Y+vXt6VTy6h5GLg9hun+RQ8TU3Guyg==
-=d9C5
------END PGP SIGNATURE-----

Django-5.2.8.checksum.txt

@@ -0,0 +1,68 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+This file contains MD5, SHA1, and SHA256 checksums for the
+source-code tarball and wheel files of Django 5.2.8, released November 5, 2025.
+
+To use this file, you will need a working install of PGP or other
+compatible public-key encryption software. You will also need to have
+the Django release manager's public key in your keyring. This key has
+the ID ``2EE82A8D9470983E`` and can be imported from the MIT
+keyserver, for example, if using the open-source GNU Privacy Guard
+implementation of PGP:
+
+    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
+
+or via the GitHub API:
+
+    curl https://github.com/nessita.gpg | gpg --import -
+
+Once the key is imported, verify this file:
+
+    gpg --verify Django-5.2.8.checksum.txt
+
+Once you have verified this file, you can use normal MD5, SHA1, or SHA256
+checksumming applications to generate the checksums of the Django
+package and compare them to the checksums listed below.
+
+Release packages
+================
+
+https://www.djangoproject.com/download/5.2.8/tarball/
+https://www.djangoproject.com/download/5.2.8/wheel/
+
+MD5 checksums
+=============
+
+0268c52cb99bb764490fdd90502def32  django-5.2.8.tar.gz
+60ed4555e2f91cc881b2293ad78bf423  django-5.2.8-py3-none-any.whl
+
+SHA1 checksums
+==============
+
+41d50f7b49e3c60ad0e3e873c1474f883640d179  django-5.2.8.tar.gz
+50d9ad23cef8ebe6cc7d17004e65ae6b5dbabc37  django-5.2.8-py3-none-any.whl
+
+SHA256 checksums
+================
+
+23254866a5bb9a2cfa6004e8b809ec6246eba4b58a7589bc2772f1bcc8456c7f  django-5.2.8.tar.gz
+37e687f7bd73ddf043e2b6b97cfe02fcbb11f2dbb3adccc6a2b18c6daa054d7f  django-5.2.8-py3-none-any.whl
+
+-----BEGIN PGP SIGNATURE-----
+
+iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmkLRQooHDEyNDMwNCtu
+ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPsFxD/4h
+zgUToQHe7WgIhVOHKe2ARgXDhA/4yooteYTLoFl6vFzt4r+h+7/3LH8/XucJwYWa
+O9SimNT0MhtcWKM0l3jczGMhr3pH7zeBUExtzyPVyycTyQ5KgbDVEgf+w4ua+Jo3
+BzQBnUkJN9Ofc/uQqIAj0X3zjp9NE7uNZpOLzpRUwulrUQ7ieFAAhs3JrCM2mmTF
+KnudQkY50zIHy9OX8mSvF8OslFQ9Z84ZPlHfqaQzN6uDNIRujMu9sSbvbiWgpQ9h
+Tp/MVRppmlKXcZjM5M+vT0sqT4Ac/OepkSSVMSKAKHNPOpsG3wC/ouclkgG6Wv2Z
+6r6Ea2LND8HoMHUhScir558g3pF6p9NW5vrK3Qd7cS4G6idv2eVzzHqYH8WORG9s
+5HnldOGhRF6ONAwSveEbViQ6/fzWYsROrCa5+IOfELtg7Uc+ji3eQSqFvyR7rPxt
+Ux+LVvgWfODNEjTlrqZQDaPDU4P7gy6So5vzXe+eciyyNxgftmlpWSHMliXcYjxo
+gxUh6EPjklxFQ8fmFecCz57CJ0oXT2qB3iNDyTft3qqetgWeJ72d9rVMLLXmHLOe
+oRKFS3QXXBr+sIdxWB2Fgu2g8X5ky3O9wIgN7OzQ2p4pCja+NSmxlhJxJwUomgjA
+UHvOPP6hwSp1TQdcoauXD72A+t0TkYLuZ03Dfzkh1Q==
+=ci0h
+-----END PGP SIGNATURE-----

