Skip to content
Snippets Groups Projects
Verified Commit 2601218d authored by Daniel Néri's avatar Daniel Néri
Browse files

main/py3-jinja2: security upgrade to 3.1.6 

CVE-2025-27516: Sandbox breakout through attr filter selecting format
method.

- https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7
- https://raw.githubusercontent.com/pallets/jinja/refs/tags/3.1.6/CHANGES.rst
parent 7f8557b3
No related branches found
No related tags found
1 merge request!81230[3.19] main/py3-jinja2: security upgrade to 3.1.6
Hide whitespace changes
Inline Side-by-side
main/py3-jinja2/APKBUILD
+ 4
2
View file @ 2601218d
......@@ -2,7 +2,7 @@
# Maintainer: Matt Smith <mcs@darkregion.net>
pkgname=py3-jinja2
_pkgname=jinja2
pkgver=3.1.5
pkgver=3.1.6
pkgrel=0
pkgdesc="A small but fast and easy to use stand-alone python template engine"
url="https://palletsprojects.com/p/jinja/"
......@@ -16,6 +16,8 @@ source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname
builddir="$srcdir/$_pkgname-$pkgver"
# secfixes:
# 3.1.6-r0:
# - CVE-2025-27516 GHSA-cpwx-vrp4-4pq7
# 3.1.5-r0:
# - CVE-2024-56326 GHSA-q2x7-8rv6-6q7h
# - CVE-2024-56201 GHSA-gmj6-6f8f-6699
......@@ -53,5 +55,5 @@ package() {
}
sha512sums="
75ad0094482c69d45fcd3aa8ee32e249931e53fee3f804f6ddfd5b6da0ed16962d8f1fced811e7dcb4d8401fadd828e77528d6d1280547a7d4f5f77cccf9bbd4 jinja2-3.1.5.tar.gz
bddd5e142f1462426c57b2efafdfafdfc6b66de257668707940896feae71eabdf19e0b6e34ef49b965153baf9b1eb59bb5a97349bb287ea0921dd2a751e967ab jinja2-3.1.6.tar.gz
"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment