Discussion:
Bug#1099074: bookworm-pu: package jinja2/3.1.2-1+deb12u2
Add Reply
Lee Garrett
2025-02-27 22:10:02 UTC
Reply
Permalink
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: ***@packages.debian.org, ***@rocketjump.eu
Control: affects -1 + src:jinja2
User: ***@packages.debian.org
Usertags: pu


[ Reason ]
Fix CVE-2024-56201
Fix CVE-2024-56326


[ Impact ]
Two security vulnerabilities will stay unfixed.

[ Tests ]
The patches are taken from upstream, and include test coverage. Both patches
applied with minimal changes.

[ Risks ]
Low, are nearly direct patches from upstream.

[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable

[ Changes ]
Fix CVE-2024-56201
Fix CVE-2024-56326

[ Other info ]
%
Debian Bug Tracking System
2025-02-27 22:10:02 UTC
Reply
Permalink
Post by Lee Garrett
affects -1 + src:jinja2
Bug #1099074 [release.debian.org] bookworm-pu: package jinja2/3.1.2-1+deb12u2
Added indication that 1099074 affects src:jinja2
--
1099074: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099074
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Adam D Barratt
2025-03-01 11:20:01 UTC
Reply
Permalink
package release.debian.org
tags 1099074 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==============

Package: jinja2
Version: 3.1.2-1+deb12u2

Explanation: fix arbitrary code execution issues [CVE-2024-56201 CVE-2024-56326]
Debian Bug Tracking System
2025-03-01 11:20:01 UTC
Reply
Permalink
Post by Adam D Barratt
package release.debian.org
Limiting to bugs with field 'package' containing at least one of 'release.debian.org'
Limit currently set to 'package':'release.debian.org'
Post by Adam D Barratt
tags 1099074 = bookworm pending
Bug #1099074 [release.debian.org] bookworm-pu: package jinja2/3.1.2-1+deb12u2
Added tag(s) pending.
Post by Adam D Barratt
thanks
Stopping processing here.

Please contact me if you need assistance.
--
1099074: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099074
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Loading...