Skip to content

chore(deps): bump django from 6.0.3 to 6.0.6 in /requirements#9582

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/requirements/django-6.0.6
Closed

chore(deps): bump django from 6.0.3 to 6.0.6 in /requirements#9582
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/requirements/django-6.0.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026

Copy link
Copy Markdown
Contributor

Bumps django from 6.0.3 to 6.0.6.

Commits
  • ee93f65 [6.0.x] Bumped version for 6.0.6 release.
  • 1721035 [6.0.x] Fixed CVE-2026-48587 -- Ignored whitespace padding when checking Vary...
  • 664652f [6.0.x] Fixed CVE-2026-35193 -- Varied on Authorization when caching non-publ...
  • b433025 [6.0.x] Fixed CVE-2026-8404 -- Used Cache-Control directives case-insensitive...
  • 625a670 [6.0.x] Fixed CVE-2026-7666 -- Delayed setting SMTP connection until fully co...
  • c807d9c [6.0.x] Fixed CVE-2026-6873 -- Prevented signed cookie salt namespace collisi...
  • 98a75e3 [6.0.x] Included commit hash in checksum file when building artifacts for rel...
  • dd895d6 [6.0.x] Updated translations from Transifex.
  • 49ca2db [6.0.x] Updated links to severity levels in release notes.
  • c9f32a2 [6.0.x] Added stub release notes and release date for 6.0.6 and 5.2.15.
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added the dependencies Bot PRs that update dependencies label Jun 3, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/requirements/django-6.0.6 branch 5 times, most recently from 9d62617 to b93766e Compare June 29, 2026 16:01
Bumps [django](https://github.com/django/django) from 6.0.3 to 6.0.6.
- [Commits](django/django@6.0.3...6.0.6)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 6.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/requirements/django-6.0.6 branch from b93766e to 76b9ae1 Compare June 30, 2026 15:39
@dependabot @github

dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #9682.

@dependabot dependabot Bot closed this Jul 8, 2026
@dependabot dependabot Bot deleted the dependabot/pip/requirements/django-6.0.6 branch July 8, 2026 02:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Bot PRs that update dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants