jinja2 2.10-1ubuntu0.18.10.1 source package in Ubuntu

Changelog

jinja2 (2.10-1ubuntu0.18.10.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: sandbox escape via str.format_map
    - debian/patches/CVE-2019-10906.patch: properly sandbox format_map in
      jinja2/sandbox.py, tests/test_security.py.
    - CVE-2019-10906

 -- Marc Deslauriers <email address hidden>  Tue, 14 May 2019 13:28:19 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2019-05-14
Uploaded to:
Cosmic
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Cosmic updates on 2019-06-06 main python
Cosmic security on 2019-06-06 main python

Builds

Cosmic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
jinja2_2.10.orig.tar.gz 255.5 KiB f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4
jinja2_2.10-1ubuntu0.18.10.1.debian.tar.xz 7.5 KiB 78da76a5fff2bf74e029ad2c6c9653b4900b4f5fbb523d53f97f18fee1514dcb
jinja2_2.10-1ubuntu0.18.10.1.dsc 2.3 KiB 3b35b429ffa71644ba1efe0f51061eed7bf3b4f600a591be532fd9f6994476b6

View changes file

Binary packages built by this source

python-jinja2: small but fast and easy to use stand-alone template engine

 Jinja2 is a template engine written in pure Python. It provides a Django
 inspired non-XML syntax but supports inline expressions and an optional
 sandboxed environment.
 .
 The key-features are:
  * Configurable syntax. If you are generating LaTeX or other formats with
    Jinja2 you can change the delimiters to something that integrates better
    into the LaTeX markup.
  * Fast. While performance is not the primarily target of Jinja2 it’s
    surprisingly fast. The overhead compared to regular Python code was reduced
    to the very minimum.
  * Easy to debug. Jinja2 integrates directly into the Python traceback system
    which allows you to debug Jinja2 templates with regular Python debugging
    helpers.
  * Secure. It’s possible to evaluate untrusted template code if the optional
    sandbox is enabled. This allows Jinja2 to be used as templating language
    for applications where users may modify the template design.

python-jinja2-doc: documentation for the Jinja2 Python library

 Jinja2 is a small but fast and easy to use stand-alone template engine
 .
 This package contains the documentation for Jinja2 in HTML and
 reStructuredText formats.

python3-jinja2: small but fast and easy to use stand-alone template engine

 Jinja2 is a template engine written in pure Python. It provides a Django
 inspired non-XML syntax but supports inline expressions and an optional
 sandboxed environment.
 .
 The key-features are:
  * Configurable syntax. If you are generating LaTeX or other formats with
    Jinja2 you can change the delimiters to something that integrates better
    into the LaTeX markup.
  * Fast. While performance is not the primarily target of Jinja2 it’s
    surprisingly fast. The overhead compared to regular Python code was reduced
    to the very minimum.
  * Easy to debug. Jinja2 integrates directly into the Python traceback system
    which allows you to debug Jinja2 templates with regular Python debugging
    helpers.
  * Secure. It’s possible to evaluate untrusted template code if the optional
    sandbox is enabled. This allows Jinja2 to be used as templating language
    for applications where users may modify the template design.