SUSE has issued an advisory on February 25: https://lists.suse.com/pipermail/sle-security-updates/2021-February/008376.html The issue is fixed upstream in 2.11.3. Mageia 7 and Mageia 8 are also affected.
Status comment: (none) => Fixed upstream in 2.11.3Whiteboard: (none) => MGA8TOO, MGA7TOO
Another one for you, David, as you did the last several version upgrades.
Assignee: bugsquad => geiger.david68210
Done for cauldron, mga8 and mga7!
Package list: python2-jinja2-2.11.3-1.mga7 python3-jinja2-2.11.3-1.mga7 python3-jinja2-2.11.3-1.mga8 from SRPMS: python-jinja2-2.11.3-1.mga7.src.rpm python-jinja2-2.11.3-1.mga8.src.rpm
Status comment: Fixed upstream in 2.11.3 => (none)CC: (none) => geiger.david68210Whiteboard: MGA8TOO, MGA7TOO => MGA7TOOVersion: Cauldron => 8Assignee: geiger.david68210 => qa-bugs
Newer SUSE advisory from February 26: https://lists.suse.com/pipermail/sle-security-updates/2021-February/008398.html Nothing from openSUSE yet, but probably will be soon.
Advisory: ======================== Updated python-jinja2 packages fix security vulnerability: ReDOS vulnerability where urlize could have been called with untrusted user data (CVE-2020-28493). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28493 https://lists.suse.com/pipermail/sle-security-updates/2021-February/008398.html
MGA7-64 MATE on PeaqC1011 No installation issues. This seems developer's stuff. Propose to OK on clean install.
CC: (none) => herman.viaene
Sorry, I didn't notice the procedure on bug 12265 $ python test.py Hello. If you see this with no errors then it worked :) $ python3 test.py File "test.py", line 4 print output ^ SyntaxError: Missing parentheses in call to 'print'. Did you mean print(output)? I changed the test.py to the suggestion and then $ python3 test.py Hello. If you see this with no errors then it worked :) and the first test on python works as well, so OK
Whiteboard: MGA7TOO => MGA7TOO MGA7-64-OK
Tested in mga8 64-bit Plasma mga8 guest. No installation issues. Tried the test from Comment 7, with the same error. Corrected the file, ran again, this time successfully. OK for mga8. Validating. Advisory in Comment 5.
Keywords: (none) => validated_updateWhiteboard: MGA7TOO MGA7-64-OK => MGA7TOO MGA7-64-OK MGA8-64-OKCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => ouaurelienCVE: (none) => CVE-2020-28493Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0178.html
Status: NEW => RESOLVEDResolution: (none) => FIXED