Fedora Packages

python3-django-5.2.11-1.fc43 in Fedora 43

↵ Return to the main page of python3-django
View build
Search for updates

Package Info
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2026-02-19 Michel Lind <salimma at fedoraproject dot org> - 5.2.11-1 - Update to version 5.2.11; Resolves: RHBZ#2427483 - `python-django5` is now the alternate `python3-django5` on Fedora 44+, `python3-django` is now Django 6.x - Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler - Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI - Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS - Fixes CVE-2026-1285: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods - Fixes CVE-2026-1287: Potential SQL injection in column aliases via control characters - Fixes CVE-2026-1312: Potential SQL injection via QuerySet.order_by and FilteredRelation - Fixed a bug in Django 5.2 where data exceeding max_length was silently truncated by QuerySet.bulk_create() on PostgreSQL - Fixed a bug where management command colorized help (introduced in Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting
2026-01-17 Fedora Release Engineering <releng at fedoraproject dot org> - 5.2.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
2025-12-08 Michel Lind <salimma at fedoraproject dot org> - 5.2.9-1 - Update to version 5.2.9 - Fixes CVE-2025-13372: Potential SQL injection in FilteredRelation column aliases on PostgreSQL - Fixes CVE-2025-64460: Potential denial-of-service vulnerability in XML Deserializer - Fixes CVE-2025-64459: Potential SQL injection via _connector keyword argument (5.2.8) - Fixes CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() on MySQL and MariaDB (5.2.7) - Fixes CVE-2025-59682: Potential partial directory-traversal via archive.extract() (5.2.7) - Fixes CVE-2025-57833: Potential SQL injection in FilteredRelation column aliases (5.2.6)
2025-09-19 Python Maint <python dash maint at redhat dot com> - 5.2.4-4 - Rebuilt for Python 3.14.0rc3 bytecode
2025-08-15 Python Maint <python dash maint at redhat dot com> - 5.2.4-3 - Rebuilt for Python 3.14.0rc2 bytecode
2025-07-25 Fedora Release Engineering <releng at fedoraproject dot org> - 5.2.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
2025-07-21 Michel Lind <salimma at fedoraproject dot org> - 5.2.4-1 - Update to version 5.2.4 - Skip test_strip_tags and test_parsing_errors on Python 3.14; Fixes: RHBZ#2374042
2025-07-21 Python Maint <python dash maint at redhat dot com> - 5.2.2-3 - Unbootstrap for Python 3.14
2025-06-18 Python Maint <python dash maint at redhat dot com> - 5.2.2-2 - Bootstrap for Python 3.14.0b3 bytecode
2025-06-09 Michel Lind <salimma at fedoraproject dot org> - 5.2.2-1 - Update to 5.2.2 - Fixes CVE-2025-32873: Denial-of-service possibility in strip_tags() - Fixes CVE-2025-48432: Potential log injection via unescaped request path

Dependencies

Provides

  • bundled(jquery)
  • bundled(select2)
  • bundled(xregexp)
  • python-django
  • python-django-impl
  • python3-django
  • python3.14-django
  • python3.14dist(django)
  • python3dist(django)

Files


Sources on Pagure