Package "python-jinja2-doc"

Name:	python-jinja2-doc
Description:	documentation for the Jinja2 Python library
Latest version:	2.8-1ubuntu0.1
Release:	xenial (16.04)
Level:	security
Repository:	main
Head package:	jinja2
Homepage:	http://jinja.pocoo.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "python-jinja2-doc"

All arch deb package

APT INSTALL

Other versions of "python-jinja2-doc" in Xenial

Repository	Area	Version
base	main	2.8-1
updates	main	2.8-1ubuntu0.1

Changelog

Version: 2.8-1ubuntu0.1 2019-06-06 13:08:45 UTC

jinja2 (2.8-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: sandbox escape via str.format - debian/patches/CVE-2016-10745-1.patch: support sandboxing in format expressions in jinja2/nodes.py, jinja2/sandbox.py. - debian/patches/CVE-2016-10745-2.patch: fix a name error for an uncommon attribute access in the sandbox in jinja2/sandbox.py. - CVE-2016-10745 * SECURITY UPDATE: sandbox escape via str.format_map - debian/patches/CVE-2019-10906.patch: properly sandbox format_map in jinja2/sandbox.py. - CVE-2019-10906 -- Marc Deslauriers <email address hidden> Tue, 14 May 2019 13:35:38 -0400

CVE-2016-10745	In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
CVE-2019-10906	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

About - Send Feedback to @ubuntu_updates

Package "python-jinja2-doc"

Links

Download "python-jinja2-doc"

Other versions of "python-jinja2-doc" in Xenial

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates