Advisories » MGASA-2025-0094

Updated python-jinja2 packages fix security vulnerability

Publication date: 12 Mar 2025
Modification date: 12 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-27516

Description

Jinja sandbox breakout through attr filter selecting format method.
(CVE-2025-27516)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34081
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MUH4YM6G3UIVK2776BABUYJKVIBPTUT5/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27516

SRPMS

9/core

• python-jinja2-3.1.6-1.mga9