aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGES5
1 files changed, 4 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index 4e5df26c..e3e75820 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,9 +4,12 @@ Jinja2 Changelog
Version 2.8.1
-------------
-(unreleased bugfix release)
+(bugfix release, released on December 29th 2016)
- Fixed the `for_qs` flag for `urlencode`.
+- SECURITY: if the sandbox mode is used format expressions are now sandboxed
+ with the same rules as in Jinja. This solves various information leakage
+ problems that can occur with format strings.
Version 2.8
-----------
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 21:53:47 +0000