From 761f449e0daf3de06b0132bd4d6dfcdeef578e26 Mon Sep 17 00:00:00 2001 From: Florian Apolloner Date: Mon, 27 Dec 2021 14:53:18 +0100 Subject: Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. Thanks to Dennis Brinkrolf for the report. Co-authored-by: Adam Johnson --- docs/ref/templates/builtins.txt | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs/ref') diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index f02a8f61c8..1fcfa1fa88 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -1577,6 +1577,13 @@ produce empty output:: {{ values|dictsort:"0" }} +Ordering by elements at specified index is not supported on dictionaries. + +.. versionchanged:: 2.2.26 + + In older versions, ordering elements at specified index was supported on + dictionaries. + .. templatefilter:: dictsortreversed ``dictsortreversed`` -- cgit v1.3