src/jinja2/lexer.py | 5 4 + 1 - 0 !
src/jinja2/nodes.py | 5 4 + 1 - 0 !
src/jinja2/sandbox.py | 5 4 + 1 - 0 !
src/jinja2/utils.py | 5 4 + 1 - 0 !
tests/test_utils.py | 5 4 + 1 - 0 !
5 files changed, 20 insertions(+), 5 deletions(-)

 python 3.9: fix collections import

Bug-Debian: https://bugs.debian.org/949018

docs/conf.py | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 docs: disable sphinxcontrib.log_cabinet

it's not packaged in Debian yet

tests/test_loader.py | 6 4 + 2 - 0 !
1 file changed, 4 insertions(+), 2 deletions(-)

 fix nose leftovers

taken from upstream repo

src/jinja2/filters.py | 25 18 + 7 - 0 !
tests/test_filters.py | 6 6 + 0 - 0 !
2 files changed, 24 insertions(+), 7 deletions(-)

 xmlattr filter disallows keys with spaces

src/jinja2/filters.py | 18 13 + 5 - 0 !
tests/test_filters.py | 11 6 + 5 - 0 !
2 files changed, 19 insertions(+), 10 deletions(-)

 disallow invalid characters in keys to xmlattr filter

src/jinja2/compiler.py | 7 6 + 1 - 0 !
tests/test_compile.py | 19 19 + 0 - 0 !
2 files changed, 25 insertions(+), 1 deletion(-)

 fix cve-2024-56201 

src/jinja2/sandbox.py | 81 43 + 38 - 0 !
tests/test_security.py | 17 17 + 0 - 0 !
2 files changed, 60 insertions(+), 38 deletions(-)

 fix cve-2024-56326

src/jinja2/filters.py | 33 14 + 19 - 0 !
1 file changed, 14 insertions(+), 19 deletions(-)

 [patch] attr filter uses env.getattr