Package Release Info


Update Info: openSUSE-2019-244
Available in Package Hub : 12 GA-SP5





Change Logs

* Thu Nov 19 2015
- Update to 2.8
  - Added `target` parameter to urlize function.
  - Added support for `followsymlinks` to the file system loader.
  - The truncate filter now counts the length.
  - Added equalto filter that helps with select filters.
  - Changed cache keys to use absolute file names if available
    instead of load names.
  - Fixed loop length calculation for some iterators.
  - Changed how Jinja2 enforces strings to be native strings in
    Python 2 to work when people break their default encoding.
  - Added :func:`make_logging_undefined` which returns an undefined
    object that logs failures into a logger.
  - If unmarshalling of cached data fails the template will be
    reloaded now.
  - Implemented a block ``set`` tag.
  - Default cache size was incrased to 400 from a low 50.
  - Fixed ``is number`` test to accept long integers in all Python versions.
  - Changed ``is number`` to accept Decimal as a number.
  - Added a check for default arguments followed by non-default arguments. This
    change makes ``{% macro m(x, y=1, z) %}...{% endmacro %}`` a syntax error. The
    previous behavior for this code was broken anyway (resulting in the default
    value being applied to `y`).
  - Add ability to use custom subclasses of ``jinja2.compiler.CodeGenerator`` and
    ``jinja2.runtime.Context`` by adding two new attributes to the environment
    (`code_generator_class` and `context_class`) (pull request ``#404``).
  - added support for context/environment/evalctx decorator functions on
    the finalize callback of the environment.
  - escape query strings for urlencode properly.  Previously slashes were not
    escaped in that place.
  - Add 'base' parameter to 'int' filter.
- Tests are removed from the package (not distributed in the tar.gz)
* Wed Jul 22 2015
- Use %python_version over %py_ver: better portability to RHEL
* Fri Aug 15 2014
- run testsuite during build
* Fri Aug 15 2014
- adjust dependency to use up to date package name for python-MarkupSafe
* Tue Jul 15 2014
- Update to 2.7.3 (bnc#858239, CVE-2014-0012)
  - Security issue: Corrected the security fix for the cache folder.
    This fix was provided by RedHat.
* Thu May 08 2014
- fix package build (file selection missing)
* Sat Apr 26 2014
- avoid rebuildcycle with vim
* Mon Jan 13 2014
- update to 2.7.2:
  - Prefix loader was not forwarding the locals properly to
    inner loaders.  This is now fixed.
  - Security issue: Changed the default folder for the filesystem cache to be
    user specific and read and write protected on UNIX systems.  See `Debian bug
    734747`_ for more information.
* Thu Oct 24 2013
- Require python-setuptools instead of distribute (upstreams merged)
* Mon Sep 02 2013
- Avoid "Recommends:" on old rpm distros
* Tue Aug 13 2013
- update to 2.7.1:
  - Fixed a bug with ``call_filter`` not working properly on environment
  and context filters.
  - Fixed lack of Python 3 support for bytecode caches.
  - Reverted support for defining blocks in included templates as this
  broke existing templates for users.
  - Fixed some warnings with hashing of undefineds and nodes if Python
  is run with warnings for Python 3.
  - Added support for properly hashing undefined objects.
  - Fixed a bug with the title filter not working on already uppercase
* Thu Jul 11 2013
- update to 2.7:
  - Choice and prefix loaders now dispatch source and template lookup
    separately in order to work in combination with module loaders as
  - Fixed filesizeformat.
  - Added a non-silent option for babel extraction.
  - Added `urlencode` filter that automatically quotes values for
    URL safe usage with utf-8 as only supported encoding.  If applications
    want to change this encoding they can override the filter.
  - Added `keep-trailing-newline` configuration to environments and
    templates to optionally preserve the final trailing newline.
  - Accessing `last` on the loop context no longer causes the iterator
    to be consumed into a list.
  - Python requirement changed: 2.6, 2.7 or >= 3.3 are required now,
    supported by same source code, using the "six" compatibility library.
  - Allow `contextfunction` and other decorators to be applied to `__call__`.
  - Added support for changing from newline to different signs in the `wordwrap`
  - Added support for ignoring memcache errors silently.
  - Added support for keeping the trailing newline in templates.
  - Added finer grained support for stripping whitespace on the left side
    of blocks.
  - Added `map`, `select`, `reject`, `selectattr` and `rejectattr`
  - Added support for `loop.depth` to figure out how deep inside a recursive
    loop the code is.
  - Disabled py_compile for pypy and python 3.
* Mon Apr 30 2012
- Fix building python 3 package on openSUSE 11.4 x86_64
* Thu Apr 26 2012
- Add 2to3 buildrequires to allow for proper conversion of python 3
* Mon Apr 23 2012
- Add python 3 package
- Simplify vim plugin packaging
- Add suggests for vim and emacs in their respective
- Removed test for obsolete openSUSE version
* Thu Feb 23 2012
- Simplified macro usage
* Thu Sep 22 2011
- Split of 'vim' and 'emacs' sub-packages that contain syntax highlighting
