Skip to content

chore(deps): bump django from 6.0.3 to 6.0.7 in /requirements#9682

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/requirements/django-6.0.7
Open

chore(deps): bump django from 6.0.3 to 6.0.7 in /requirements#9682
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/requirements/django-6.0.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps django from 6.0.3 to 6.0.7.

Commits
  • e2a4246 [6.0.x] Bumped version for 6.0.7 release.
  • a5de13f [6.0.x] Fixed CVE-2026-53878 -- Prevented newlines from being accepted in Dom...
  • 38dfbd2 [6.0.x] Fixed CVE-2026-53877 -- Prevented heap buffer over-read when creating...
  • 64f9a2b [6.0.x] Fixed CVE-2026-48588 -- Prevented caching of responses that set cooki...
  • c26957a [6.0.x] Fixed flatpages synopsis in docs.
  • 0b60f44 [6.0.x] Added FILE_UPLOAD_DIRECTORY_PERMISSIONS to docs settings index.
  • d928e30 [6.0.x] Fixed #37172 -- Linked to upload handlers section in FILE_UPLOAD_* se...
  • e18935c [6.0.x] Fixed #37158 -- Reordered the contribution checklist sections.
  • 490eb9c [6.0.x] Fixed document referenced in multiple toctrees warning in docs/intern...
  • 748a9b5 [6.0.x] Fixed duplicate target name in docs/internals/howto-release-django.txt.
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the dependencies Bot PRs that update dependencies label Jul 8, 2026
Bumps [django](https://github.com/django/django) from 6.0.3 to 6.0.7.
- [Commits](django/django@6.0.3...6.0.7)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 6.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/requirements/django-6.0.7 branch from c684c99 to b87fb31 Compare July 8, 2026 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Bot PRs that update dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants