Fedora 40: python-jinja2 3.1.5 security advisory for CVE-2024-56201
fedora
January 22, 2025
Update to 3.1.5 Security fix for CVE-2024-56201
Summary
Jinja2 is a template engine written in pure Python. It provides a
Django inspired non-XML syntax but supports inline expressions and an
optional sandboxed environment.
If you have any exposure to other text-based template languages, such
as Smarty or Django, you should feel right at home with Jinja2. It's
both designer and developer friendly by sticking to Python's
principles and adding functionality useful for templating
environments.
Update Information:
Update to 3.1.5 Security fix for CVE-2024-56201
Change Log
* Wed Jan 8 2025 Miro HronÄok
References
[ 1 ] Bug #2333854 - CVE-2024-56201 jinja2: Jinja has a sandbox breakout through malicious filenames
https://bugzilla.redhat.com/show_bug.cgi?id=2333854
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6ed1e0c3c6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: python-jinja2
Product: Fedora 40
Version: 3.1.5
Release: 1.fc40
Summary: General purpose template engine
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!