python-Django/python-Django.changes at factory

SHA256

Files

Markéta Machová e3535b927b Accepting request 1330887 from home:mcalabkova:branches:devel:languages:python:django

- Update to 5.2.11
  * CVE-2025-13473: Username enumeration through timing difference
    in mod_wsgi authentication handler (bsc#1257401)
  * CVE-2025-14550: Potential denial-of-service vulnerability via
    repeated headers when using ASGI (bsc#1257403)
  * CVE-2026-1207: Potential SQL injection via raster lookups on
    PostGIS (bsc#1257405)
  * CVE-2026-1285: Potential denial-of-service vulnerability in
    django.utils.text.Truncator HTML methods (bsc#1257406)
  * CVE-2026-1287: Potential SQL injection in column aliases via
    control characters (bsc#1257407)
  * CVE-2026-1312: Potential SQL injection via QuerySet.order_by
    and FilteredRelation (bsc#1257408)

OBS-URL: https://build.opensuse.org/request/show/1330887
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=226

2026-02-04 09:40:05 +00:00

152 KiB

Raw Permalink Blame History

View Raw

152 KiB Raw Permalink Blame History

152 KiB

Raw Permalink Blame History