Skip to content

v2.3.2
Compare
Choose a tag to compare
@phenixblue phenixblue released this 28 Mar 22:41
· 85 commits to master since this release
v2.3.2
427c9e0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Overview

This release includes a security fix

Security Fix

  • Bumps jinja2 from 2.11.2 to 2.11.3. in /app/magtape (ref #99)

This contains a fix for a speed issue with the urlize filter. urlize is likely to be called on untrusted user input. For certain inputs some of the >regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became >slightly stricter. The various speedups apply to urlize in general, not just the specific input cases.

PyPI: https://pypi.org/project/Jinja2/2.11.3/
Changes: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3

Assets 2
Loading