django-5.2.4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a1228c384f8fa13eebc015196db7b3e08722c5058d4758d20cb287503a540d8f
-size 10831909

django-5.2.8.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:23254866a5bb9a2cfa6004e8b809ec6246eba4b58a7589bc2772f1bcc8456c7f
+size 10849032

python-Django.changes

@@ -1,3 +1,60 @@
+-------------------------------------------------------------------
+Thu Nov  6 07:20:08 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- Update to 5.2.8 (bsc#1252926)
+  * CVE-2025-64459: Potential SQL injection via _connector keyword argument
+  * Added compatibility for oracledb 3.4.0
+  * Fixed a bug in Django 5.2 where QuerySet.first() and QuerySet.last()
+    raised an error on querysets performing aggregation that selected all
+    fields of a composite primary key.
+
+-------------------------------------------------------------------
+Thu Oct  2 09:41:30 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- Update to 5.2.7 (bsc#1250485, bsc#1250487)
+  * CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(),
+    aggregate(), and extra() on MySQL and MariaDB
+  * CVE-2025-59682: Potential partial directory-traversal via archive.extract()
+  * Fixed a regression in Django 5.2 that reduced the color contrast of the
+    label of filter_horizontal and filter_vertical widgets within a TabularInline
+
+-------------------------------------------------------------------
+Thu Sep  4 10:02:00 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- Update to 5.2.6 (bsc#1248810)
+  * CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases
+  * Fixed a bug where using QuerySet.values() or values_list() with a ForeignObject
+    composed of multiple fields returned incorrect results instead of tuples of
+    the referenced fields
+- Rebased test_strip_tags.patch
+
+-------------------------------------------------------------------
+Tue Aug 12 10:52:26 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- Update to 5.2.5
+  * Fixed a regression in Django 5.2.1 that prevented the usage of UNNEST
+    PostgreSQL strategy of QuerySet.bulk_create() with foreign keys
+  * Fixed a crash in Django 5.2 when filtering against a composite primary key
+    using a tuple containing expressions
+  * Fixed a crash in Django 5.2 when validating a model that uses
+    GeneratedField or constraints composed of Q and Case lookups
+  * Added compatibility for docutils 0.22
+  * Fixed a crash in Django 5.2 when using a ManyToManyField on a model with
+    a composite primary key, by extending the fields.E347 system check
+- Convert to libalternatives on SLE-16-based and newer systems
+
+-------------------------------------------------------------------
+Fri Aug  1 02:09:01 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Reinstate Requires on tzdata, a lot of packages use it.
+
+-------------------------------------------------------------------
+Wed Jul 30 06:03:44 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Add patch support-msgfmt-0.25.patch:
+  * Support msgfmt 0.25 error messages changes. (bsc#1246966)
+- Remove unneeded Requires on tzdata.
+
 -------------------------------------------------------------------
 Sat Jul 19 06:51:37 UTC 2025 - Markéta Machová <mmachova@suse.com>
 

