oval:org.mitre.oval:def:24851

Definition Id: oval:org.mitre.oval:def:24851
 
Oval ID: oval:org.mitre.oval:def:24851
Title: ELSA-2014:0747: python-jinja2 security update (Moderate)
Description: Jinja2 is a template engine written in pure Python. It provides a Django-inspired, non-XML syntax but supports inline expressions and an optional sandboxed environment. It was discovered that Jinja2 did not properly handle bytecode cache files stored in the system's temporary directory. A local attacker could use this flaw to alter the output of an application using Jinja2 and FileSystemBytecodeCache, and potentially execute arbitrary code with the privileges of that application. (CVE-2014-1402) All python-jinja2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications using python-jinja2 must be restarted.
Family: unix Class: patch
Reference(s): ELSA-2014:0747-00
CVE-2014-1402
Version: 4
Platform(s): Oracle Linux 6
Product(s): python-jinja2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16594
 
Oval ID: oval:org.mitre.oval:def:16594
Title: Oracle Linux 6.x
Description: The operating system installed on the system is Oracle Linux 6.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:6
Version: 5
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24851