diff --git a/Django-4.2.14.tar.gz b/Django-4.2.15.tar.gz
similarity index 57%
rename from Django-4.2.14.tar.gz
rename to Django-4.2.15.tar.gz
index 1adca203d4c84ae31f3a0798fc6ab4c1ee276b95..c77fade850f7089ec82208edd58c16b145e211f3 100644
Binary files a/Django-4.2.14.tar.gz and b/Django-4.2.15.tar.gz differ
diff --git a/python-django.spec b/python-django.spec
index 9642cfc143a641309a94e5e639d14e660e739d69..ac31c22ebd5ede1bdfe9bf33ac003ebef19403a6 100644
--- a/python-django.spec
+++ b/python-django.spec
@@ -1,6 +1,6 @@
 %global _empty_manifest_terminate_build 0
 Name:		python-django
-Version:	4.2.14
+Version:	4.2.15
 Release:	1
 Summary:	A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
 License:	Apache-2.0 and Python-2.0 and BSD-3-Clause
@@ -72,6 +72,14 @@ mv %{buildroot}/doclist.lst .
 %{_docdir}/*
 
 %changelog
+* Thu Aug 08 2024 yaoxin <yao_xin001@hoperun.com> - 4.2.15-1
+- Update to 4.2.15
+  * CVE-2024-41989: Memory exhaustion in ``django.utils.numberformat.floatformat()``
+  * CVE-2024-41990: Potential denial-of-service vulnerability in ``django.utils.html.urlize()``
+  * CVE-2024-41991: Potential denial-of-service vulnerability in ``django.utils.html.urlize()`` and ``AdminURLFieldWidget``
+  * CVE-2024-42005: Potential SQL injection in ``QuerySet.values()`` and ``values_list()``
+  * Fixed a regression in Django 4.2.14 that caused a crash in ``LocaleMiddleware`` when processing a language code over 500 characters
+
 * Fri Jul 12 2024 yaoxin <yao_xin001@hoperun.com> - 4.2.14-1
 - Update to 4.2.14
   * CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize()