[ALSA-2019:1152] Important: python-jinja2 security update
Type:
security
Severity:
important
Release date:
2019-05-13
Description:
The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fix(es): * python-jinja2: str.format_map allows sandbox escape (CVE-2019-10906) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages:
  • python3-jinja2-2.10.1-2.el8_0.noarch.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.