Request 850784: Submit python-Jinja2 - openSUSE Build Service

This request is superseded by request 851364 (Show diff)

Overview

Request 850784 superseded

- add 0001-sandbox-str.format_map.patch (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341)
* "SandboxedEnvironment" securely handles "str.format_map" in order
to prevent code execution through untrusted format strings. The
sandbox already handled "str.format".
- add 0001-SECURITY-support-sandboxing-in-format-expressions.patch (bsc#1132174, CVE-2016-10745)

Created by jgrassler over 3 years ago
In state superseded
Superseded by 851364

Submit python-Jinja2

Comments for request 850784 0

Login required, please login in order to comment

Request History

jgrassler created request over 3 years ago

- add 0001-sandbox-str.format_map.patch (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341)
* "SandboxedEnvironment" securely handles "str.format_map" in order
to prevent code execution through untrusted format strings. The
sandbox already handled "str.format".
- add 0001-SECURITY-support-sandboxing-in-format-expressions.patch (bsc#1132174, CVE-2016-10745)

jzerebecki declined request over 3 years ago

0001-sandbox-str.format_map.patch has a missing a comma on the line before the
3rd to last addition.

jgrassler superseded request over 3 years ago

superseded by 851364

openSUSE Build Service is sponsored by