jinja2 2.10-1ubuntu0.18.04.1 source package in Ubuntu

Changelog

jinja2 (2.10-1ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: sandbox escape via str.format_map
    - debian/patches/CVE-2019-10906.patch: properly sandbox format_map in
      jinja2/sandbox.py, tests/test_security.py.
    - CVE-2019-10906

 -- Marc Deslauriers <email address hidden>  Tue, 14 May 2019 13:28:19 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2019-05-14
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates on 2019-06-06 main python
Bionic security on 2019-06-06 main python

Builds

Bionic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
jinja2_2.10.orig.tar.gz 255.5 KiB f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4
jinja2_2.10-1ubuntu0.18.04.1.debian.tar.xz 7.5 KiB 1ebb58e25ac2ed44ca61590755977e1f72b7886d514bf29d6a2cef4e1cd50d22
jinja2_2.10-1ubuntu0.18.04.1.dsc 2.3 KiB e017fc39c2c0ae09ef51ddf0261a0d6f1cace18e3383870b4a8d08d538e3281d

View changes file

Binary packages built by this source

python-jinja2: small but fast and easy to use stand-alone template engine

 Jinja2 is a template engine written in pure Python. It provides a Django
 inspired non-XML syntax but supports inline expressions and an optional
 sandboxed environment.
 .
 The key-features are:
  * Configurable syntax. If you are generating LaTeX or other formats with
    Jinja2 you can change the delimiters to something that integrates better
    into the LaTeX markup.
  * Fast. While performance is not the primarily target of Jinja2 it’s
    surprisingly fast. The overhead compared to regular Python code was reduced
    to the very minimum.
  * Easy to debug. Jinja2 integrates directly into the Python traceback system
    which allows you to debug Jinja2 templates with regular Python debugging
    helpers.
  * Secure. It’s possible to evaluate untrusted template code if the optional
    sandbox is enabled. This allows Jinja2 to be used as templating language
    for applications where users may modify the template design.

python-jinja2-doc: documentation for the Jinja2 Python library

 Jinja2 is a small but fast and easy to use stand-alone template engine
 .
 This package contains the documentation for Jinja2 in HTML and
 reStructuredText formats.

python3-jinja2: small but fast and easy to use stand-alone template engine

 Jinja2 is a template engine written in pure Python. It provides a Django
 inspired non-XML syntax but supports inline expressions and an optional
 sandboxed environment.
 .
 The key-features are:
  * Configurable syntax. If you are generating LaTeX or other formats with
    Jinja2 you can change the delimiters to something that integrates better
    into the LaTeX markup.
  * Fast. While performance is not the primarily target of Jinja2 it’s
    surprisingly fast. The overhead compared to regular Python code was reduced
    to the very minimum.
  * Easy to debug. Jinja2 integrates directly into the Python traceback system
    which allows you to debug Jinja2 templates with regular Python debugging
    helpers.
  * Secure. It’s possible to evaluate untrusted template code if the optional
    sandbox is enabled. This allows Jinja2 to be used as templating language
    for applications where users may modify the template design.