[ubuntu/focal-security] jinja2 2.10.1-2ubuntu0.2 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Thu Jan 25 16:14:38 UTC 2024
jinja2 (2.10.1-2ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: regular expression DoS
- debian/patches/CVE-2020-28493.patch: rewrite regex match for
punctuation in urlize() in jinja2/utils.py.
- CVE-2020-28493
* SECURITY UPDATE: Cross-Site scripting
- debian/patches/CVE-2024-22195.patch: disallow keys with spaces
in jinja2/filters.py, tests/test_filters.py.
- CVE-2024-22195
Date: 2024-01-25 14:46:12.966477+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/jinja2/2.10.1-2ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list