User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2014-7399 (python-jinja2)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 19 Update: python-jinja2-2.6-7.fc19
Date:  Sun, 22 Jun 2014 23:56:28 +0000
Message-ID:  <20140622235628.9A88120EDB@bastion01.phx2.fedoraproject.org>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-7399 2014-06-15 01:12:10 -------------------------------------------------------------------------------- Name : python-jinja2 Product : Fedora 19 Version : 2.6 Release : 7.fc19 URL : http://jinja.pocoo.org/ Summary : General purpose template engine Description : Jinja2 is a template engine written in pure Python. It provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. If you have any exposure to other text-based template languages, such as Smarty or Django, you should feel right at home with Jinja2. It's both designer and developer friendly by sticking to Python's principles and adding functionality useful for templating environments. -------------------------------------------------------------------------------- Update Information: Add patch to fix CVE-2014-1402. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 13 2014 Thomas Moschny <thomas.moschny@gmx.de> - 2.6-7 - Fix CVE-2014-1402 (using patch from RHSA-2014:0748). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1051421 - CVE-2014-1402 python-jinja2: FileSystemBytecodeCache insecure cache temporary file use https://bugzilla.redhat.com/show_bug.cgi?id=1051421 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-jinja2' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds