Описание
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues:
Security issue fixed:
- CVE-2016-10745: Fixed a sandbox escape caused by an information disclosure via str.format
Список пакетов
SUSE Linux Enterprise Module for Advanced Systems Management 12
python-Jinja2-2.8-19.17.1
python3-Jinja2-2.8-19.17.1
SUSE Linux Enterprise Module for Public Cloud 12
python-Jinja2-2.8-19.17.1
python3-Jinja2-2.8-19.17.1
SUSE Manager Client Tools 12
python-Jinja2-2.8-19.17.1
python3-Jinja2-2.8-19.17.1
Ссылки
- Link for SUSE-SU-2019:1323-1
- E-Mail link for SUSE-SU-2019:1323-1
- SUSE Security Ratings
- SUSE Bug 1132174
- SUSE CVE CVE-2016-10745 page
Описание
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
Затронутые продукты
SUSE Linux Enterprise Module for Advanced Systems Management 12:python-Jinja2-2.8-19.17.1
SUSE Linux Enterprise Module for Advanced Systems Management 12:python3-Jinja2-2.8-19.17.1
SUSE Linux Enterprise Module for Public Cloud 12:python-Jinja2-2.8-19.17.1
SUSE Linux Enterprise Module for Public Cloud 12:python3-Jinja2-2.8-19.17.1
Ссылки
- CVE-2016-10745
- SUSE Bug 1132174