Security update for python-Jinja2
This update for python-Jinja2 to version 2.10.1 fixes the following issues:
Security issues fixed:
- CVE-2019-8341: Fixed a command injection in from_string() (bsc#1125815).
- CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format (bsc#1132323).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Thomas Bechtold (tbechtold)
Fixed bugs
bnc#1132174
VUL-0: CVE-2016-10745: python-Jinja2: Sandbox escape due to information disclosure via str.format
bnc#1132323
VUL-0: CVE-2019-10906: python-Jinja2: Sandbox escape due to information disclosure via str.format
bnc#1125815
VUL-0: CVE-2019-8341: python-Jinja2: command injection in function from_string
