Advisories » MGASA-2025-0050

Updated python-jinja2 packages fix security vulnerability

Publication date: 12 Feb 2025
Modification date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-56326

Description

Jinja has a sandbox breakout through an indirect reference to a format
method. (CVE-2024-56326)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33996
• https://lwn.net/Articles/1008460/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56326

SRPMS

9/core

• python-jinja2-3.1.5-1.mga9