jinja2 2.10.1-2ubuntu0.6 source package in Ubuntu
Changelog
jinja2 (2.10.1-2ubuntu0.6) focal-security; urgency=medium
* SECURITY REGRESSION: Arbitrary code execution via |attr filter bypass
- debian/patches/CVE-2025-27516.patch: Replace getattr_static with an
equivalent Python 2 compatible function
- CVE-2025-27516
-- John Breton <email address hidden> Wed, 12 Mar 2025 12:53:04 -0400
Upload details
- Uploaded by:
- John Breton
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | main | python | |
| Focal | security | main | python |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| jinja2_2.10.1.orig.tar.gz | 254.8 KiB | 065c4f02ebe7f7cf559e49ee5a95fb800a9e4528727aec6f24402a5374c65013 |
| jinja2_2.10.1-2ubuntu0.6.debian.tar.xz | 13.8 KiB | 4fff3ac1c87e38340372c8588fd5c51c66123c9eefa6f422ace8c28157b3d342 |
| jinja2_2.10.1-2ubuntu0.6.dsc | 2.2 KiB | 97e4c118e7cf59135dcf83d617486c94990c9744e27f3e87396ee5df5aa8ea31 |
Available diffs
- diff from 2.10.1-2ubuntu0.5 to 2.10.1-2ubuntu0.6 (1023 bytes)
Binary packages built by this source
- python-jinja2: small but fast and easy to use stand-alone template engine
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
The key-features are:
* Configurable syntax. If you are generating LaTeX or other formats with
Jinja2 you can change the delimiters to something that integrates better
into the LaTeX markup.
* Fast. While performance is not the primarily target of Jinja2 it’s
surprisingly fast. The overhead compared to regular Python code was reduced
to the very minimum.
* Easy to debug. Jinja2 integrates directly into the Python traceback system
which allows you to debug Jinja2 templates with regular Python debugging
helpers.
* Secure. It’s possible to evaluate untrusted template code if the optional
sandbox is enabled. This allows Jinja2 to be used as templating language
for applications where users may modify the template design.
- python-jinja2-doc: documentation for the Jinja2 Python library
Jinja2 is a small but fast and easy to use stand-alone template engine
.
This package contains the documentation for Jinja2 in HTML and
reStructuredText formats.
- python3-jinja2: small but fast and easy to use stand-alone template engine
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
The key-features are:
* Configurable syntax. If you are generating LaTeX or other formats with
Jinja2 you can change the delimiters to something that integrates better
into the LaTeX markup.
* Fast. While performance is not the primarily target of Jinja2 it’s
surprisingly fast. The overhead compared to regular Python code was reduced
to the very minimum.
* Easy to debug. Jinja2 integrates directly into the Python traceback system
which allows you to debug Jinja2 templates with regular Python debugging
helpers.
* Secure. It’s possible to evaluate untrusted template code if the optional
sandbox is enabled. This allows Jinja2 to be used as templating language
for applications where users may modify the template design.
