Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7b000714da3b197de1385325ab5831aa4e6cd796
rpi-buildroot/package/python-jinja2/python-jinja2.hash
Thomas Perale 2d5903769f package/python-jinja2: security bump to version 3.1.6 
Fixes the following security issue:

- CVE-2025-27516: Prior to 3.1.6, an oversight in how the Jinja
    sandboxed environment interacts with the |attr filter allows
    an attacker that controls the content of a template to execute
    arbitrary Python code.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-27516
  - 90457bbf33

For more details on the version bump, see the release notes:

https://github.com/pallets/jinja/releases/tag/3.1.6

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
2025-04-10 21:25:31 +02:00

6 lines
328 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/jinja2/json
md5 66d4c25ff43d1deaf9637ccda523dec8 jinja2-3.1.6.tar.gz
sha256 0137fb05990d35f1275a587e9aee6d56da821fc83491a0fb838183be43f66d6d jinja2-3.1.6.tar.gz
# Locally computed sha256 checksums
sha256 3b49dcee4105eb37bac10faf1be260408fe85d252b8e9df2e0979fc1e094437b LICENSE.txt
Reference in New Issue View Git Blame Copy Permalink