[SECURITY] [DLA 4126-2] jinja2 regression update

[Lucas Kanashiro <kanashiro@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4126-2                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Lucas Kanashiro
April 30, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : jinja2
Version        : 2.11.3-1+deb11u4
CVE ID         : CVE-2025-27516
Debian Bug     : #1103045

The fix for CVE-2025-27516 announced in DLA-4126 does not supporting Python 2.
Now, the support of Python 2 was re-instated.

For Debian 11 bullseye, this problem has been fixed in version
2.11.3-1+deb11u4.

We recommend that you upgrade your jinja2 packages.

For the detailed security status of jinja2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/jinja2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmgSnHEACgkQ+COicpiD
yXytgRAAiagXDeFD7gPrHXv2XH2vgsGSkxPc+RUXuNBXyaAWLOeHDbGsztNVxHqj
hv5yyhYq/jLeeoOnY8xiBljMq8geKzNCNBUHsPDkpBP/gYHCjhS5v3YGlfDV3mRQ
kn6MsPHejYh0Y0PmurfmkR8bfzpe32SkjV/jNjohiDWtUrTdy12PTPrazG9ziz5y
oaWoyQNcPE+l5RYLovfDfX9G9hi4KyXPi4Q8pMOjV8tgUNhknboQR+fs273KJbRg
z643caQaGHUeYTEY3oKq0BtK66z6zpoHpuQ2s9wyJ3CQLmYMCeXUvNpsUMx+1rvH
CV5irtByWCUUYGLCCtmRbRvGmkYYDK27HCsdB9Savd8JDTJAFeHy2BIDhpat+MLT
bk0I5o2qpYO1wEUuhNWxRc2hm7Pz/qd81R20o9PgZkT34TbAfOA2mCBxGW/cNAta
OkO9eB8oKnWo5JrKw49gwtESo8s6XA+edCJWIMyLa9h6+7pVWRzcDp2Ss8PkwSr4
06oDJipWruRkETuemKr3TdJNbVVAZYYpokRZh26XXdjdYwc/lpAGWtjIMbMLrEXz
jGBnHjIA4dsuZcgg7oXGZd3Rubj2PwSEdQf05R9SOp4GOqygCLUf2FS3gXvSjAX7
I6t6Xz9s1H4/7tQzoDZRbVSbJvR8cmqaH1QVgqP0L7rzMIb016Q=
=ijlT
-----END PGP SIGNATURE-----