[ubuntu/oracular-security] jinja2 3.1.3-1ubuntu1.24.10.2 (Accepted)
Eduardo Barretto
eduardo.barretto at canonical.com
Tue Mar 11 17:45:24 UTC 2025
jinja2 (3.1.3-1ubuntu1.24.10.2) oracular-security; urgency=medium
* SECURITY UPDATE: Arbitrary code execution via |attr filter bypass
- debian/patches/CVE-2025-27516.patch: attr filter uses env.getattr
- CVE-2025-27516
Date: 2025-03-10 19:54:18.618339+00:00
Changed-By: John Breton <john.breton at canonical.com>
Signed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/jinja2/3.1.3-1ubuntu1.24.10.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list