-
jinja2 (3.1.2-1ubuntu1.1) noble-security; urgency=medium
* SECURITY UPDATE: Cross-Site scripting in xmlattr filter
- debian/patches/CVE-2024-34064.patch: disallow invalid characters
in keys to xmlattr filter
- CVE-2024-34064
-- Nick Galanis <email address hidden> Tue, 21 May 2024 15:32:08 +0100
-
jinja2 (3.1.2-1ubuntu1) noble; urgency=medium
* SECURITY UPDATE: Cross-Site scripting
- debian/patches/CVE-2024-22195.patch: disallow keys with spaces
in jinja2/filters.py, tests/test_filters.py.
- CVE-2024-22195
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 18 Jan 2024 08:40:53 -0300
-
jinja2 (3.1.2-1) unstable; urgency=medium
[ Thomas Goirand ]
* Add python3-pytest as build-depends (now run tests at build time).
* Add autopkgtest.
[ Piotr Ożarowski ]
* New upstream release (closes: 1025808, 1023637)
* Add 0003-fix-nose-leftovers patch
* Bump minimum required python3-pallets-sphinx-themes build dependency
(closes: 1005864)
-- Piotr Ożarowski <email address hidden> Fri, 24 Feb 2023 16:15:45 +0100