python-Django.keyring

@@ -130,3 +130,55 @@ BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF
 z+gZLcBuv/NdNg==
 =B8gH
 -----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGV2bPUBEADQ/fSfsrdv/aGrUmyQ1ZmZNSDqlH8GXQH+LQiqOc5QjSgq09kv
+YC5H3+yRmj4ENYJrD48Mce54k99U6LXhIopmPnCwnQjhpkXFqaZt8KtlhL/5VhIc
+BFSodLkEFENWzpuxOkshOJYU8RxLO6MPQGKkokEGhxUHnNW5kwmGa93Iscu04SZR
+L2pAHfYsnxB2Z5HAl4Os6iy7CKP8T5UQhGxwxojvjPyRJTb3IUDifjafPl4kbQyN
+GdpgVnjHQtOzoVcXCsU4ig105IzydIf5BTYng3+idmlhQ1u8JzGETdlBvCtxg1K2
+FmGD6IFzyvksdf44DNmxXmGnpMJK3y0+dpFzo33YBE3kFnYm57bwY55tdKmGnDyK
+rR/1mARVOLQQYrDT6hgggNwRfqpTk28nU463LnXrLS89zaOxGQhfLm7w9kZ69WDd
+UpI4RdZjA/klQJhPmLS7b8YmmZstvoZitsMgpPiexO+x7igMvWvuNyE8QL2EZ54K
+6ojVObAdIbQe4LbiYCSut81F6e6tRsX3Jb46y5iUCZEkHvGsrZW6V1l/AIuYBecO
+Xr5mmk5W4TpUlXTnyDFJr/FFtWfR1j2Z3ti+pZqAO4GUEUAjox+Dz/shKpmen7Qm
+aj/Y/nuvD70B3c5XTWn62zTXVPYVX76sDnIuVsh/kORSP32OqMkesFKT9QARAQAB
+tCdKYWNvYiBXYWxscyA8amFjb2J0eWxlcndhbGxzQGdtYWlsLmNvbT6JAlQEEwEI
+AD4WIQRT1GlC4Aaio+7ci8gTFAP00W2NxwUCZXZs9QIbAwUJB4Ye+wULCQgHAgYV
+CgkICwIEFgIDAQIeAQIXgAAKCRATFAP00W2NxwWVD/9ZTx8q3qsAXfOaWUNugaDM
+oyUMa4bURfk82AXLVDju9fQQv/5wDlvQ+ejMDHE0pnvmQSa8bTol8y2IXO9Kl3ak
+0NU3oOh3iJKk3q+FtxibGmIM5i095h2T97IBKJrZf6I1O0a9ZfMMDXbVpTeGIRDf
+b55G6GG1jhdJa3SgtudUcGizlM0i7UrntUktmbnvWyYzbjWIKdYRq2W7vlEgKvNs
+NZFVeO1KqLR92xUAIL+V7HtQ3TetyanYRH91Q8fZR9p+ScEOKJyfrpRa/IfrJKlg
+k6MOqGeVaOd4nOX042S1+u0TU7HrVVVhL+Vru4utSYg9ZucM06wZOgR0A6Vay7Ap
+Y43nGxRhc//auOJSh4nIQmtyup5+YiyKhynEnSF3pGuKXy64wVOO9XdW69bmyRxz
+gAz4W5yTjmNBkQUYAGteJXo4fhDxWYzmeAIE7l5StTbgSZNLbndwmiWEyy8WzJtp
+5xzluh+//39D+TUStZKG1MerhqnmJj3CBSTeeiKpW9QOtC4y2vuWzNp3XHS9FjeW
+GOz5seJ5VDokkzP05XOfJ9SyblFAOW/Zteh2wdOb+S+/pUz+OukwPZthMwRsl0Dc
+U+fx2mK+9I9TBJWgUHO1aXm6FlcyDnSlzc5oM4wXKF4sqByjjuCtYzK8UtEwlKNm
+Pyboq4Y5RhYrW63LDl+SerkCDQRldmz1ARAAvkmAuvLXwZ86mubWYQFsmy3UKxdF
+cewS8XikjsEZPvf0kYgi9wlMTRDvWlEmNGp9r4NWH36zm6uBjK9hxn+rNsiqkYez
+MPTgwvxruSJWJPaFqK096Y8AMuk9SobMsydtlxuChQ3RwYo+j/v1csAdD88igzjW
+3HKCzJ0e76ILdfbqlh8tJ+nbXvFgVVV2+vV996PTp4dQedc4/VzFGv00Mejkmhd3
+nUBqdmG9mgqR4LK5xWCHXSVqgdVeH0urOiEN57aOie/30q6IegkfrKCSq1zGJE5o
+WApzrOqo0UEDDND6PXDuLvzVuot3M/YvKjUXx8FatJC5BLSH0I9AKBWqPGvjk07V
+IoI0CexyKoJKIkGl/ZUyRsorqmqg1671HUYNAFEbIwxeJUQkjTwqUxGXSjei7t8a
+wzuZsA81lhXpwt6DfuQQ9XkDrc4dfyEuvkV9PforZxz8dVlDiORw3hPYqBjbU0hy
+6D4Ytq3f88azYvZF8GE4uSYzvN6XeRhLr1hnfAFfGQFdNwg4qufjo8QYoQsYe6RZ
+uenL1z5vkGRUz03l11GiaOqEJDJTy3dGACeQqAjjno8UL9Nb7PUWfnZL41zOGL8s
+DHee7hX2+hsRPMoiqCzJrCjU52G5qGEB8d44VjNM8y435jyfBAh8ugv4rsSonzy+
+ASe0msXK6bLxAy0AEQEAAYkCPAQYAQgAJhYhBFPUaULgBqKj7tyLyBMUA/TRbY3H
+BQJldmz1AhsMBQkHhh77AAoJEBMUA/TRbY3HlA0QAI4DQ3MNfkpIZw/aKEetCaVB
+LIVEfugoDcUQxiwc00G1aEuxpBdnfT5wFzUodUFJuIntGcYUMJwvAC3RB4ZANuoP
+F2j/2JIp42GYhBjNSyy0ix/E2C/95HZDzsvDB4EZ0VMvec+MgAweTZhxZfdCsmId
+lMWFfn3UM5FhtsOqLmw11T/6PdDgcyomrsp4ghHph9dJvMGiqXjysTSg3OMxzQeU
+lzjX+6C4dY6AcpqAkeG+zRUYSQKsHQwSOxK7zon/hAA2+Gbvu+pzr0jHnatX8Fkd
+eOBc6xZpnoQcubj/PXEBhXV4868jW/RNRG5ZXoQpnf63R0616JePkUKnXxs61JD9
+oBuERUPn+HK346QNgNDRhzAufPYsXlPOPtU6poZqinMhsbcpW5Konjp2yLVwosXn
+UPGLzZZHy9csF3VcWV96bM8WUEkFNfflisi1nE7yqC/CKgUjK0HUFDhyNHuCICTC
+e9tvw2epbaLkid0NxV+a0RWWiUq2kMeTBUezVC27P+LAZ8aTZxHPyERtJlBgTCfm
+1hWJ3CcIc4LT54AS3allzTv0f6iHX9WpJhfr3WPIY1Xt/d466l3VSofktwmpTEr2
+DAECOit/CE1rFy1C+MHinAUX6C7ajg6msIE6uZHFrbHlSU8/WrbvZ1e4Nc7w7e/N
+R182g26K1DaCZphtoq8Z
+=0YqB
+-----END PGP PUBLIC KEY BLOCK-----

