[ubuntu/focal-security] jinja2 2.10.1-2ubuntu0.6 (Accepted)
Octavio Galland
octavio.galland at canonical.com
Wed Mar 12 19:50:43 UTC 2025
jinja2 (2.10.1-2ubuntu0.6) focal-security; urgency=medium
* SECURITY REGRESSION: Arbitrary code execution via |attr filter bypass
- debian/patches/CVE-2025-27516.patch: Replace getattr_static with an
equivalent Python 2 compatible function
- CVE-2025-27516
Date: 2025-03-12 17:24:20.804395+00:00
Changed-By: John Breton <john.breton at canonical.com>
Signed-By: Octavio Galland <octavio.galland at canonical.com>
https://launchpad.net/ubuntu/+source/jinja2/2.10.1-2ubuntu0.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list