Hello community, here is the log from the commit of package python-Jinja2 for openSUSE:Factory checked in at 2014-07-16 16:37:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Jinja2 (Old) and /work/SRC/openSUSE:Factory/.python-Jinja2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Jinja2" Changes: -------- --- /work/SRC/openSUSE:Factory/python-Jinja2/python-Jinja2.changes 2014-05-10 22:57:00.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python-Jinja2.new/python-Jinja2.changes 2014-07-16 16:37:13.000000000 +0200 @@ -1,0 +2,7 @@ +Tue Jul 15 10:41:00 UTC 2014 - toddrme2...@gmail.com + +- Update to 2.7.3 + - Security issue: Corrected the security fix for the cache folder. + This fix was provided by RedHat. + +------------------------------------------------------------------- Old: ---- Jinja2-2.7.2.tar.gz New: ---- Jinja2-2.7.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Jinja2.spec ++++++ --- /var/tmp/diff_new_pack.BiEq6S/_old 2014-07-16 16:37:14.000000000 +0200 +++ /var/tmp/diff_new_pack.BiEq6S/_new 2014-07-16 16:37:14.000000000 +0200 @@ -17,7 +17,7 @@ Name: python-Jinja2 -Version: 2.7.2 +Version: 2.7.3 Release: 0 Summary: A fast and easy to use template engine written in pure Python License: BSD-3-Clause ++++++ Jinja2-2.7.2.tar.gz -> Jinja2-2.7.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/CHANGES new/Jinja2-2.7.3/CHANGES --- old/Jinja2-2.7.2/CHANGES 2014-01-10 11:41:21.000000000 +0100 +++ new/Jinja2-2.7.3/CHANGES 2014-06-06 18:49:01.000000000 +0200 @@ -1,6 +1,13 @@ Jinja2 Changelog ================ +Version 2.7.3 +------------- +(bugfix release, released on June 6th 2014) + +- Security issue: Corrected the security fix for the cache folder. This + fix was provided by RedHat. + Version 2.7.2 ------------- (bugfix release, released on January 10th 2014) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/Jinja2.egg-info/PKG-INFO new/Jinja2-2.7.3/Jinja2.egg-info/PKG-INFO --- old/Jinja2-2.7.2/Jinja2.egg-info/PKG-INFO 2014-01-10 11:42:33.000000000 +0100 +++ new/Jinja2-2.7.3/Jinja2.egg-info/PKG-INFO 2014-06-06 18:49:12.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.0 Name: Jinja2 -Version: 2.7.2 +Version: 2.7.3 Summary: A small but fast and easy to use stand-alone template engine written in pure python. Home-page: http://jinja.pocoo.org/ Author: Armin Ronacher diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/Jinja2.egg-info/requires.txt new/Jinja2-2.7.3/Jinja2.egg-info/requires.txt --- old/Jinja2-2.7.2/Jinja2.egg-info/requires.txt 2014-01-10 11:42:33.000000000 +0100 +++ new/Jinja2-2.7.3/Jinja2.egg-info/requires.txt 2014-06-06 18:49:12.000000000 +0200 @@ -1,4 +1,4 @@ markupsafe [i18n] -Babel>=0.8 \ No newline at end of file +Babel>=0.8 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/PKG-INFO new/Jinja2-2.7.3/PKG-INFO --- old/Jinja2-2.7.2/PKG-INFO 2014-01-10 11:42:36.000000000 +0100 +++ new/Jinja2-2.7.3/PKG-INFO 2014-06-06 18:49:13.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.0 Name: Jinja2 -Version: 2.7.2 +Version: 2.7.3 Summary: A small but fast and easy to use stand-alone template engine written in pure python. Home-page: http://jinja.pocoo.org/ Author: Armin Ronacher diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/jinja2/__init__.py new/Jinja2-2.7.3/jinja2/__init__.py --- old/Jinja2-2.7.2/jinja2/__init__.py 2014-01-10 11:42:33.000000000 +0100 +++ new/Jinja2-2.7.3/jinja2/__init__.py 2014-06-06 18:49:12.000000000 +0200 @@ -27,7 +27,7 @@ :license: BSD, see LICENSE for more details. """ __docformat__ = 'restructuredtext en' -__version__ = '2.7.2' +__version__ = '2.7.3' # high level interface from jinja2.environment import Environment, Template diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/jinja2/bccache.py new/Jinja2-2.7.3/jinja2/bccache.py --- old/Jinja2-2.7.2/jinja2/bccache.py 2014-01-10 11:42:03.000000000 +0100 +++ new/Jinja2-2.7.3/jinja2/bccache.py 2014-06-06 18:47:51.000000000 +0200 @@ -16,6 +16,7 @@ """ from os import path, listdir import os +import stat import sys import errno import marshal @@ -215,7 +216,7 @@ # On windows the temporary directory is used specific unless # explicitly forced otherwise. We can just use that. - if os.name == 'n': + if os.name == 'nt': return tmpdir if not hasattr(os, 'getuid'): raise RuntimeError('Cannot determine safe temp directory. You ' @@ -224,12 +225,18 @@ dirname = '_jinja2-cache-%d' % os.getuid() actual_dir = os.path.join(tmpdir, dirname) try: - # 448 == 0700 - os.mkdir(actual_dir, 448) + os.mkdir(actual_dir, stat.S_IRWXU) # 0o700 except OSError as e: if e.errno != errno.EEXIST: raise + actual_dir_stat = os.lstat(actual_dir) + if actual_dir_stat.st_uid != os.getuid() \ + or not stat.S_ISDIR(actual_dir_stat.st_mode) \ + or stat.S_IMODE(actual_dir_stat.st_mode) != stat.S_IRWXU: + raise RuntimeError('Temporary directory \'%s\' has an incorrect ' + 'owner, permissions, or type.' % actual_dir) + return actual_dir def _get_cache_filename(self, bucket): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Jinja2-2.7.2/setup.py new/Jinja2-2.7.3/setup.py --- old/Jinja2-2.7.2/setup.py 2014-01-10 11:42:33.000000000 +0100 +++ new/Jinja2-2.7.3/setup.py 2014-06-06 18:49:12.000000000 +0200 @@ -57,7 +57,7 @@ setup( name='Jinja2', - version='2.7.2', + version='2.7.3', url='http://jinja.pocoo.org/', license='BSD', author='Armin Ronacher', -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
