Alerts This Week
Warning Icon 1 700
Alerts This Week
Warning Icon 1 700

Fedora 40: FEDORA-2025-5f04326f4f moderate: Jinja2 sandbox breakout

fedora
Calendar Grey January 17, 2025
Dist Fedora Esm H88
To enhance security, it is recommended to upgrade the Jinja2 library to version 3.1.5 on your MinGW Windows setup, following the vulnerabilities noted in the Fedora reports.
Update to jinja2-3.1.5.

Summary

MinGW Windows Python jinja2 library.

Update Information:

Update to jinja2-3.1.5.

Topics%20covered

Topics Covered

security advisory update Fedora sandbox mingw-python-jinja2 malicious filenames

Change Log

* Wed Jan 8 2025 Sandro Mani - 3.1.5-1 - Update to 3.1.5 * Thu Jul 18 2024 Fedora Release Engineering - 3.1.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild

References


[ 1 ] Bug #2336370 - CVE-2024-56201 mingw-python-jinja2: Jinja has a sandbox breakout through malicious filenames [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2336370 [ 2 ] Bug #2336376 - CVE-2024-56201 mingw-python-jinja2: Jinja has a sandbox breakout through malicious filenames [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2336376

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5f04326f4f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: mingw-python-jinja2
Product: Fedora 40
Version: 3.1.5
Release: 1.fc40
URL: https://palletsprojects.com/projects/jinja/
Summary: MinGW Windows Python jinja2 library

Topics%20covered

Topics Covered

security advisory update Fedora sandbox mingw-python-jinja2 malicious filenames

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here