oval:org.mitre.oval:def:24790

Definition Id: oval:org.mitre.oval:def:24790
 
Oval ID: oval:org.mitre.oval:def:24790
Title: RHSA-2014:0747: python-jinja2 security update (Moderate)
Description: Jinja2 is a template engine written in pure Python. It provides a Django-inspired, non-XML syntax but supports inline expressions and an optional sandboxed environment. It was discovered that Jinja2 did not properly handle bytecode cache files stored in the system's temporary directory. A local attacker could use this flaw to alter the output of an application using Jinja2 and FileSystemBytecodeCache, and potentially execute arbitrary code with the privileges of that application. (CVE-2014-1402) All python-jinja2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications using python-jinja2 must be restarted.
Family: unix Class: patch
Reference(s): RHSA-2014:0747-00
CESA-2014:0747
CVE-2014-1402
 Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): python-jinja2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20273
 
Oval ID: oval:org.mitre.oval:def:20273
Title: The operating system installed on the system is Red Hat Enterprise Linux 6
Description: The operating system installed on the system is Red Hat Enterprise Linux 6.
Family: unix Class: inventory
Reference(s): cpe:/o:redhat:enterprise_linux:6
 Version: 6
Platform(s): Red Hat Enterprise Linux 6
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24790
Definition Id: oval:org.mitre.oval:def:16337
 
Oval ID: oval:org.mitre.oval:def:16337
Title: The operating system installed on the system is CentOS Linux 6.x
Description: The operating system installed on the system is CentOS Linux 6.x
Family: unix Class: inventory
Reference(s): cpe:/o:centos:centos:6
 Version: 5
Platform(s): CentOS Linux 6
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24790