python-Django.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-Django
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,8 +20,13 @@
 %bcond_with selenium
 %bcond_with memcached
 %{?sle15_python_module_pythons}
+%if 0%{?suse_version} > 1500
+%bcond_without libalternatives
+%else
+%bcond_with libalternatives
+%endif
 Name:           python-Django
-Version:        5.2.4
+Version:        5.2.8
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause
@@ -31,7 +36,10 @@ Source1:        https://www.djangoproject.com/m/pgp/Django-%{version}.checksum.t
 Source2:        %{name}.keyring
 Source99:       python-Django-rpmlintrc
 # PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19639 Fixed #36499 -- Adjusted utils_tests.test_html.TestUtilsHtml.test_strip_tags following Python's HTMLParser new behavior.
+# fixed and refined upstream, but some of our interpreters weren't updated to a new version yet and still only carry the patch, so providing the non-conditional version
 Patch0:         test_strip_tags.patch
+# PATCH-FIX-UPSTREAM https://github.com/django/django/pull/19530 Fixed #36421 -- Made test_msgfmt_error_including_non_ascii compatible with with msgfmt 0.25.
+Patch1:         support-msgfmt-0.25.patch
 BuildRequires:  %{python_module Jinja2 >= 2.9.2}
 BuildRequires:  %{python_module Pillow >= 6.2.0}
 BuildRequires:  %{python_module PyYAML}
@@ -56,8 +64,6 @@ Requires:       python
 Requires:       python-asgiref >= 3.7.0
 Requires:       python-sqlparse >= 0.3.1
 Requires:       python-tzdata
-Requires(post): update-alternatives
-Requires(postun): update-alternatives
 Recommends:     python-Jinja2 >= 2.9.2
 Recommends:     python-Pillow >= 6.2.0
 Recommends:     python-PyYAML
@@ -71,6 +77,13 @@ Obsoletes:      python-django < %{version}
 Provides:       python-South = %{version}
 Obsoletes:      python-South < %{version}
 BuildArch:      noarch
+%if %{with libalternatives}
+BuildRequires:  alts
+Requires:       alts
+%else
+Requires(post): update-alternatives
+Requires(postun): update-alternatives
+%endif
 %if %{with memcached}
 BuildRequires:  %{python_module pylibmc}
 BuildRequires:  %{python_module pymemcache}
@@ -131,6 +144,9 @@ export PATH=%{_libdir}/chromium:$PATH
 %python_expand PYTHONPATH=.:%{buildroot}%{$python_sitelib} $python tests/runtests.py -v 2
 %endif
 
