Commit 49ad6f03 authored Nov 01, 2022 by Tim Orling Committed by Richard Purdie Nov 02, 2022

python3-mako: upgrade 1.2.2 -> 1.2.3

Released: Thu Sep 22 2022
* bug

 - [bug] [lexer]

   * Fixed issue in lexer in the same category as that of #366 where the regexp
     used to match an end tag didn’t correctly organize for matching characters
     surrounded by whitespace, leading to high memory / interpreter hang if a
     closing tag incorrectly had a large amount of unterminated space in it.
     Credit to Sebastian Chnelik for locating the issue.

    As Mako templates inherently render and directly invoke arbitrary Python
    code from the template source, it is never appropriate to create templates
    that contain untrusted input.

    References: #367

[1] https://docs.makotemplates.org/en/latest/changelog.html#change-1.2.3
[2] https://github.com/sqlalchemy/mako/issues/366
[3] https://github.com/sqlalchemy/mako/issues/367



Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

parent a69ea1f7

Show whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit ce8d8fb1
· Nov 27, 2022

mentioned in commit ce8d8fb1

mentioned in commit ce8d8fb1052eb45c0a4a860cb59c53c93430d6bf

Toggle commit list

Please register or to comment