django-sendfile2 v0.6.0 has been released to PyPI and it's a security release.
Get it here: https://pypi.org/project/django-sendfile2/0.6.0/
More details about the security issue that was fixed by this release can be found here: https://github.com/moggers87/django-sendfile2/security/advisories/GHSA-6r3c-8xf3-ggrr
Thanks to Gianluca Pacchiella for reporting this issue and for providing the initial patch.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!