-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4126-2 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro April 30, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : jinja2 Version : 2.11.3-1+deb11u4 CVE ID : CVE-2025-27516 Debian Bug : #1103045 The fix for CVE-2025-27516 announced in DLA-4126 does not supporting Python 2. Now, the support of Python 2 was re-instated. For Debian 11 bullseye, this problem has been fixed in version 2.11.3-1+deb11u4. We recommend that you upgrade your jinja2 packages. For the detailed security status of jinja2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/jinja2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmgSnHEACgkQ+COicpiD yXytgRAAiagXDeFD7gPrHXv2XH2vgsGSkxPc+RUXuNBXyaAWLOeHDbGsztNVxHqj hv5yyhYq/jLeeoOnY8xiBljMq8geKzNCNBUHsPDkpBP/gYHCjhS5v3YGlfDV3mRQ kn6MsPHejYh0Y0PmurfmkR8bfzpe32SkjV/jNjohiDWtUrTdy12PTPrazG9ziz5y oaWoyQNcPE+l5RYLovfDfX9G9hi4KyXPi4Q8pMOjV8tgUNhknboQR+fs273KJbRg z643caQaGHUeYTEY3oKq0BtK66z6zpoHpuQ2s9wyJ3CQLmYMCeXUvNpsUMx+1rvH CV5irtByWCUUYGLCCtmRbRvGmkYYDK27HCsdB9Savd8JDTJAFeHy2BIDhpat+MLT bk0I5o2qpYO1wEUuhNWxRc2hm7Pz/qd81R20o9PgZkT34TbAfOA2mCBxGW/cNAta OkO9eB8oKnWo5JrKw49gwtESo8s6XA+edCJWIMyLa9h6+7pVWRzcDp2Ss8PkwSr4 06oDJipWruRkETuemKr3TdJNbVVAZYYpokRZh26XXdjdYwc/lpAGWtjIMbMLrEXz jGBnHjIA4dsuZcgg7oXGZd3Rubj2PwSEdQf05R9SOp4GOqygCLUf2FS3gXvSjAX7 I6t6Xz9s1H4/7tQzoDZRbVSbJvR8cmqaH1QVgqP0L7rzMIb016Q= =ijlT -----END PGP SIGNATURE-----
