This update for python-Django fixes the following issues:

- CVE-2022-41323: Fixed potential denial-of-service vulnerability in internationalized URLs (boo#1203793)
- CVE-2022-36359: Fixed a potential reflected file download vulnerability in FileResponse (boo#1201923)

- Update from 2.2.12 to 2.2.28 (boo#1198297)

  * Many CVEs fixes (check https://github.com/django/django/blob/main/docs/releases/)

  2.2.28:

  - CVE-2022-28346: Fixed potential SQL injection in QuerySet.annotate(), aggregate(), and extra() (bsc#1198398)
  - CVE-2022-28347: Fixed potential SQL injection via QuerySet.explain(**options) (bsc#1198399)

  2.2.27:

  - CVE-2022-22818: Fixed possible XSS via ``{% debug %}`` template tag (bsc#1195086)
  - CVE-2022-23833: Fixed denial-of-service possibility in file uploads (bsc#1195088)

  2.2.26: 

  - CVE-2021-45115: Denial-of-service possibility in ``UserAttributeSimilarityValidator`` (bsc#1194115)
  - CVE-2021-45116: Potential information disclosure in ``dictsort`` template filter (bsc#1194117)
  - CVE-2021-45452: Potential directory-traversal via ``Storage.save()`` (bsc#)

  2.2.25:

  - CVE-2021-44420: Potential bypass of an upstream access control based on URL paths (bsc#1193240)

  2.2.24:

  - CVE-2021-33203: Potential directory traversal via ``admindocs``
  - CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses

  2.2.23:

  - regression fix

  2.2.22:

  - CVE-2021-32052: Header injection possibility since ``URLValidator`` accepted newlines in input on Python 3.9.5+