[Philippe Makowski, 2014-01-21] > the fix in Jinja 2.7.2 is not correct > http://openwall.com/lists/oss-security/2014/01/11/1
that's why I added this patch: http://patch-tracker.debian.org/patch/series/view/jinja2/2.7.2-2/fix_CVE-2014-0012.patch see http://bugs.debian.org/734956 it's just a temporary fix - it practically disables caching so it's not a long term solution (and that's why I didn't propose it as a fix in Debian stable) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