+%pre
+%python_libalternatives_reset_alternative django-admin
+
 %post
 %{python_install_alternative django-admin}
 

support-msgfmt-0.25.patch

@@ -0,0 +1,69 @@
+From 3609c463a4cfc5a7e76f4d4ba008c5096b1f1437 Mon Sep 17 00:00:00 2001
+From: Jericho Serrano <118679068+jericho1050@users.noreply.github.com>
+Date: Fri, 6 Jun 2025 04:58:29 +0800
+Subject: [PATCH] Fixed #36421 -- Made test_msgfmt_error_including_non_ascii
+ compatible with msgfmt 0.25.
+
+---
+ tests/i18n/test_compilation.py | 25 +++++++++++++++++++++++--
+ 1 file changed, 23 insertions(+), 2 deletions(-)
+
+diff --git a/tests/i18n/test_compilation.py b/tests/i18n/test_compilation.py
+index 4b0bb9f6bb1..3a57dbf0765 100644
+--- a/tests/i18n/test_compilation.py
++++ b/tests/i18n/test_compilation.py
+@@ -1,5 +1,6 @@
+ import gettext as gettext_module
+ import os
++import re
+ import stat
+ import unittest
+ from io import StringIO
+@@ -8,10 +9,12 @@
+ from unittest import mock
+ 
+ from django.core.management import CommandError, call_command, execute_from_command_line
+-from django.core.management.utils import find_command
++from django.core.management.utils import find_command, popen_wrapper
+ from django.test import SimpleTestCase, override_settings
+ from django.test.utils import captured_stderr, captured_stdout
+ from django.utils import translation
++from django.utils.encoding import DEFAULT_LOCALE_ENCODING
++from django.utils.functional import cached_property
+ from django.utils.translation import gettext
+ 
+ from .utils import RunInTmpDirMixin, copytree
+@@ -254,6 +257,17 @@ def test_no_dirs_accidentally_skipped(self):
+ 
+ 
+ class CompilationErrorHandling(MessageCompilationTests):
++    @cached_property
++    def msgfmt_version(self):
++        # Note that msgfmt is installed via GNU gettext tools, hence the msgfmt
++        # version should align to gettext.
++        out, err, status = popen_wrapper(
++            ["msgfmt", "--version"],
++            stdout_encoding=DEFAULT_LOCALE_ENCODING,
++        )
++        m = re.search(r"(\d+)\.(\d+)\.?(\d+)?", out)
++        return tuple(int(d) for d in m.groups() if d is not None)
++
+     def test_error_reported_by_msgfmt(self):
+         # po file contains wrong po formatting.
+         with self.assertRaises(CommandError):
+@@ -278,7 +292,14 @@ def test_msgfmt_error_including_non_ascii(self):
+                 call_command(
+                     "compilemessages", locale=["ko"], stdout=StringIO(), stderr=stderr
+                 )
+-            self.assertIn("' cannot start a field name", stderr.getvalue())
++            if self.msgfmt_version < (0, 25):
++                error_msg = "' cannot start a field name"
++            else:
++                error_msg = (
++                    "a field name starts with a character that is not alphanumerical "
++                    "or underscore"
++                )
++            self.assertIn(error_msg, stderr.getvalue())
+ 
+ 
+ class ProjectAndAppTests(MessageCompilationTests):

