
Django security releases issued: 6.0.7 and 5.2.16
Django 6.0.7 and 5.2.16 fix three low-severity security issues involving cached Set-Cookie responses, GDALRaster heap buffer over-read, and DomainNameValidator accepting newlines. The Django team recommends upgrading supported versions as soon as possible, with patches applied to main, 6.1 beta, 6.0, and 5.2 branches.
djangoproject.com/weblog/2026/ju…
English