Fedora Packages

python3-django-5.2.11-1.fc42 in Fedora 42

↵ Return to the main page of python3-django
View build
Search for updates

Package Info
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2026-02-19 Michel Lind <salimma at fedoraproject dot org> - 5.2.11-1 - Update to version 5.2.11; Resolves: RHBZ#2427483 - `python-django5` is now the alternate `python3-django5` on Fedora 44+, `python3-django` is now Django 6.x - Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler - Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI - Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS - Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods - Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters - Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation - Fixed a bug in Django 5.2 where data exceeding max_length was silently truncated by QuerySet.bulk_create() on PostgreSQL - Fixed a bug where management command colorized help (introduced in Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting
2025-12-08 Michel Lind <salimma at fedoraproject dot org> - 5.2.9-1 - Update to version 5.2.9 - Fixes CVE-2025-13372: Potential SQL injection in FilteredRelation column aliases on PostgreSQL - Fixes CVE-2025-64460: Potential denial-of-service vulnerability in XML Deserializer - Fixes CVE-2025-64459: Potential SQL injection via _connector keyword argument (5.2.8) - Fixes CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB (5.2.7) - Fixes CVE-2025-59682: Potential partial directory-traversal via archive.extract() (5.2.7) - Fixes CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases (5.2.6)
2025-07-21 Michel Lind <salimma at fedoraproject dot org> - 5.2.4-1 - Update to version 5.2.4 - Skip test_strip_tags and test_parsing_errors on Python 3.14; Fixes: RHBZ#2374042
2025-06-09 Michel Lind <salimma at fedoraproject dot org> - 5.2.2-2 - Fix Quilt series
2025-06-09 Michel Lind <salimma at fedoraproject dot org> - 5.2.2-1 - Update to 5.2.2 - Fixes CVE-2025-32873: Denial-of-service possibility in strip_tags() - Fixes CVE-2025-48432: Potential log injection via unescaped request path
2025-04-04 Michel Lind <salimma at fedoraproject dot org> - 5.1.8-1 - Update to 5.1.8 - On Windows, this fixes CVE-2025-27556. Mentioning for compleness - Fixes a regression in Django 5.1.7 affecting LogEntryManager.log_actions() - #36234 - Remove legacy symlinks
2025-03-19 Tomáš Hrnčiar <thrnciar at redhat dot com> - 5.1.7-2 - Adjust patch to allow setuptools <77
2025-03-08 Michel Lind <salimma at fedoraproject dot org> - 5.1.7-1 - Update to version 5.1.7; Fixes: RHBZ#2350881 - Fix for CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.text.wrap()
2025-02-15 Michel Lind <salimma at fedoraproject dot org> - 5.1.6-1 - Initial package; Resolves: RHBZ#2345877

Dependencies

Provides

  • bundled(jquery)
  • bundled(select2)
  • bundled(xregexp)
  • python-django
  • python-django-impl
  • python3-django
  • python3.13-django
  • python3.13dist(django)
  • python3dist(django)

Files


Sources on Pagure