Fixes CVE-2025-13473: Username enumeration through timing difference in mod_wsgi authentication handler Fixes CVE-2025-14550: Potential denial-of-service vulnerability via repeated headers when using ASGI Fixes CVE-2026-1207: Potential SQL injection via raster lookups on PostGIS

Source: Fedora 42 python-django5 Critical SQL Injection DoS Fixes 2026-00b5bf3150