Skip to content

Commit

Permalink
update jinja2 per CVE-2024-22195
Browse files Browse the repository at this point in the history
(cherry picked from commit f190828)

# Conflicts:
#	doc/requirements.in
#	doc/requirements.txt
  • Loading branch information
geekosaur authored and mergify[bot] committed Jan 18, 2024
1 parent c805ff1 commit 5b2f3f7
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
9 changes: 9 additions & 0 deletions doc/requirements.in
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,14 @@ sphinx-jsonschema
sphinxnotes-strike
# Pygments>=2.7.4 suggested by CVE-2021-20270 CVE-2021-27291
Pygments >= 2.7.4
<<<<<<< HEAD
# Suggested by dependabot in https://github.com/haskell/cabal/pull/8807
certifi >= 2022.12.7
=======
# CVE-2023-37920
certifi >= 2023.07.22
# CVE-2023-45803
urllib3 >= 2.0.7
# CVE-2024-22195
jinja2 == 3.1.3
>>>>>>> f1908283c (update jinja2 per CVE-2024-22195)
8 changes: 8 additions & 0 deletions doc/requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,17 @@ idna==2.10
# via requests
imagesize==1.4.1
# via sphinx
<<<<<<< HEAD
jinja2==3.1.2
# via sphinx
jsonpointer==2.1
=======
jinja2==3.1.3
# via
# -r requirements.in
# sphinx
jsonpointer==2.3
>>>>>>> f1908283c (update jinja2 per CVE-2024-22195)
# via sphinx-jsonschema
markupsafe==2.1.2
# via jinja2
Expand Down

0 comments on commit 5b2f3f7

Please sign in to comment.