  support for both editors
* Thu Sep 22 2011
- Set license to BSD-3-Clause (SPDX style)
- Require python-distribute instead of python-setuptools
* Tue Sep 20 2011
- Update to version 2.6:
  * internal attributes now raise an internal attribute error now instead
    of returning an undefined.  This fixes problems when passing undefined
    objects to Python semantics expecting APIs.
  * traceback support now works properly for PyPy.  (Tested with 1.4)
  * implemented operator intercepting for sandboxed environments.  This
    allows application developers to disable builtin operators for better
    security.  (For instance limit the mathematical operators to actual
    integers instead of longs)
  * groupby filter now supports dotted notation for grouping by attributes
    of attributes.
  * scoped blocks not properly treat toplevel assignments and imports.
    Previously an import suddenly "disappeared" in a scoped block.
  * automatically detect newer Python interpreter versions before loading code
    from bytecode caches to prevent segfaults on invalid opcodes.  The segfault
    in earlier Jinja2 versions here was not a Jinja2 bug but a limitation in
    the underlying Python interpreter.  If you notice Jinja2 segfaulting in
    earlier versions after an upgrade of the Python interpreter you don't have
    to upgrade, it's enough to flush the bytecode cache.  This just no longer
    makes this necessary, Jinja2 will automatically detect these cases now.
  * the sum filter can now sum up values by attribute.  This is a backwards
    incompatible change.  The argument to the filter previously was the
    optional starting index which defaultes to zero.  This now became the
    second argument to the function because it's rarely used.
  * like sum, sort now also makes it possible to order items by attribute.
  * like sum and sort, join now also is able to join attributes of objects
    as string.
  * the internal eval context now has a reference to the environment.
  * added a mapping test to see if an object is a dict or an object with
    a similar interface.
* Wed Jul 20 2011
- Renamed to python-Jinja2
- Fix wrong EOL encodings
Version: 2.10.1-bp153.2.1
* Thu Feb 18 2021 Alexandros Toptsoglou <>
- Fixed IndentationError in CVE-2020-28493.patch (bsc#1182244)
* Tue Feb 09 2021 Alexandros Toptsoglou <>
- CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have
  been called with untrusted user data (bsc#1181944).
  Added CVE-2020-28493.patch
Version: 2.10.1-bp152.2.17
* Sat Apr 13 2019 Arun Persaud <>
- update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341):
  * "SandboxedEnvironment" securely handles "str.format_map" in order
    to prevent code execution through untrusted format strings.  The
    sandbox already handled "str.format".
* Thu Nov 09 2017
- specfile:
  * added README.rst to %doc section
- update to version 2.10:
  * Added a new extension node called "OverlayScope" which can be used
    to create an unoptimized scope that will look up all variables
    from a derived context.
  * Added an "in" test that works like the in operator.  This can be
    used in combination with "reject" and "select".
  * Added "previtem" and "nextitem" to loop contexts, providing access
    to the previous/next item in the loop. If such an item does not
    exist, the value is undefined.
  * Added "changed(*values)" to loop contexts, providing an easy way
    of checking whether a value has changed since the last iteration
    (or rather since the last call of the method)
  * Added a "namespace" function that creates a special object which
    allows attribute assignment using the "set" tag.  This can be used
    to carry data across scopes, e.g. from a loop body to code that
    comes after the loop.
  * Added a "trimmed" modifier to "{% trans %}" to strip linebreaks
    and surrounding whitespace. Also added a new policy to enable this
    for all "trans" blocks.
  * The "random" filter is no longer incorrectly constant folded and
    will produce a new random choice each time the template is
    rendered. (`#478`_)
  * Added a "unique" filter. (`#469`_)
  * Added "min" and "max" filters. (`#475`_)
  * Added tests for all comparison operators: "eq", "ne", "lt", "le",
    "gt", "ge". (`#665`_)
  * "import" statement cannot end with a trailing comma. (`#617`_,
  * "indent" filter will not indent blank lines by default. (`#685`_)
  * Add "reverse" argument for "dictsort" filter. (`#692`_)
  * Add a "NativeEnvironment" that renders templates to native Python
    types instead of strings. (`#708`_)
  * Added filter support to the block "set" tag. (`#489`_)
  * "tojson" filter marks output as safe to match documented behavior.
  * Resolved a bug where getting debug locals for tracebacks could
    modify template context.
  * Fixed a bug where having many "{% elif ... %}" blocks resulted in
    a "too many levels of indentation" error.  These blocks now
    compile to native "elif ..:" instead of "else: if ..:" (`#759`_)
* Tue Apr 04 2017
- update for singlespec
- update to 2.9.6
  * fixed custom context behavior in fast resolve mode
* Wed Mar 22 2017
- fix requires
* Wed Mar 15 2017
- Update to 2.9.5  (bsc#1132174, CVE-2016-10745)
  (see the changes in /usr/share/doc/packages/python-Jinja2/CHANGES)
- updated source URL