From 71b5ca4be4166253a9254ff688cbf2963640c19bf8300f5828db5f85bfa62940 Mon Sep 17 00:00:00 2001 From: Thomas Bechtold Date: Tue, 30 Apr 2019 03:47:17 +0000 Subject: [PATCH 1/2] - update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341): OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=69 --- python-Jinja2.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-Jinja2.changes b/python-Jinja2.changes index 00521d2..6592ad5 100644 --- a/python-Jinja2.changes +++ b/python-Jinja2.changes @@ -6,7 +6,7 @@ Sat Apr 13 16:46:23 UTC 2019 - Jan Engelhardt ------------------------------------------------------------------- Sat Apr 13 03:06:31 UTC 2019 - Arun Persaud -- update to version 2.10.1 (bsc#1132323, CVE-2019-10906): +- update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341): * "SandboxedEnvironment" securely handles "str.format_map" in order to prevent code execution through untrusted format strings. The sandbox already handled "str.format". From 70c95b1a56f52f793f1612f277c3b72c2e513d3fadb99ac3586ba2308cd33d42 Mon Sep 17 00:00:00 2001 From: Thomas Bechtold Date: Tue, 30 Apr 2019 03:52:25 +0000 Subject: [PATCH 2/2] - Update to 2.9.5 (bsc#1132174, CVE-2016-10745) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Jinja2?expand=0&rev=70 --- python-Jinja2.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-Jinja2.changes b/python-Jinja2.changes index 6592ad5..53c0621 100644 --- a/python-Jinja2.changes +++ b/python-Jinja2.changes @@ -100,7 +100,7 @@ Wed Mar 22 04:39:40 UTC 2017 - dmueller@suse.com ------------------------------------------------------------------- Wed Mar 15 13:55:57 UTC 2017 - michael@stroeder.com -- Update to 2.9.5 +- Update to 2.9.5 (bsc#1132174, CVE-2016-10745) (see the changes in /usr/share/doc/packages/python-Jinja2/CHANGES) - updated source URL