- update to 3.1.4 (bsc#1223980, CVE-2024-34064):

* The xmlattr filter does not allow keys with / solidus, >
    greater-than sign, or = equals sign, in addition to disallowing
    spaces. Regardless of any validation done by Jinja, user input
    should never be used as keys to this filter, or must be separately
    validated first.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=110

Jinja2-3.1.3.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90
-size 268261

python-Jinja2.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Mon May  6 18:10:40 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 3.1.4 (bsc#1223980, CVE-2024-34064):
+  * The xmlattr filter does not allow keys with / solidus, >
+    greater-than sign, or = equals sign, in addition to disallowing
+    spaces. Regardless of any validation done by Jinja, user input
+    should never be used as keys to this filter, or must be separately
+    validated first.
+
 -------------------------------------------------------------------
 Mon Jan 29 10:10:29 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
 

python-Jinja2.spec

@@ -16,7 +16,6 @@
 #
 
 
-%define skip_python2 1
 %ifarch %{ix86} armv7l
 %bcond_with test
 %else
@@ -24,16 +23,18 @@
 %endif
 %{?sle15_python_module_pythons}
 Name:           python-Jinja2
-Version:        3.1.3
+Version:        3.1.4
 Release:        0
 Summary:        A template engine written in pure Python
 License:        BSD-3-Clause
 URL:            https://jinja.palletsprojects.com
-Source:         https://files.pythonhosted.org/packages/source/J/Jinja2/Jinja2-%{version}.tar.gz
+Source:         https://files.pythonhosted.org/packages/source/J/Jinja2/jinja2-%{version}.tar.gz
 BuildRequires:  %{python_module MarkupSafe >= 0.23}
 BuildRequires:  %{python_module base >= 3.7}
+BuildRequires:  %{python_module flit-core}
+BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pytest}
-BuildRequires:  %{python_module setuptools}
+BuildRequires:  %{python_module wheel}
 BuildRequires:  dos2unix
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
@@ -51,14 +52,13 @@ inspired non-XML syntax but supports inline expressions and an optional
 sandboxed environment.
 
 %prep
-%setup -q -n Jinja2-%{version}
+%setup -q -n jinja2-%{version}
-dos2unix LICENSE.rst # Fix wrong EOL encoding
 
 %build
-%python_build
+%pyproject_wheel
 
 %install
-%python_install
+%pyproject_install
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 
 %check
@@ -70,9 +70,9 @@ donttest="test_striptags"
 %endif
 
 %files %{python_files}
-%license LICENSE.rst
+%license LICENSE.txt
-%doc README.rst CHANGES.rst artwork examples
+%doc README.md docs/changes.rst docs/examples
 %{python_sitelib}/jinja2
-%{python_sitelib}/Jinja2-%{version}-py%{python_version}.egg-info
+%{python_sitelib}/jinja2-%{version}.dist-info
 
 %changelog