Bump Jinja2 to >=2.10.1, addresses CVE-2019-10906

Given how moto is intended to be used, and how it uses Jinja2, [CVE-2019-10906](https://nvd.nist.gov/vuln/detail/CVE-2019-10906) is unlikely to affect many users, but we should use a secure version anyway just in case moto is being used in unforeseen ways.
2019-04-15 10:48:55 +01:00 · 2019-04-15 10:48:55 +01:00 · e28bcf20ea
commit e28bcf20ea
parent 66dafc6679
1 changed files with 1 additions and 1 deletions
--- a/setup.py
+++ b/setup.py
@ -19,7 +19,7 @@ def read(*parts):


 install_requires = [
-    "Jinja2>=2.7.3",
+    "Jinja2>=2.10.1",
    "boto>=2.36.0",
    "boto3>=1.9.86",
    "botocore>=1.12.86",