Summary: | <dev-python/jinja-2.10.1: str.format_map allows sandbox escape (CVE-2019-10906) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | python, vdupras |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
dev-python/jinja-2.10.1
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2019-05-13 14:52:48 UTC
*** Bug 685842 has been marked as a duplicate of this bug. *** The 2.10.1 ebuild is already in the tree. Arches, please stabilize. arm64 stable sparc stable amd64 stable x86 stable ia64 stable arm stable ppc stable ppc64 stable hppa stable s390 stable. Maintainer(s), please cleanup. Security, please vote. alpha is still missing. alpha stable. Maintainer(s), please cleanup. Security, please vote. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb32ce68d51df398d42cfed16b93a263381b5093 commit eb32ce68d51df398d42cfed16b93a263381b5093 Author: Virgil Dupras <vdupras@gentoo.org> AuthorDate: 2019-06-06 11:54:54 +0000 Commit: Virgil Dupras <vdupras@gentoo.org> CommitDate: 2019-06-06 11:54:54 +0000 dev-python/jinja: remove old Bug: https://bugs.gentoo.org/685844 Signed-off-by: Virgil Dupras <vdupras@gentoo.org> Package-Manager: Portage-2.3.66, Repoman-2.3.11 dev-python/jinja/Manifest | 2 - dev-python/jinja/jinja-2.10.ebuild | 72 ----------------------------------- dev-python/jinja/jinja-2.9.5.ebuild | 75 ------------------------------------- 3 files changed, 149 deletions(-) |