test_strip_tags.patch

@@ -10,11 +10,11 @@ Subject: [PATCH] Fixed #36499 -- Adjusted
  tests/utils_tests/test_html.py | 4 ++--
  2 files changed, 4 insertions(+), 4 deletions(-)
 
-diff --git a/tests/test_utils/tests.py b/tests/test_utils/tests.py
-index 494a0ea8d384..0de19eae9072 100644
---- a/tests/test_utils/tests.py
-+++ b/tests/test_utils/tests.py
-@@ -959,10 +959,10 @@ def test_parsing_errors(self):
+Index: django-5.2.6/tests/test_utils/tests.py
+===================================================================
+--- django-5.2.6.orig/tests/test_utils/tests.py
++++ django-5.2.6/tests/test_utils/tests.py
+@@ -945,10 +945,10 @@ class HTMLEqualTests(SimpleTestCase):
              self.assertHTMLEqual("", "<p>")
          error_msg = (
              "First argument is not valid HTML:\n"
@@ -22,25 +22,28 @@ index 494a0ea8d384..0de19eae9072 100644
 +            "('Unexpected end tag `div` (Line 1, Column 0)', (1, 0))"
          )
          with self.assertRaisesMessage(AssertionError, error_msg):
--            self.assertHTMLEqual("< div></ div>", "<div></div>")
+-            self.assertHTMLEqual("< div></div>", "<div></div>")
 +            self.assertHTMLEqual("</div>", "<div></div>")
          with self.assertRaises(HTMLParseError):
              parse_html("</p>")
  
-diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py
-index 4ce552e79a0d..205eaeca1668 100644
---- a/tests/utils_tests/test_html.py
-+++ b/tests/utils_tests/test_html.py
-@@ -142,10 +142,10 @@ def test_strip_tags(self):
-             ("&gotcha&#;<>", "&gotcha&#;<>"),
-             ("<sc<!-- -->ript>test<<!-- -->/script>", "ript>test"),
+Index: django-5.2.6/tests/utils_tests/test_html.py
+===================================================================
+--- django-5.2.6.orig/tests/utils_tests/test_html.py
++++ django-5.2.6/tests/utils_tests/test_html.py
+@@ -162,13 +162,13 @@ class TestUtilsHtml(SimpleTestCase):
              ("<script>alert()</script>&h", "alert()h"),
--            ("><!" + ("&" * 16000) + "D", "><!" + ("&" * 16000) + "D"),
-+            ("><!" + ("&" * 16000) + "D", ">"),
+             (
+                 "><!" + ("&" * 16000) + "D",
+-                ">" if htmlparser_fixed else "><!" + ("&" * 16000) + "D",
++                ">",
+             ),
              ("X<<<<br>br>br>br>X", "XX"),
              ("<" * 50 + "a>" * 50, ""),
--            (">" + "<a" * 500 + "a", ">" + "<a" * 500 + "a"),
-+            (">" + "<a" * 500 + "a", ">"),
+             (
+                 ">" + "<a" * 500 + "a",
+-                ">" if htmlparser_fixed else ">" + "<a" * 500 + "a",
++                ">",
+             ),
              ("<a" * 49 + "a" * 951, "<a" * 49 + "a" * 951),
              ("<" + "a" * 1_002, "<" + "a" * 1_002),
-         )