Bug#1099074: bookworm-pu: package jinja2/3.1.2-1+deb12u2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1099074: bookworm-pu: package jinja2/3.1.2-1+deb12u2
From: Lee Garrett <debian@rocketjump.eu>
Date: Thu, 27 Feb 2025 23:06:17 +0100
Message-id: <[🔎] 174069397714.495836.10212583552000522344.reportbug@batou>
Reply-to: Lee Garrett <debian@rocketjump.eu>, 1099074@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: jinja2@packages.debian.org, debian@rocketjump.eu
Control: affects -1 + src:jinja2
User: release.debian.org@packages.debian.org
Usertags: pu


[ Reason ]
Fix CVE-2024-56201
Fix CVE-2024-56326


[ Impact ]
Two security vulnerabilities will stay unfixed.

[ Tests ]
The patches are taken from upstream, and include test coverage. Both patches
applied with minimal changes.

[ Risks ]
Low, are nearly direct patches from upstream.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
Fix CVE-2024-56201
Fix CVE-2024-56326

[ Other info ]
%

Reply to:

Follow-Ups:
- Processed: bookworm-pu: package jinja2/3.1.2-1+deb12u2
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1099074: bookworm-pu: package jinja2/3.1.2-1+deb12u2
  - From: Lee Garrett <debian@rocketjump.eu>

Prev by Date: please hint cccl into testing
Next by Date: Processed: bookworm-pu: package jinja2/3.1.2-1+deb12u2
Previous by thread: please hint cccl into testing
Next by thread: Processed: bookworm-pu: package jinja2/3.1.2-1+deb12u2
Index(es):
- Date
- Thread