Skip to content

chore(deps): bump django from 6.0.3 to 6.0.7#9681

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/django-6.0.7
Open

chore(deps): bump django from 6.0.3 to 6.0.7#9681
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/django-6.0.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps django from 6.0.3 to 6.0.7.

Commits
  • e2a4246 [6.0.x] Bumped version for 6.0.7 release.
  • a5de13f [6.0.x] Fixed CVE-2026-53878 -- Prevented newlines from being accepted in Dom...
  • 38dfbd2 [6.0.x] Fixed CVE-2026-53877 -- Prevented heap buffer over-read when creating...
  • 64f9a2b [6.0.x] Fixed CVE-2026-48588 -- Prevented caching of responses that set cooki...
  • c26957a [6.0.x] Fixed flatpages synopsis in docs.
  • 0b60f44 [6.0.x] Added FILE_UPLOAD_DIRECTORY_PERMISSIONS to docs settings index.
  • d928e30 [6.0.x] Fixed #37172 -- Linked to upload handlers section in FILE_UPLOAD_* se...
  • e18935c [6.0.x] Fixed #37158 -- Reordered the contribution checklist sections.
  • 490eb9c [6.0.x] Fixed document referenced in multiple toctrees warning in docs/intern...
  • 748a9b5 [6.0.x] Fixed duplicate target name in docs/internals/howto-release-django.txt.
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the dependencies Bot PRs that update dependencies label Jul 8, 2026
Bumps [django](https://github.com/django/django) from 6.0.3 to 6.0.7.
- [Commits](django/django@6.0.3...6.0.7)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 6.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/django-6.0.7 branch from 4ce0bae to 9026d21 Compare July 8, 2026 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Bot PRs that update dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants