[Python-modules-commits] r27184 - in packages/jinja2/trunk/debian (3 files)
piotr at users.alioth.debian.org
piotr at users.alioth.debian.org
Sun Jan 12 14:23:07 UTC 2014
Date: Sunday, January 12, 2014 @ 14:23:06
Author: piotr
Revision: 27184
Add fix_CVE-2014-1402 patch which uses tempfile.mkdtemp to create cache dir (closes: 734956)
Added:
packages/jinja2/trunk/debian/patches/fix_CVE-2014-0012.patch
Modified:
packages/jinja2/trunk/debian/changelog
packages/jinja2/trunk/debian/patches/series
Modified: packages/jinja2/trunk/debian/changelog
===================================================================
--- packages/jinja2/trunk/debian/changelog 2014-01-12 10:22:00 UTC (rev 27183)
+++ packages/jinja2/trunk/debian/changelog 2014-01-12 14:23:06 UTC (rev 27184)
@@ -1,3 +1,10 @@
+jinja2 (2.7.2-2) unstable; urgency=high
+
+ * Add fix_CVE-2014-1402 patch which uses tempfile.mkdtemp to create
+ cache dir (closes: 734956)
+
+ -- Piotr Ożarowski <piotr at debian.org> Sun, 12 Jan 2014 15:09:04 +0100
+
jinja2 (2.7.2-1) unstable; urgency=high
* New upstream release
Added: packages/jinja2/trunk/debian/patches/fix_CVE-2014-0012.patch
===================================================================
--- packages/jinja2/trunk/debian/patches/fix_CVE-2014-0012.patch (rev 0)
+++ packages/jinja2/trunk/debian/patches/fix_CVE-2014-0012.patch 2014-01-12 14:23:06 UTC (rev 27184)
@@ -0,0 +1,13 @@
+Index: jinja2-2.7.2/jinja2/bccache.py
+===================================================================
+--- jinja2-2.7.2.orig/jinja2/bccache.py
++++ jinja2-2.7.2/jinja2/bccache.py
+@@ -206,7 +206,7 @@ class FileSystemBytecodeCache(BytecodeCa
+
+ def __init__(self, directory=None, pattern='__jinja2_%s.cache'):
+ if directory is None:
+- directory = self._get_default_cache_dir()
++ directory = tempfile.mkdtemp(prefix='jinja2-cache-')
+ self.directory = directory
+ self.pattern = pattern
+
Modified: packages/jinja2/trunk/debian/patches/series
===================================================================
--- packages/jinja2/trunk/debian/patches/series 2014-01-12 10:22:00 UTC (rev 27183)
+++ packages/jinja2/trunk/debian/patches/series 2014-01-12 14:23:06 UTC (rev 27184)
@@ -1,2 +1,3 @@
drop_next_import_from_docs-jinjaext.patch
jinja2-typos.patch
+fix_CVE-2014-0012.patch
More information about the Python-modules-commits
mailing list