diff -Nru jinja2-2.7.2/debian/changelog jinja2-2.7.2/debian/changelog
--- jinja2-2.7.2/debian/changelog	2014-01-10 20:01:26.000000000 +0000
+++ jinja2-2.7.2/debian/changelog	2014-01-12 14:19:57.000000000 +0000
@@ -1,3 +1,10 @@
+jinja2 (2.7.2-2) unstable; urgency=high
+
+  * Add fix_CVE-2014-1402 patch which uses tempfile.mkdtemp to create
+    cache dir (closes: 734956)
+
+ -- Piotr Ożarowski <piotr@debian.org>  Sun, 12 Jan 2014 15:09:04 +0100
+
 jinja2 (2.7.2-1) unstable; urgency=high
 
   * New upstream release
diff -Nru jinja2-2.7.2/debian/patches/fix_CVE-2014-0012.patch jinja2-2.7.2/debian/patches/fix_CVE-2014-0012.patch
--- jinja2-2.7.2/debian/patches/fix_CVE-2014-0012.patch	1970-01-01 00:00:00.000000000 +0000
+++ jinja2-2.7.2/debian/patches/fix_CVE-2014-0012.patch	2014-01-12 14:16:16.000000000 +0000
@@ -0,0 +1,13 @@
+Index: jinja2-2.7.2/jinja2/bccache.py
+===================================================================
+--- jinja2-2.7.2.orig/jinja2/bccache.py
++++ jinja2-2.7.2/jinja2/bccache.py
+@@ -206,7 +206,7 @@ class FileSystemBytecodeCache(BytecodeCa
+ 
+     def __init__(self, directory=None, pattern='__jinja2_%s.cache'):
+         if directory is None:
+-            directory = self._get_default_cache_dir()
++            directory = tempfile.mkdtemp(prefix='jinja2-cache-')
+         self.directory = directory
+         self.pattern = pattern
+ 
diff -Nru jinja2-2.7.2/debian/patches/series jinja2-2.7.2/debian/patches/series
--- jinja2-2.7.2/debian/patches/series	2013-05-25 21:17:12.000000000 +0000
+++ jinja2-2.7.2/debian/patches/series	2014-01-12 14:06:21.000000000 +0000
@@ -1,2 +1,3 @@
 drop_next_import_from_docs-jinjaext.patch
 jinja2-typos.patch
+fix_CVE-2014-0012.patch