From: Armin Ronacher <armin.ronacher@active-4.com>
Date: Thu, 29 Dec 2016 13:14:44 +0000 (+0100)
Subject: Updated changelog
X-Git-Tag: 2.8.1~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=002edca796f4e69e53d0491e5b1319955082ed02;p=thirdparty%2Fjinja.git

Updated changelog
---

diff --git a/CHANGES b/CHANGES
index 4e5df26c..e3e75820 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,9 +4,12 @@ Jinja2 Changelog
 Version 2.8.1
 -------------
 
-(unreleased bugfix release)
+(bugfix release, released on December 29th 2016)
 
 - Fixed the `for_qs` flag for `urlencode`.
+- SECURITY: if the sandbox mode is used format expressions are now sandboxed
+  with the same rules as in Jinja.  This solves various information leakage
+  problems that can occur with format strings.
 
 Version 2.8
 -----------