Hi,

I was running a vulnerability scan for one of the EC2 Instance in AWS and during the scan there was one reported against markupsafe. The detail is as below

Rules package
Runtime Behavior Analysis-1.0

Finding
The following executable files on instance do not support stack cookies: /lib/python2.7/site-packages/markupsafe/_speedups.so.

Severity Medium

Description
This rule detects the presence of third-party software that is compiled without support for stack cookies. Stack cookies increase system security by defending against stack-based buffer overflow and other memory corruption attacks.

Recommendation
It is recommended that you uninstall this software from your assessment target if you are not using it, or contact the vendor to get an updated version of this software with stack cookies enabled.

FYI It s a Django 1.10 stack using Jinja2 which has markupsafe as required package. The version installed of MarkupSafe is 0.23.