| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- Fixed IndentationError in CVE-2020-28493.patch (bsc#1182244)
- CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have been called with untrusted user data (bsc#1181944). Added CVE-2020-28493.patch
- update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341):
* "SandboxedEnvironment" securely handles "str.format_map" in order
to prevent code execution through untrusted format strings. The
sandbox already handled "str.format".
- specfile:
* CHANGES -> CHANGES.rst
* added README.rst to %doc section
- update to version 2.10:
* Added a new extension node called "OverlayScope" which can be used
to create an unoptimized scope that will look up all variables
from a derived context.
* Added an "in" test that works like the in operator. This can be
used in combination with "reject" and "select".
* Added "previtem" and "nextitem" to loop contexts, providing access
to the previous/next item in the loop. If such an item does not
exist, the value is undefined.
* Added "changed(*values)" to loop contexts, providing an easy way
of checking whether a value has changed since the last iteration
(or rather since the last call of the method)
* Added a "namespace" function that creates a special object which
allows attribute assignment using the "set" tag. This can be used
to carry data across scopes, e.g. from a loop body to code that
comes after the loop.
* Added a "trimmed" modifier to "{% trans %}" to strip linebreaks
and surrounding whitespace. Also added a new policy to enable this
for all "trans" blocks.
* The "random" filter is no longer incorrectly constant folded and
will produce a new random choice each time the template is
rendered. (`#478`_)
* Added a "unique" filter. (`#469`_)
* Added "min" and "max" filters. (`#475`_)
* Added tests for all comparison operators: "eq", "ne", "lt", "le",
"gt", "ge". (`#665`_)
* "import" statement cannot end with a trailing comma. (`#617`_,
`#618`_)
* "indent" filter will not indent blank lines by default. (`#685`_)
* Add "reverse" argument for "dictsort" filter. (`#692`_)
* Add a "NativeEnvironment" that renders templates to native Python
types instead of strings. (`#708`_)
* Added filter support to the block "set" tag. (`#489`_)
* "tojson" filter marks output as safe to match documented behavior.
(`#718`_)
* Resolved a bug where getting debug locals for tracebacks could
modify template context.
* Fixed a bug where having many "{% elif ... %}" blocks resulted in
a "too many levels of indentation" error. These blocks now
compile to native "elif ..:" instead of "else: if ..:" (`#759`_)
- update for singlespec - update to 2.9.6 * fixed custom context behavior in fast resolve mode
- fix requires
- Update to 2.9.5 (bsc#1132174, CVE-2016-10745) (see the changes in /usr/share/doc/packages/python-Jinja2/CHANGES) - updated source URL