jinja2 2.6-1ubuntu0.2 source package in Ubuntu
Changelog
jinja2 (2.6-1ubuntu0.2) precise-security; urgency=medium [ Marc Deslauriers ] * SECURITY UPDATE: sandbox escape via str.format - debian/patches/CVE-2016-10745-1.patch: support sandboxing in format expressions in jinja2/nodes.py, jinja2/sandbox.py. - debian/patches/CVE-2016-10745-2.patch: fix a name error for an uncommon attribute access in the sandbox in jinja2/sandbox.py. - debian/patches/CVE-2016-10745-3.patch: adding types and EscapeFormatter class to support the fixes from this CVE in jinja2/sandbox.py. - CVE-2016-10745 * SECURITY UPDATE: sandbox escape via str.format_map - debian/patches/CVE-2019-10906.patch: properly sandbox format_map in jinja2/sandbox.py. - CVE-2019-10906 -- <email address hidden> (Leonidas S. Barbosa) Wed, 15 May 2019 10:40:54 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Precise | updates | main | python | |
Precise | security | main | python |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
jinja2_2.6.orig.tar.gz | 380.6 KiB | a85e185375db75c109f99ecde3d55415f035e7068a82252cf4f16c667ac38f49 |
jinja2_2.6-1ubuntu0.2.debian.tar.gz | 11.5 KiB | 14a481d05f2c5940db9cb71955298f4228bd88dcdea92642bd59742af35dceb8 |
jinja2_2.6-1ubuntu0.2.dsc | 2.4 KiB | 1797fe9212ac82bf5911ab808d2d930700d2eb41e76dd23eab5d2f3046845d11 |
Available diffs
Binary packages built by this source
- python-jinja2: small but fast and easy to use stand-alone template engine
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
The key-features are:
* Configurable syntax. If you are generating LaTeX or other formats with
Jinja2 you can change the delimiters to something that integrates better
into the LaTeX markup.
* Fast. While performance is not the primarily target of Jinja2 it’s
surprisingly fast. The overhead compared to regular Python code was reduced
to the very minimum.
* Easy to debug. Jinja2 integrates directly into the Python traceback system
which allows you to debug Jinja2 templates with regular Python debugging
helpers.
* Secure. It’s possible to evaluate untrusted template code if the optional
sandbox is enabled. This allows Jinja2 to be used as templating language
for applications where users may modify the template design.
- python-jinja2-dbg: small but fast and easy to use stand-alone template engine
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
This package contains the extension built for the Python debug interpreter.
- python-jinja2-dbgsym: debug symbols for package python-jinja2
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
The key-features are:
* Configurable syntax. If you are generating LaTeX or other formats with
Jinja2 you can change the delimiters to something that integrates better
into the LaTeX markup.
* Fast. While performance is not the primarily target of Jinja2 it’s
surprisingly fast. The overhead compared to regular Python code was reduced
to the very minimum.
* Easy to debug. Jinja2 integrates directly into the Python traceback system
which allows you to debug Jinja2 templates with regular Python debugging
helpers.
* Secure. It’s possible to evaluate untrusted template code if the optional
sandbox is enabled. This allows Jinja2 to be used as templating language
for applications where users may modify the template design.
- python-jinja2-doc: documentation for the Jinja2 Python library
Jinja2 is a small but fast and easy to use stand-alone template engine
.
This package contains the documentation for Jinja2 in HTML and
reStructuredText formats.
- python3-jinja2: small but fast and easy to use stand-alone template engine
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
The key-features are:
* Configurable syntax. If you are generating LaTeX or other formats with
Jinja2 you can change the delimiters to something that integrates better
into the LaTeX markup.
* Fast. While performance is not the primarily target of Jinja2 it’s
surprisingly fast. The overhead compared to regular Python code was reduced
to the very minimum.
* Easy to debug. Jinja2 integrates directly into the Python traceback system
which allows you to debug Jinja2 templates with regular Python debugging
helpers.
* Secure. It’s possible to evaluate untrusted template code if the optional
sandbox is enabled. This allows Jinja2 to be used as templating language
for applications where users may modify the template design.
- python3-jinja2-dbg: small but fast and easy to use stand-alone template engine
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
This package contains the extension built for the Python debug interpreter.
- python3-jinja2-dbgsym: debug symbols for package python3-jinja2
Jinja2 is a template engine written in pure Python. It provides a Django
inspired non-XML syntax but supports inline expressions and an optional
sandboxed environment.
.
The key-features are:
* Configurable syntax. If you are generating LaTeX or other formats with
Jinja2 you can change the delimiters to something that integrates better
into the LaTeX markup.
* Fast. While performance is not the primarily target of Jinja2 it’s
surprisingly fast. The overhead compared to regular Python code was reduced
to the very minimum.
* Easy to debug. Jinja2 integrates directly into the Python traceback system
which allows you to debug Jinja2 templates with regular Python debugging
helpers.
* Secure. It’s possible to evaluate untrusted template code if the optional
sandbox is enabled. This allows Jinja2 to be used as templating language
for applications where users may modify the template design.