[ubuntu/plucky-proposed] jinja2 3.1.5-2ubuntu1 (Accepted)

John Breton john.breton at canonical.com
Thu Mar 13 16:34:21 UTC 2025 

jinja2 (3.1.5-2ubuntu1) plucky; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution via |attr filter bypass
    - debian/patches/CVE-2025-27516.patch: attr filter uses env.getattr
    - CVE-2025-27516

Date: Thu, 13 Mar 2025 07:59:16 -0400
Changed-By: John Breton <john.breton at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/jinja2/3.1.5-2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 13 Mar 2025 07:59:16 -0400
Source: jinja2
Built-For-Profiles: noudeb
Architecture: source
Version: 3.1.5-2ubuntu1
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: John Breton <john.breton at canonical.com>
Changes:
 jinja2 (3.1.5-2ubuntu1) plucky; urgency=medium
 .
   * SECURITY UPDATE: Arbitrary code execution via |attr filter bypass
     - debian/patches/CVE-2025-27516.patch: attr filter uses env.getattr
     - CVE-2025-27516
Checksums-Sha1:
 13849da02537c1546090ccbd9ae3228308d0e227 2382 jinja2_3.1.5-2ubuntu1.dsc
 9b32e6d6cb9019728752635b1e1a0444c504e7d4 11340 jinja2_3.1.5-2ubuntu1.debian.tar.xz
 1f8a4bfc7d37a7276b39b45e6b9993a93ec15b9b 8084 jinja2_3.1.5-2ubuntu1_source.buildinfo
Checksums-Sha256:
 b93f05d2a27e04d3dd7171544001845774e4b446173a0a915505b8388e79fb60 2382 jinja2_3.1.5-2ubuntu1.dsc
 b8a38a1ffd3ee882511d8802a4e09b2a7ddcd9d2bb371e1d2c2f04f510308751 11340 jinja2_3.1.5-2ubuntu1.debian.tar.xz
 f98b0812d544c286f3b35417cc7844a32d1023c962d73b7c4a26c6879c2914a2 8084 jinja2_3.1.5-2ubuntu1_source.buildinfo
Files:
 846578287b7b726a7dbf20cca6bcefe9 2382 python optional jinja2_3.1.5-2ubuntu1.dsc
 46dcfbf7ecc02c46f5984032a9550341 11340 python optional jinja2_3.1.5-2ubuntu1.debian.tar.xz
 03ea4ec8c0b49cd91fab28fda10482f8 8084 python optional jinja2_3.1.5-2ubuntu1_source.buildinfo
Original-Maintainer: Piotr Ożarowski <piotr at debian.org>

More information about the plucky-changes mailing list