Ubuntu
jinja2 package

Change logs for jinja2 source package in Focal

  1. Focal (20.04)
  2. Change log 
  • jinja2 (2.10.1-2ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: Cross-Site scripting in xmlattr filter
    - debian/patches/CVE-2024-34064.patch: disallow invalid characters
      in keys to xmlattr filter
    - CVE-2024-34064

 -- Nick Galanis <email address hidden>  Tue, 21 May 2024 09:35:36 +0100
  • jinja2 (2.10.1-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: regular expression DoS
    - debian/patches/CVE-2020-28493.patch: rewrite regex match for
      punctuation in urlize() in jinja2/utils.py.
    - CVE-2020-28493
  * SECURITY UPDATE: Cross-Site scripting
    - debian/patches/CVE-2024-22195.patch: disallow keys with spaces
      in jinja2/filters.py, tests/test_filters.py.
    - CVE-2024-22195

 -- Leonidas Da Silva Barbosa <email address hidden>  Mon, 22 Jan 2024 07:14:05 -0300
  • jinja2 (2.10.1-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * Use debhelper-compat instead of debian/compat.
  * Bump Standards-Version to 4.4.1.

  [ Thomas Goirand ]
  * Team upload.
  * Add py3.9-fix-collections-import.patch (Closes: #949018).

 -- Thomas Goirand <email address hidden>  Thu, 27 Feb 2020 11:49:32 +0100
  • jinja2 (2.10.1-1ubuntu1) focal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Runtime packages already suggest documentation, there is no need for
      documentation to recommend opinionated (python2) runtime package. Drop
      the recommends from the documentation package, to keep python2 demoted
      in universe.

jinja2 (2.10.1-1) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/changelog: Remove trailing whitespaces
  * d/control: Remove ancient X-Python-Version field
  * d/control: Remove ancient X-Python3-Version field
  * Convert git repository from git-dpm to gbp layout

  [ Piotr Ożarowski ]
  * New upstream release
  * Standards-version bumped to 4.4.0 (no other changes needed)

 -- Steve Langasek <email address hidden>  Wed, 19 Feb 2020 13:35:57 -0800
  • jinja2 (2.10-2ubuntu2) focal; urgency=medium

  * No-change rebuild to generate dependencies on python2.

 -- Matthias Klose <email address hidden>  Tue, 17 Dec 2019 12:34:40 +0000
  • jinja2 (2.10-2ubuntu1) eoan; urgency=medium

  * Runtime packages already suggest documentation, there is no need for
    documentation to recommend opinionated (python2) runtime package. Drop
    the recommends from the documentation package, to keep python2 demoted
    in universe.

 -- Dimitri John Ledkov <email address hidden>  Tue, 21 May 2019 23:02:39 +0100