-
jinja2 (2.10.1-2ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: Cross-Site scripting in xmlattr filter
- debian/patches/CVE-2024-34064.patch: disallow invalid characters
in keys to xmlattr filter
- CVE-2024-34064
-- Nick Galanis <email address hidden> Tue, 21 May 2024 09:35:36 +0100
-
jinja2 (2.10.1-2ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: regular expression DoS
- debian/patches/CVE-2020-28493.patch: rewrite regex match for
punctuation in urlize() in jinja2/utils.py.
- CVE-2020-28493
* SECURITY UPDATE: Cross-Site scripting
- debian/patches/CVE-2024-22195.patch: disallow keys with spaces
in jinja2/filters.py, tests/test_filters.py.
- CVE-2024-22195
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 22 Jan 2024 07:14:05 -0300
-
jinja2 (2.10.1-2) unstable; urgency=medium
[ Ondřej Nový ]
* Use debhelper-compat instead of debian/compat.
* Bump Standards-Version to 4.4.1.
[ Thomas Goirand ]
* Team upload.
* Add py3.9-fix-collections-import.patch (Closes: #949018).
-- Thomas Goirand <email address hidden> Thu, 27 Feb 2020 11:49:32 +0100
-
jinja2 (2.10.1-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Runtime packages already suggest documentation, there is no need for
documentation to recommend opinionated (python2) runtime package. Drop
the recommends from the documentation package, to keep python2 demoted
in universe.
jinja2 (2.10.1-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Set Vcs-* to salsa.debian.org
* d/changelog: Remove trailing whitespaces
* d/control: Remove ancient X-Python-Version field
* d/control: Remove ancient X-Python3-Version field
* Convert git repository from git-dpm to gbp layout
[ Piotr Ożarowski ]
* New upstream release
* Standards-version bumped to 4.4.0 (no other changes needed)
-- Steve Langasek <email address hidden> Wed, 19 Feb 2020 13:35:57 -0800
-
jinja2 (2.10-2ubuntu2) focal; urgency=medium
* No-change rebuild to generate dependencies on python2.
-- Matthias Klose <email address hidden> Tue, 17 Dec 2019 12:34:40 +0000
-
jinja2 (2.10-2ubuntu1) eoan; urgency=medium
* Runtime packages already suggest documentation, there is no need for
documentation to recommend opinionated (python2) runtime package. Drop
the recommends from the documentation package, to keep python2 demoted
in universe.
-- Dimitri John Ledkov <email address hidden> Tue, 21 May 2019 23:02:39 +0100